Responsibility of the controller – Data protection by design and by defaultAlan2017-09-22T11:14:23+00:00
Do we have processes, in place, to ensure that: Article 24,25
We can show that we have moved our processes in line with IT’s evolution
We can show we have dynamic processes in place to track the state-of-the-art and modify our processing accordingly
We can show that we implement data-protection principles, such as data minimisation, in an effective manner
We can show how we integrate the necessary safeguards into the processing in order to meet the requirements of the GDPR
We can demonstrate an appropriate set of policies
[ok for now but need to revisit – also need to consider duplication with next sub-box?]