General Data Protection Regulation
AVG Consultancy – Data Privacy and Data Protection – GDPR
Many organizations, companies and associations struggle with privacy legislation and what this means for them now. One of the pillars of Triple-B Consultancy has been specialized in this area and can support organizations, companies and associations with support of the certified AVG consultants from Triple-B Consultancy. Supporting in a tailor-made, professional and cost-effective manner.
In 2015, the European Commission, the European Council and the European Parliament agreed on the introduction of the General Data Protection Regulation (GDPR). This new European Regulation replaced our Dutch Privacy Act Wbp (Personal Data Protection Act) in mid-2018 and became the AVG (Algemene Verordening Gegevensbescherming) from that moment on. This is a major revision of the existing European Data Protection Directive from 1995. The introduction of the AVG has major consequences for organizations, companies and associations in the field of privacy and data protection.
Some rules were already in force earlier (e.g. the Dutch Data Protection Authority) added an article to the Wbp that dealt with data breaches), others became effective from 25 May 2018 and some will only come into effect in the coming years. The AVG is not a static law, the expectation is that new parts will be added, or existing ones will be amended, partly as a result of jurisprudence or changed insights. However, the AVG entered into force for all EU natural persons and for almost all organizations that process personal data of EU natural persons, on 25 May 2018. Although this start-up period seemed broad, it was often just enough time for companies to implement all the requirements of the GDPR. It was not successful, and they are still in full swing. With high fines, an increased threat of data breaches and hacks, the possibility of legal prosecution, the risk of reputation damage, and risk of harm, it is not surprising that privacy is high on the agenda at all levels of a company or organization.
In addition to limiting risks, the approach to data privacy can also be used to differentiate itself or as a catalyst to get the information management in order. Particularly due to the abundance of information on this subject, it is often difficult for companies to estimate where and how to start with privacy and data protection.
Approaching privacy only from a legal angle is insufficient. The essence lay in personal data and information. Information and data management are therefore crucial if you want to tackle compliance in a structured and effective way. In practice, we see that privacy and data protection require a multidisciplinary team to handle the challenges. Legal matters, information and data management, HRM, process managers and process owners, Enterprise and solution architects and compliance managers should play a role in this. The AVG Consultancy pillar of Triple-B Consultancy can, with its certified employees, take on the connecting role for your company or organization.
For smaller companies, a multidisciplinary approach is often not feasible, just looking of the costs involved. Triple-B Consultancy supports you to comply with legislation and at the same time keep costs under control (e.g. the Privacy light package). Triple-B Consultancy has all the knowledge and areas of expertise to offer a total solution to both small and large companies which process personal data.
AVG Consultancy projects are carried out within Triple-B Consultancy according to a standardized method Next to the support within projects it is possible to purchase modular packages.
Click here for the full legal text: General Regulation (EU) data protection, AVG of the European Parliament.