What is the compliance approach?

It is efficient to include compliance with the TTP policy covering legal accountability for protecting data into the existing accountability cycle. By aligning the timelines for the accounts, synergy is created in compliance activities and efforts and costs can be reduced. Efficiency is increased with an integrated compliance approach to all these obligations.

The correct accountability every year

In order to be able to account for the entire year at the end of a year, sufficient compliance activities must be carried out during the year. Interim results of reporting may give rise to adjustments.

Based on a calendar year as the accounting period, the following is prepared in the first quarter of the new year for the previous year:

• the self-declaration of the management; and
• the confirmation of the self-declaration by the data protection officer (DPO).

The self-declaration consists of a statement by the management about the maturity level achieved and the ambition for the coming year. This statement will be confirmed by the Company’s DPO or a designated DPO.

Accounting for personal data

A company faces liability and cost risks if it is unable to meet its accountability obligations. This not only concerns fines or claims from the regulator, but also from those whose personal data is processed. In addition, there is a risk of reputational damage if data breaches occur that have not been discovered or have been handled incorrectly. In order to be able to account for itself, it is necessary that the company has effectively organized the protection of personal data.

The MYOBI Trust Network offers companies a practical accountability mechanism. Central to this is the organization of compliance by the company with legal and contractual obligations, in particular the TTP policy and therefore also with the TTP Code of Conduct GDPR. Every year, the management expresses itself in a self-declaration about compliance with this code of conduct, expressed in a maturity level. The maturity level is published on the MYOBI website.

The accountability mechanism is explained on the knowledge base. We ensure the internal control of the accountability mechanism on behalf of MYOBI.

The importance for partners to account for compliance with the requirements of the GDPR and TSA is clear; Organizing compliance requires the necessary attention from company management, management and employees. A good conversation can be enough to allay uncertainty.

Accountability for trade secrets

An important condition to be able to claim a breach of a trade secret is that the secret must be properly secured. A secret that is not properly protected may be labeled as “non-secret” by a judge because the company has not taken the necessary effective measures to keep it secret.

Organizing the protection of trade secrets is conditional in order to effectively protect trade secrets and – in the event of infringement – to obtain justice under the TSA. This means that a company must determine what its trade secrets are and what measures must be taken to protect the secret. It must then be arranged that it can be demonstrated that the measures have worked effectively.

An important measure is the conclusion of a confidentiality agreement with partners who need access to trade secrets for the execution of, for example, an (outsourcing) assignment. These partners must regularly account for compliance with the agreements made in this agreement. Such justifications are part of the company’s own responsibility.

It often happens that partners agree to hold themselves accountable for the confidential use of each other’s trade secrets.