Duthler Associates has contributed with its experience to the Privacy Control Framework (PCF) drawn up by NOREA. The PCF was developed by a working group within NOREA.
You get a grip on accountability by mapping out the rules that you have to comply with in order to mirror the company strategy and company policy to legislation and regulations. These laws and regulations provide the preconditions that you must meet. This is especially true for business. The public sector finds the basis for its performance in sectoral task-setting legislation.
As general legislation, the European General Data Protection Regulation (GDPR) offers an excellent framework that you must comply with in order to ultimately protect the personal data of data subjects such as residents, (healthcare) clients, B2C clients, so that these data subjects do not act in their own right. privacy and to exercise control over the processing of their personal data.
How do we apply the PCF?
The PCF offers the frameworks, based on the GDPR, that drivers must comply with. By following these frameworks, the director ensures that he or she is demonstrably following the rules from the GDPR. The PCF is therefore suitable for following:
- Policy and accountability: preparing the data protection policy, the primary responsibility of the director.
- Carrying out DPIAs: a DPIA exposes the privacy risks of new (projects and initiatives) or existing processing of personal data and contributes to avoiding or reducing these privacy risks (reducing non-compliance).
- Control frameworks: the provision of control frameworks that the Internal and/or External Auditor uses to determine that his audit client is properly following laws and regulations.
- Sectoral legislation: additional provisions from task-setting sectoral legislation can be added to the PCF frameworks to also establish compliance with those laws, where relevant.
Do you have any questions or do you need an appointment? Feel free to contact us on +31 0 (70) 392 22 09 or email@example.com.