Digital economy, at the heart of the growth and competitiveness of businesses, relies in large part on the trust of customers and citizens. This trust can only be granted or maintained if companies and administrations behave in a fair and transparent manner in the processing of personal data. The General Data Protection Regulation (GDPR) provides a framework for establishing this trust.
This book presents a method, tools and examples, addressed to the people in charge of the implementation of the regulation, whether they are DPO, administrative and financial manager, human resources manager, IT manager, project manager, etc. This new edition reports on changes in the law in force, presents technical and organizational changes and allows authors to share their feedback from organizations.
The reader begins by apprehending the regulation with an approach allowing to understand the structuring elements then discovers how to set up an operational system of management of the personal data which allows the companies to respect the requirements of the RGPD and to be able to it. to prove.
The authors then present the security measures for personal data, detailing in particular the technical and organizational measures that a data controller must implement. The contractual relations of the data controller with any subcontractors are also studied. A chapter on data transmission presents the indications of the GDPR on regulations relating to data transfers to third countries or to international organizations.
Finally, the control of the CNIL as well as the penalties applicable in the event of violation of the GDPR are the subject of dedicated chapters.
After reading this book, the reader will be able to understand that the GDPR should not be perceived as a constraint but as a support vector for the digital transition of the company.