Expertise Privacy

Modern technology provides ever more ways to collect and use personal data.  The more personal data that is being collected, the more important privacy becomes.  ICT Institute is there to help you.

Why privacy

The European privacy legislation GDPR came into force on 25 May 2018, meaning no one can ignore data privacy.  Companies often handle personal data badly, sometimes intentionally, which can be punished with a hefty fine. However, punishing companies is not the GDPR’s main goal. The GDPR helps ensure privacy for individuals, and attempts to simplify data protection legislation for organisations. Since the European Union can not be everywhere at the same time, each Member State is obliged to appoint a national and/or regional supervisor. The vision of the Dutch privacy regulator can be read in our (Dutch) interview with the chairman of the Dutch Data Protection authority, Aleid Wolfsen.

ICT Institute and privacy

Our initiatives
At ICT Institute we help companies understand what the GDPR means to them, what measures they can take, and how they should deal with the legal requirements. Should you have any questions about privacy in your organisation, do not hesitate to contact us via the contact form. We can, for example, create an overview of your current GDPR compliance with our Compliance Scan. We organise a GDPR basics course, and regularly write articles about the GDPR and data protection on our blog. A good place to start is our GDPR in 10 steps article. We have also included privacy as an important aspect in our information security standard Security Verified.

Templates
We strongly support the free availability of good material. The GDPR requires that certain matters are well documented, and that is why we have developed some templates that we provide for free. Currently we have the following templates:

• A template for the Register of processing activities
• A template for Data Protection Impact Assessments (DPIA)
• A template for a Data Processing Agreement
• A template for the healthcare-specific NTA 7516 (NL)
• A template for transferring software between companies (NL)

Sieuwert van Otterloo, and Joost Krapels undertake most of our privacy-related projects. They are both Data Protection Officers (NL), at Lifewords, Relive and Youbahn respectively.

Directly to the right article

Here we have compiled a categorised no-nonsense overview of the articles about both GDPR and general privacy-related subjects/developments.

GDPR

• Practical guide of GDPR
• Terminology of GDPR
• When is a DPIA mandatory? (NL)
• What to put into a privacy statement (NL)
• Example of processing activities (NL)
• Explanation of legitimate basis to process data (NL)
• Reporting data breaches

Blogposts about privacy

• Privacy management in ISO 27701
• How to use standard contractual clauses
• Cookies: the yes, the no, and the maybe
• How to handle privacy issues in IT projects
• Incidents in the media (2021) (NL)

Our Dutch website contains even more information on privacy and data protection.

Image credit  @pawel_czerwinski via unsplash