Announcements
Voting is now open!
Members, make your selections in the annual (ISC)² Board of Directors election. Vote Now! Voting is open until Sept. 22.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
leroux
Community Champion

ENISA report: Concepts and recommendations on European Data Protection Certification mechanisms

Yesterday, November 27th, ENISA published a report destined to familiarise data protection experts with the terminology of certification and to clarify concepts which are relevant to  GDPR certification. The report identifies and analyses challenges and opportunities faced by data protection certification mechanisms, including seals and marks.

As of 25 May 2018, GDPR will be the main data protection legal framework in the EU and will be directly applicable to all EU Member States. GDPR will introduce provisions on certification to enhance the transparency of data controllers’ processing operations and the processors. The legislature also envisages a role of certification in assisting controllers and processors to demonstrate compliance with the regulation.

 

Download the report at: Recommendations on European Data Protection Certification

 

1 Reply
TimG
Newcomer III

Re: ENISA report: Concepts and recommendations on European Data Protection Certification mechanisms

Thanks for that - it's going to be well worth a read. Those of us in otherwise unregulated industries may not be accustomed to organisational certification in the context of personal data. While the GDPR is rightly getting plenty of attention I imagine that most of us are focused on compliance and attestation. Satisfying a third party that we are in a good place may be another matter entirely. National regulators can I think expect to be lobbied by businesses on this topic!