Luxembourg delivers first GDPR accreditation
The national commission for data protection has become the first data protection authority in Europe to accredit a GDPR certification body.
On 12 October, Luxembourg’s national commission for data protection accredited the entity EY PFS Solutions via its certification mechanism, GDPR-CARPA (General Data Protection Regulation-Certified Assurance Report-Based Processing Activities). The mechanism is the first to be adopted on a national and international level under the GDPR. Accreditation criteria are based on audits and quality control.
Thanks to the accreditation, EY PFS Solutions can now issue GDPR certifications for five years.
Why is GDPR important?
GDPR is a privacy and security law that regulates how organizations target or collect data related to people in the EU. It outlines how organizations must protect and handle data in a secure manner, and details new privacy rights to give people more control over the data they loan to organizations.
With a GDPR certification, companies, public authorities, associations and other organizations can show that their data processing activities comply with the GDPR.
Implementing the certification mechanism can promote transparency and compliance. It also allows businesses and individuals to better evaluate the level of protection offered by products, services, processes or systems used or offered by the organizations that process their personal data. These entities therefore benefit from an independent certificate to demonstrate that their data processing operations comply with EU regulations.
Source: delano.lu
Póngase en contacto con nosotros
Esperamos que le resulte útil. Si necesita un representante de la UE, tiene alguna pregunta sobre el GDPR o ha recibido una solicitud de SAR o del regulador y necesita ayuda, póngase en contacto con nosotros en cualquier momento. Estaremos encantados de ayudarle...
Equipo local de GDPR.
Recent blogs
Navigating the Contradictions: Automated Decision-Making and Regulatory Legislation in AI Systems
The Dilemma of Automated Decision-Making At the heart of AI systems lies the promise of aut
How to Implement the New AI Law in Your Company
The implementation of the AI Act marks a significant stride towards responsible and fair use of art
Article 14 Guide: Meeting Regulatory Requirements for Personal Data Not Directly Obtained from Data Subjects
Imagine a software-as-a-service (SaaS) company looking to grow its clientele by purchasing leads fr