Luxembourg delivers first GDPR accreditation
The national commission for data protection has become the first data protection authority in Europe to accredit a GDPR certification body.
On 12 October, Luxembourg’s national commission for data protection accredited the entity EY PFS Solutions via its certification mechanism, GDPR-CARPA (General Data Protection Regulation-Certified Assurance Report-Based Processing Activities). The mechanism is the first to be adopted on a national and international level under the GDPR. Accreditation criteria are based on audits and quality control.
Thanks to the accreditation, EY PFS Solutions can now issue GDPR certifications for five years.
Why is GDPR important?
GDPR is a privacy and security law that regulates how organizations target or collect data related to people in the EU. It outlines how organizations must protect and handle data in a secure manner, and details new privacy rights to give people more control over the data they loan to organizations.
With a GDPR certification, companies, public authorities, associations and other organizations can show that their data processing activities comply with the GDPR.
Implementing the certification mechanism can promote transparency and compliance. It also allows businesses and individuals to better evaluate the level of protection offered by products, services, processes or systems used or offered by the organizations that process their personal data. These entities therefore benefit from an independent certificate to demonstrate that their data processing operations comply with EU regulations.
Source: delano.lu
Contatto
Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.
Recent blogs
Navigating the Contradictions: Automated Decision-Making and Regulatory Legislation in AI Systems
The Dilemma of Automated Decision-Making At the heart of AI systems lies the promise of aut
How to Implement the New AI Law in Your Company
The implementation of the AI Act marks a significant stride towards responsible and fair use of art
Article 14 Guide: Meeting Regulatory Requirements for Personal Data Not Directly Obtained from Data Subjects
Imagine a software-as-a-service (SaaS) company looking to grow its clientele by purchasing leads fr