Beltug

Preparing your roadmap for GDPR: Beltug tools


The GDPR comes into effect on 25 May 2018. As our members continue their preparations, we have worked to provide specific tools and targeted events to support them in the IT implementation. Below, you can find tools relating to your relationship with your IT vendor, templates to use internally in your company, and presentations with insight from our events.

 

IT vendor-related tools

 

NEW GDPR payroll consultant questionnaire (NL / FR)

Payroll consultants/social secretariats have access to personal data on your staff. Beltug has developed a questionnaire that you can present to your payroll consultant to verify their own compliance with the GDPR, and to ensure they will process your data in full compliance with the regulation.

 

GDPR Vendor Assessment questionnaire, in cooperation with DPOffice (details + questionnaire)

Many things are at stake when preparing and maintaining your compliance with the GDPR. Beltug has created a list of core questions for you to ask your cloud providers. The list has been discussed with a select number of ICT/cloud suppliers, to gain their perspective and options for the best approach. We believe that this questionnaire will make a significant difference for companies on their way to GDPR compliance.

 

Template Data Protection Clause, in cooperation with Allen & Overy (after login)

Beltug and Allen & Overy have created a template that Beltug members can use for the data protection clause of their IT services contracts. You can use this template as a starting point, and then customise it to take into account the specific processing, as well as the roles of the Customer and Supplier. While it has been developed for contracts between two companies in the EU, you can adapt it with additional safeguards if this isn't the case.

 

 

Internal GDPR tools

 

NEW Personal Data Breach Management Policy (after login)

What would you do in the event of a personal data breach? Make sure you have a comprehensive Personal Data Breach Management Policy already set up, to provide inspiration and guidelines for anyone in your company who processes data. This Beltug tool provides a generic approach that you can tailor for your own breach management policy.

 

NEW Privacy / Personal Data Protection Management Guidelines (after login)

Your compliance requirements do not end when the GDPR comes into effect: they are just beginning! You need to be prepared to take the necessary actions to maintain your compliance. Beltug’s Privacy / Personal Data Protection Management Guidelines give you a generic blueprint that you can tailor to set up your own privacy management approach and plans.

 

Template consent notice, in cooperation with Allen & Overy (after login)

The GDPR lays out consent requirements for the use of personal data. Beltug and Allen & Overy have created a template for requesting consent from customers, staff and other individuals, which communicates how personal data will be used, processed, etc. Beltug members can use this template as a starting point, and then customise it to their specific situation.

 

Updated Presentation for your Board, in cooperation with DPOffice (after login)

Beltug members can use this presentation to inform their Board about the European Data Protection Regulation. Please feel free to use the slides and content as you wish, in your own templates and formats, etc. You may add or delete information according to your needs.

 

Data inventory, in cooperation with Cranium (after login)

Template (Excel) Register of Processing Activity: Data inventory first, compliance next! The road towards the GDPR starts with an inventory of the personal data you process.  Indeed, data inventorying is an essential step in your preparation: your organisation needs an inventory of all the types of information it processes, how that data will be protected, where the sensitive data sits. This tool helps you getting started building your register, as required by Article 30 of the GDPR.

 

 

Beltug Privacy Council

 

Details and mission (no login necessary)

This special interest group for experts/practitioners in matters of privacy covers data protection in the business domain, including (but not limited to) the GDPR. Are you a match - and willing to commit? Contact Danielle to submit your candidature.

 

Takeaways and presentations on GDPR from our events (after login)

 

You can also check our Library page for more presentations from other events and activities.

 

Dear visitor,

Access to more information about this topic and/or to download the paper is easy and fast, but exclusively for Beltug members (just login to get access).

Beltug gathers a lot of information. Here you find the advantages of Beltug membership

The Beltug Team

Click here to login