Consultation and implementation of requirements in area of personal data protection.
Depending on customer’s need I answer ad hoc questions and consult issues related to personal data protection or verify and implement in a complex way compliance with data protection regulations both polish and European union.
I prepare and consult an agreement on entrusting of personal data processing both with polish and foreign entities. I also give an opinion to global projects which involve personal data transfer and verify their compliance with polish and European legislation.
Preparation and updates of documentation.
I prepare, verify and update all documents which are mandatory according to personal data protection legislation:
- Personal data security policy,
- the computer system management instruction used for personal data processing,
- Records of people entitled to personal data processing,
- Authorization to personal data processing records,
- Agreements on entrusting of personal data processing,
- Registration requests for personal data files,
- Other documents and forms related to personal data processing (e.g. data privacy confidentiality statement, data processing information clauses, personal data processing consent clauses, questionnaires).
Registration of personal data files.
I prepare registration request to GIODO and conduct registration process for personal data files on customer’s behalf . I advise which of the files containing personal data come under registration obligation. I will also contact with GIODO on behalf of customer.
Preparation to GIODO audit.
Based on the Act on personal data protection GIODO is entitled to conduct audit in entities that are data controllers in the meaning of the Act. The rule is that audits are usually prior announced. Using my advice you have chance to prepare your business to the audit.
Within preparation to GIODO audit I can offer:
- quick audit prior to GIODO audit,
- preparation of key personnel to conversation with GIODO auditors,
- preparation of key documents required during audit,
- ad hoc consultation or participation during the audit,
- advice and consultation during implementation of corrective actions post audit.
Acting as an external Information Security Administrator or support for internally assigned Information Security Administrator.
the Act on personal data protection imposes a large number of obligations on Information Security Administrator, and amongst them.;
- supervision over an observance of data protection legal requirements,
- preparation and updates of an documentation describing personal data processing processes within an organization,
- modification of data security applications in case of any changes organizational or legal,
- supervision over updating the records of people entitled to personal data processing,
- preparation of registration requests for personal data files to GIODO register,
- examination of individuals’ complaints on illegal data processing,
- examination of personal data access request from state’s authorities and financial institutions,
- conducting trainings dedicated to personal data protection.
I can support your employees in fulfilling all the obligations of Information Security Administrator or conduct all activities instead of your employees and on behalf of your company.
Preparation of Privacy statement on website.
Implementation of Information management system in an organization based on ISO 27001.
If you are interested in my offer please contact myself:
Tel.: +48 517 55 11 71