The GDPR was big news last year, with organisations across the EU battling to get their systems in order before the deadline of May 25.
The General Data Protection Regulation is the biggest change to data protection laws in more than two decades, affecting everyone living in the EU. It aims to give people more control over how their personal data is handled.
CertiKit’s GDPR Toolkit has proved to be our best-seller, with sales to 79 countries and principalities, including all 28 in the EU (29 including Gibraltar) and 50 outside.
From international powerhouses such as the US and Germany to tiny island states such as the Caymans and Curaçao, our GDPR Toolkit is proving popular.
Now we have launched our fifth version, which includes some important updates, such as new documents, slides and posters.
This is the first update since the GDPR came law, and some of the updates have been made in response to customer feedback.
Here are the updates in V5:
The addition of a CCTV policy was the result of customer feedback. The policy sets out what organisations can and can’t do with closed circuit TV systems.
In collecting and using video (and possibly audio) data, organisations are subject to a variety of legislation, including the GDPR, which control how such activities may be carried out and the safeguards that must be put in place to protect the recorded information.
The policy sets out the rules which must be followed when installing and dealing with CCTV so that responsibilities are met and the usefulness of the recorded data is maximised.
This form is a starting point for an agreement between a processor and a sub-processor to cover the requirements of the GDPR.
It covers the obligations and rights of the processor, and the obligations of the sub-processor as well as covering duration and applicable law.
This completed form gives the example of the impact on employees of a human resources system which is to be replaced.
The new system will record additional information about employees, including biometric data such as fingerprints. It will also cover areas such as sickness, which the previous system did not cover, and so will hold health-related data.
The form records all this information, along with dates and the details of those responsible for the assessment.
Next, we have included two posters. The first (green) poster is aimed at your data subjects and the second (blue) at your employees. So if we take the example of a dentist’s surgery, you might want to pin the first poster in the waiting area and the second in the staff room.
Both posters include editable form fields in which to add your own short message – possibly one with an email address or telephone number.
Finally, two slides have been added to this Powerpoint presentation. These address the relevant laws outside the EU and the UK.
The first looks at the law in the USA, referring to ten pieces of legislation such as the Homeland Security Act, the Patriot Act and the Gramm-Leach-Bliley Act.
The second lists the relevant laws in India, Malaysia, Thailand, Singapore, Canada, Australia, New Zealand and South Africa.
We always strive to listen to the feedback from our customers, and to take their suggestions on board when making updates to any of our toolkits. If you have any suggestions to make, please get in touch. You can also leave a review here.
To buy the updated CertiKit GDPR ToolKit, click here.