By Lionel GENDARME, Partner, Grant Thornton Luxembourg Shariq ARIF, Manager, Grant Thornton Luxembourg
The General Data Protection Regulation 2016/679 (GDPR) represents a change in culture that imposes transparency on personal data processed. This must be achieved through a variety of tools including privacy policies, amended contracts, database cleansing, training, security measures and controls. Data Controllers and Data Processors have to undertake all this in the spirit of achieving Accountability. Accountability is when a person or an organisation is held responsible for the performance of a specific action or function. For organisations within the realm of the GDPR, it means proving that they have taken on board the principles outlined in article 5...
|