GDPR process descriptions for consumer rights

GDPR process descriptions for consumer rights

THE REQUEST

Upon the introduction of new GDPR legislation on 25 May 2018, consumers will enjoy new rights with respect to the use of their personal data. In response to requests made by consumers to exercise these rights, the relevant processes have to be set up and documented.

OUR APPROACH

I started by making an inventory of consumers’ rights and possible requests they might have. A great deal of information can be found about this online, but the privacy statement and privacy policy of consumers play key roles. Based on my inventory, and in collaboration with the client, I identified the processes and systems that are currently involved. Wherever necessary, system adjustments were defined and discussed with software providers, business partners and internal scrum teams. For the complete coordination of all the requests, we decided to set up a dedicated coordination desk, the arrangement of which was particularly important because it had to correctly process all these requests. The processes that were currently in place were not efficient enough to carry out the requests. For this reason I defined a new process for every type of request, seen from the perspective of the new coordination desk. Wherever possible, existing processes were included as sub-processes.

Given that the employees and the management had many questions about the new legislation, it was important to ensure they didn’t stall in their efforts to comply with it. Wherever this seemed likely to happen, I ensured that at least a basic framework was in place, thanks to the use of examples and proposals. Details could then be filled in more easily at a later stage.

THE RESULT

As was previously agreed, by the end of the assignment we delivered all new process descriptions, which were then documented in the client’s business processes modelling tool. Thanks to these documented process descriptions, the client is now in a position to deal with incoming requests about privacy. The coordination desk has been set up and is ready to process incoming requests as soon as they start arriving. The client, meanwhile, can comply fully with this part of the GDPR.

 

WHAT OPPORTUNITIES DO YOU SEE? 

We'd like to hear from you.
Call us on 020 - 226 01 10 or send an e-mail to info@itds.nl.

 

WHAT CLIENTS SAY

 

Estratégia internacional de TI e mudança organizacional

“É preciso pôr as pessoas do nosso lado porque nem todos gostam de mudança" 

Em pouco mais de 40 anos, a Brunel evoluiu de uma empresa de corretagem baseada em Delft para uma prestadora de serviços internacional que emprega mais de 11.000 pessoas em 37 países. Em muitos destes países, a Brunel utilizou sistemas de TI locais, cada um com as suas próprias definições. Para que tudo se torna-se sustentável no futuro, todos estes sistemas tiveram de ser substituídos por um único sistema baseado no mesmo padrão.

Estratégia Social e Implementação para a OHRA

“Assim que estivéssemos satisfeitos, eles elevariam a fasquia”

No espaço de apenas alguns anos, o papel das Redes Sociais na OHRA cresceu de um "pequeno extra simpático" para um canal de negócios de pleno direito.

Iris Wezenberg - a anterior Gestora das Redes Sociais e agora Gestora de Serviços Online nesta seguradora holandesa - explica como tudo isto surgiu.

Configuração e implementação de uma política de Customer Due Diligence

“Realizar um bom começo foi metade da batalha”

O desafio enfrentado pelo KAS BANK era implementar uma política de Customer Due Diligence (diligência sobre o cliente) e racionalizar os arquivos do cliente num período limitado de tempo.

Em colaboração com a ITDS, o gestor de projeto Marc Brouwer aceitou o desafio.


casos de estudo relacionados

 Mostrar todos casos de estudo

SERVIÇOS RELACIONADOS

 Mostrar todos os serviços

Implementation

web-monitoring-ok