• Courses
      • Global Series of National Privacy Laws
      • Netherlands Privacy Academy (in Dutch)
      • Caribbean Privacy Academy (in Dutch)
    • Resources
    • Join GADPPRO ACADEMY
      • Join GADPPRO Academy as an Official Partner
      • Become an Official GADPPRO Training Entity
      • Join the GADPPRO Business Academy
      • Secretariat & International Training Centre
      • Contact Us
    •  
      • RegisterLog in
    Privacad GADPPRO Academy
      • Courses
        • Global Series of National Privacy Laws
        • Netherlands Privacy Academy (in Dutch)
        • Caribbean Privacy Academy (in Dutch)
      • Resources
      • Join GADPPRO ACADEMY
        • Join GADPPRO Academy as an Official Partner
        • Become an Official GADPPRO Training Entity
        • Join the GADPPRO Business Academy
        • Secretariat & International Training Centre
        • Contact Us
      •  
        • RegisterLog in

      Blog

      Certification and identifying certification criteria in accordance with Articles 42 and 43 of the GDPR

      • Categories Blog, Business, Design / Branding, Free Data Protection Resources, Uncategorized
      • Date November 6, 2020

      Guidelines 01/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the GDPR

      SECTION 5  THE DEVELOPMENT OF CERTIFICATION CRITERIA

      46. The GDPR established the framework for the development of certification criteria. Whereas fundamental requirements concerning the procedure of certification are addressed in Articles 42 and 43 while also providing essential criteria for certification procedures, the basis for certification criteria must be derived from the GDPR principles and rules and help to provide assurance that they are fulfilled.

      47. The development of certification criteria should focus on verifiability, significance, and suitability of certification criteria to demonstrate compliance with the Regulation. The certification criteria should be formulated in such a way that they are clear and comprehensible and that they allow practical application.

      48. When drafting certification criteria the following compliance aspects in support of the assessment of the processing operation, inter alia, shall be taken into account, where applicable:

      • the lawfulness of processing pursuant to Article 6;

      • the principles of data processing pursuant to Article 5;

      • the data subjects’ rights pursuant to Articles 12-23;

      • the obligation to notify data breaches pursuant to Article 33;

      • the obligation of data protection by design and by default, pursuant to Article 25;

      • whether a data protection impact assessment, pursuant to Article 35(7)(d) has been conducted, if applicable; and

      • the technical and organisational measures put in place pursuant to Article 32.

      49. The extent to which these considerations are reflected in the criteria may vary depending on the scope of certification which may include the type of processing operation(s) and the area (e.g. health sector) of certification.

      • Share:
      author avatar
      Richard V

      Previous post

      Certification and identifying certification criteria in accordance with Articles 42 and 43 of the GDPR
      November 6, 2020

      Next post

      Certification and identifying certification criteria in accordance with Articles 42 and 43 of the GDPR
      November 6, 2020

      You may also like

      Children Safety Encryption www.privacad.com
      Apple’s New Step to Protect Child Abuse via Encryption Feature
      20 August, 2021
      DNA Technology and Privacy www.privacad.com
      DNA Technology Regulation Bill and Violation of Privacy for Minority Groups
      19 August, 2021
      www.privacad.com
      India accuses Twitter of not complying with new IT rules
      18 August, 2021

      Search

      Categories

      • Blog
      • Business
      • Design / Branding
      • Free Data Protection Resources
      • Nederlandse Privacy Academie
      • Uncategorized
      Facebook-f Linkedin-in

      © Privacad 2020

      For all your questions about courses

      students@privacad.com

      For all your questions about Privacad for business

      info@privacad.com

      Links

      • Courses
      • Become a GADPPRO Academy Official Training Entity
      • Resources
      • Free Data Protection Resources
      • Blog
      • Profile
      • Students Stewards Network (SSN)

      Support

      • Privacy Policy
      • Terms of Use
      • FAQs
      • Contact

      © GADPPRO Academy | Privacad 2022

      GADPPRO Academy 2022

      Login with your site account

      Lost your password?

      Not a member yet? Register now

      Register a new account

      Are you a member? Login now