• Courses
      • Global Series of National Privacy Laws
      • Netherlands Privacy Academy (in Dutch)
      • Caribbean Privacy Academy (in Dutch)
    • Resources
    • Join GADPPRO ACADEMY
      • Join GADPPRO Academy as an Official Partner
      • Become an Official GADPPRO Training Entity
      • Join the GADPPRO Business Academy
      • Secretariat & International Training Centre
      • Contact Us
    •  
      • RegisterLog in
    Privacad GADPPRO Academy
      • Courses
        • Global Series of National Privacy Laws
        • Netherlands Privacy Academy (in Dutch)
        • Caribbean Privacy Academy (in Dutch)
      • Resources
      • Join GADPPRO ACADEMY
        • Join GADPPRO Academy as an Official Partner
        • Become an Official GADPPRO Training Entity
        • Join the GADPPRO Business Academy
        • Secretariat & International Training Centre
        • Contact Us
      •  
        • RegisterLog in

      Blog

      Accreditation of certification bodies under Article 43 GDPR

      • Categories Blog, Business, Design / Branding, Free Data Protection Resources, Uncategorized
      • Date October 18, 2020

      Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of GDPR

      Section 1
      Introduction
      Section 2
      Scope of the guidelines
      Section 3
      Interpretation of ‘accreditation’ for the purposes Article 43 of the GDPR
      Section 4
      Accreditation in accordance with Article 43 (1) GDPR
      Section 4.1
      Role for Member States
      Section 4.2
      Interaction with Regulation EC (765/2008)
      Section 4.3
      The role of the national accreditation body
      Section 4.4
      The role of the supervisory authority
      Section 4.5
      Supervisory authority acting as certfication body
      Section 4.6
      Accreditation requirements
      Section Annex 1
      Annex 1
      Section 0 Annex 1
      Prefix
      Section 1 Annex 1
      Scope
      Section 2 Annex 1
      Normative Reference
      Section 3 Annex 1
      Terms and Definitions
      Section 4 Annex 1
      General Requirements for Accreditation
      Section 4.1 Annex 1
      Legal and contractual matters
      Paragraph 4.1.1 Annex 1
      Legal responsibility
      Paragraph 4.1.2 Annex 1
      Certification agreement (“CA”)
      Paragraph 4.1.3 Annex 1
      Use of data protection seals and marks
      Section 4.2 Annex 1
      Management of impartiality
      Section 4.3 Annex 1
      Liability and financing
      Section 4.4 Annex 1
      Non-discriminatory conditions
      Section 4.5 Annex 1
      Confidentiality
      Section 4.6 Annex 1
      Publicly available information
      Section 5 Annex 1
      Structural Requirements, Article. 43(4) (“Proper” Assessment)
      Section 5.1 Annex 1
      Organisational structure and top management
      Section 5.2 Annex 1
      Mechanisms for safeguarding impartiality
      Section 6 Annex 1
      Resource Requirements
      Section 6.1 Annex 1
      Certification body personnel
      Section 6.2 Annex 1
      Resources for evaluation
      Section 7 Annex 1
      Process Requirements, Article 43(2)(C),(D)
      Section 7.1 Annex 1
      General
      Section 7.2 Annex 1
      Application
      Section 7.3 Annex 1
      Application review
      Section 7.4 Annex 1
      Evaluation
      Section 7.5 Annex 1
      Review
      Section 7.6 Annex 1
      Certification decision
      Section 7.7 Annex 1
      Certification documentation
      Section 7.8 Annex 1
      Directory of certified products
      Section 7.9 Annex 1
      Surveillance
      Section 7.10 Annex 1
      Changes affecting certification
      Section 7.11 Annex 1
      Termination, reduction, suspension or withdrawal of certification
      Section 7.12 Annex 1
      Records
      Section 7.13 Annex 1
      Complaints and appeals, article 43 (2)(d)
      Section 8 Annex 1
      Management System Requirements
      Section 8.1 Annex 1
      General management system requirements
      Section 8.2 Annex 1
      Management system documentation
      Section 8.3 Annex 1
      Controle of documents
      Section 8.4 Annex 1
      Controle of records
      Section 8.5 Annex 1
      Management Review
      Section 8.6 Annex 1
      Internal audits
      Section 8.7 Annex 1
      Corrective actions
      Section 8.8 Annex 1
      Preventive actions
      Section 9 Annex 1
      Further Additional Requirments
      Section 9.1 Annex 1
      Updating of evaluation methods
      Section 9.2 Annex 1
      Maintaining expertise
      Section 9.3 Annex 1
      Responsibilities and competencies
      Paragraph 9.3.1 Annex 1
      Communication between CB and its customers
      Paragraph 9.3.2 Annex 1
      Documentation of evaluation activities
      Paragraph 9.3.3 Annex 1
      Management of complaint handling
      Paragraph 9.3.4 Annex 1
      Management of withdrawal
      • Share:
      author avatar
      Privacy Professor

      Professor mr drs Romeo F. Kadir MA MSc LLM LLM (Adv) EMBA EMoC

      At present Romeo Kadir serves as the President of the Global Association of Data Protection Professionals Europe (GADPPRO). GADPPRO is a thought leader self-regulatory association of data protection professionals based in the European Union, active around the globe and the first European Association of data protection professionals open for members outside the EU. Please visit www.gadppro.org for more information.

      First appointed Data Protection Officer (DPO) ever in the Netherlands (European Union) at a semi-public entity. Seasoned European Privacy and Data Protection Expert (22+ years of practical experience in EU Privacy and Data Protection Law, Business Management, Compliance and Ethics).

      Studied European and International Law, Political Sciences and Business Administration. Romeo Kadir is EIPACC EADPP Professor European Privacy & Data Protection Law at Universitas Padjadjaran UNpad (Indonesia) and Honorary Visiting Research Fellow with O.P. Jindal Global University (New Delhi), Senior Associate Fellow with Vidhi Centre for Legal Policy (New Delhi), Lecturer Science Honours Academy and Lecturer at the International Molengraaff Institute, Utrecht University (UU, Netherlands). In 2010 he was founder of the first European Data Protection Academy focusing on privacy-only executive education.

      Present Occupations in European Data Protection Law

      Member of the International Bar Association (IBA)
      Member of the International Board of Experts with EuroPrivacy Certification Scheme (Geneva and Luxembourg)
      Member of the International Strategic Board with EuroPrivacy Certification Scheme (Geneva and Luxembourg)
      Member of the Swiss-Chinese Law Association (SCLA)

      Former Occupations in European Data Protection Law

      President European Institute for Privacy, Audit, Compliance & Certification (EIPACC)
      Co-Founder/Vice-President European Association for Data Protection Professionals (EADPP)
      Chair EADPP Certification Committee Data Protection Professionals,
      Chair EADPP Academic Board
      Chair EADPP Expert Committee on Cybersecurity
      Chair EADPP Expert Committee on Artificial Intelligence (AI)
      President Supervisory Board of the Dutch Privacy Complaints Office (NPKI)
      Rapporteur to UN Monitoring Commission Human Rights on behalf of the Dutch Privacy Foundation (SPN)

      Publications

      'Handbook DPO - A Practical Guide', Privacy Publishing Group (2017)
      Editor-in-Chief of ‘Data Protection Dictionary’, authored, edited and coordinated ‘Handbook for the Data Protection Officer – A practical Guide’, ‘The Ultimate GDPR Business Guide – Six Volumes’ and other relevant books in the field of privacy and data protection (www.dataprotectionbooks.com)

      www.romeokadir.eu

      Previous post

      Codes of Conduct and Monitoring Bodies under the GDPR
      October 18, 2020

      Next post

      Territorial Scope of Article 3 GDPR
      October 18, 2020

      You may also like

      Children Safety Encryption www.privacad.com
      Apple’s New Step to Protect Child Abuse via Encryption Feature
      20 August, 2021
      DNA Technology and Privacy www.privacad.com
      DNA Technology Regulation Bill and Violation of Privacy for Minority Groups
      19 August, 2021
      www.privacad.com
      India accuses Twitter of not complying with new IT rules
      18 August, 2021

      Search

      Categories

      • Blog
      • Business
      • Design / Branding
      • Free Data Protection Resources
      • Nederlandse Privacy Academie
      • Uncategorized
      Facebook-f Linkedin-in

      © Privacad 2020

      For all your questions about courses

      students@privacad.com

      For all your questions about Privacad for business

      info@privacad.com

      Links

      • Courses
      • Become a GADPPRO Academy Official Training Entity
      • Resources
      • Free Data Protection Resources
      • Blog
      • Profile
      • Students Stewards Network (SSN)

      Support

      • Privacy Policy
      • Terms of Use
      • FAQs
      • Contact

      © GADPPRO Academy | Privacad 2022

      GADPPRO Academy 2022

      Login with your site account

      Lost your password?

      Not a member yet? Register now

      Register a new account

      Are you a member? Login now