If you do not have any EEA offices, branches or other establishments, you should consider whether you are processing personal data of individuals in the EEA that relates to either:
- offering goods or services to individuals in the EEA; or
- monitoring the behaviour of individuals in the EEA.
If you are carrying out such processing, and intend to continue after the end of the transition period, you will need to consider whether you must appoint a European representative.
If you would like to appoint me as your European representative, please contact me.
I have many years of experience in conducting various internal audits. That is why I can support and guide your organizations very well in conducting internal audits. If you want to carry out these internal audits yourself, I can train your employees in conducting internal audits.
In this way you kill two birds with one stone. The internal audits are guaranteed to be of good quality and the internal employee is trained to perform their own internal audits effectively and efficiently.
If you want to know more about this, please contact me via the contact form.
Privacy Officer (PO)
Chief Information Security Officer (CISO)
The Chief Information Security Officer (CISO) is the spider in the web when it comes to information security within your organization. The CISO is responsible for implementing and supervising the information security policy. The CISO has a central role in managing all processes related to it. If you are or want to be certified against ISO 27001 or NEN 7510, the CISO must comply with the measures from that standard when controlling the processes.
The terms Chief Information Security Officer (CISO), Information Security Officer (ISO), and Security Officer (SO) are often used interchangeably. Is there a difference between these roles? Yes and no. The difference is in the description of the tasks and responsibilities associated with the role. From the above description you can see that for information security implementation and supervision lie with the same officer, namely the SO. If you want to pull this apart, it is often decided to place one or more ISOs, or SOs, under the CISO.
Would you like to have fulfilled this role within your organization, but do you (currently) have no one available for it? Or do you not know how to start with this? Then I can offer a solution. I can advise you on the implementation of information security within your organization. I pay attention to the type and size of the organization. But above all on how supervision can be guaranteed in the future.
Incidentally, it is important to remember that the ultimate responsibility for implementation never rests with Olthof Support (or any other CISO, PO, FG), but always in line.
If you would like to know more about hiring me in the role of Chief Information Security Officer , please contact me.
Data Protection Officer (DPO)
The Dutch Data Protection Authority (AP) or the Information Commissioner's Office (ICO) in the UK, is obliged to handle complaints and reports of data leaks. Research has shown that this is increasing in the Netherlands. That consumes a lot of the time of the AP. As a result, the AP is no longer able to do its core task: tackling deliberate violations.
To make more time available for this, the AP encourages organizations to appoint a data protection officer (DPO). Complaints and data leaks can then be dealt with quickly. In practice, this then becomes the work of the DPO.
The DPO is responsible for supervising compliance with privacy laws and regulations, inventorying and maintaining data processing operations and handling questions and complaints from people within and outside your organization. In addition, the DPO can provide support in the development of internal regulations, provide advice on tailor-made privacy and provide input when drawing up or adjusting codes of conduct.
In short, when you appoint a DPO, you minimize the chance of a fine. After all, as an organization you show that you take privacy seriously.
The problem, however, is that it often requires too much of an investment for smaller organizations to appoint a DPO. In particular, it requires a significant effort to keep up with case law and additional legislation. That is why Olthof Support offers the interpretation of an external DPO. This will keep you informed of the current state of affairs and check if everything is in order. In addition, this DPO takes care of the annual internal audit to show that careful handling of privacy is well embedded in the organization.
If you want to know more about this service, you can request a quote right away.