• European representative

    If you do not have any EEA offices, branches or other establishments, you should consider whether you are processing personal data of individuals in the EEA that relates to either:

    • offering goods or services to individuals in the EEA; or
    • monitoring the behaviour of individuals in the EEA.

    If you are carrying out such processing, and intend to continue after the end of the transition period, you will need to consider whether you must appoint a European representative.

    If you would like to appoint me as your European representative, please contact me.

  • Internal auditor

    I have many years of experience in conducting various internal audits. That is why I can support and guide your organizations very well in conducting internal audits. If you want to carry out these internal audits yourself, I can train your employees in conducting internal audits.
    In this way you kill two birds with one stone. The internal audits are guaranteed to be of good quality and the internal employee is trained to perform their own internal audits effectively and efficiently.
    If you want to know more about this, please contact me via the contact form.

  • Privacy Officer (PO)

    Where the CISO is responsible for the information security policy, the PO (also known as a privacy legal advisor), who in this case is not a DPO, is responsible for designing and (if available) monitoring the privacy policy within your organization. In addition, the PO can assist in mapping the risks by, for example, performing a Privacy Impact Assessment (PIA). When the privacy policy has been established and the PIAs have been implemented, an implementation plan can be drawn up. In addition, the PO also plays an important role in the workplace, for example, like the CISO, he or she has an advisory role towards the specialist departments and can answer questions such as: how should we share this data? What rules should we adhere to? What measures should we impose on the external party?

    Do you need support in setting up this position within your organization? Then I can help you with that. I will then work with you to see what the privacy policy should look like for your organization. In addition, I give advice on how the activities can be safeguarded in your organization.

    If you want to know more about this, please contact me.

  • Chief Information Security Officer (CISO)

    The Chief Information Security Officer (CISO) is the spider in the web when it comes to information security within your organization. The CISO is responsible for implementing and supervising the information security policy. The CISO has a central role in managing all processes related to it. If you are or want to be certified against ISO 27001 or NEN 7510, the CISO must comply with the measures from that standard when controlling the processes.

    The terms Chief Information Security Officer (CISO), Information Security Officer (ISO), and Security Officer (SO) are often used interchangeably. Is there a difference between these roles? Yes and no. The difference is in the description of the tasks and responsibilities associated with the role. From the above description you can see that for information security implementation and supervision lie with the same officer, namely the SO. If you want to pull this apart, it is often decided to place one or more ISOs, or SOs, under the CISO.

    Would you like to have fulfilled this role within your organization, but do you (currently) have no one available for it? Or do you not know how to start with this? Then I can offer a solution. I can advise you on the implementation of information security within your organization. I pay attention to the type and size of the organization. But above all on how supervision can be guaranteed in the future.
    Incidentally, it is important to remember that the ultimate responsibility for implementation never rests with Olthof Support (or any other CISO, PO, FG), but always in line.

    If you would like to know more about hiring me in the role of Chief Information Security Officer , please contact me.

  • Data Protection Officer (DPO)

    The Dutch Data Protection Authority (AP) or the Information Commissioner's Office (ICO) in the UK, is obliged to handle complaints and reports of data leaks. Research has shown that this is increasing in the Netherlands. That consumes a lot of the time of the AP. As a result, the AP is no longer able to do its core task: tackling deliberate violations.

    To make more time available for this, the AP encourages organizations to appoint a data protection officer (DPO). Complaints and data leaks can then be dealt with quickly. In practice, this then becomes the work of the DPO.

    The DPO is responsible for supervising compliance with privacy laws and regulations, inventorying and maintaining data processing operations and handling questions and complaints from people within and outside your organization. In addition, the DPO can provide support in the development of internal regulations, provide advice on tailor-made privacy and provide input when drawing up or adjusting codes of conduct.

    In short, when you appoint a DPO, you minimize the chance of a fine. After all, as an organization you show that you take privacy seriously.

    The problem, however, is that it often requires too much of an investment for smaller organizations to appoint a DPO. In particular, it requires a significant effort to keep up with case law and additional legislation. That is why Olthof Support offers the interpretation of an external DPO. This will keep you informed of the current state of affairs and check if everything is in order. In addition, this DPO takes care of the annual internal audit to show that careful handling of privacy is well embedded in the organization.

    If you want to know more about this service, you can request a quote right away.