A data processing agreement (DPA) is a legally binding document to be entered into between the controller and the processor in writing or in electronic form. It regulates the particularities of data processing- such as its scope and purpose- as well as the relationship between the controller and the processor.
The following document is being used- in conjunction with the Data breach event response framework- to report the specific details of the data breach, as well as the remedial measures that are taken to minimize the risk to data subjects.
Only one year left before Europe's General Data Protection Regulations comes into force. This massive legislation address all organisations collecting and using personal data originating from the EU. With fines of up to 4% of annual global turnover or 20m EUR, whichever is highest, the cost of non-compliance can be huge! To help you get ready, we've been looking at the practical requirements needed to build a GDPR-compliant framework that works for research and analytics. We want to share with you how our new programme, ESOMAR Plus, can support your journey towards GDPR Compliance.