pergamonmystic:linkedhelp:gdprcertificate
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
pergamonmystic:linkedhelp:gdprcertificate [2021/10/14 09:05] admin |
pergamonmystic:linkedhelp:gdprcertificate [2021/10/14 11:03] admin |
||
|---|---|---|---|
| Line 7: | Line 7: | ||
| GDPR Certificates were agreed to be promoted by the various GDPR enforcement agencies around the EU, the agency responsible in the UK being the [[https://ico.org.uk|ICO]], as it had been with the standard Data Protection Act. This promotion was generally intended to 'raise the bar' of GDPR compliance. | GDPR Certificates were agreed to be promoted by the various GDPR enforcement agencies around the EU, the agency responsible in the UK being the [[https://ico.org.uk|ICO]], as it had been with the standard Data Protection Act. This promotion was generally intended to 'raise the bar' of GDPR compliance. | ||
| - | **At this time**, Esferico ltd. have chosen **not** to seek a GDPR Certificate - the simple reason being that **no product or service provided by Esferico ltd. is covered by the GDPR Certificate scheme**. | + | **At this time**, Esferico ltd. have chosen **not** to seek a GDPR Certificate - the simple reason being that **no product or service provided by Esferico ltd. is covered by a GDPR Certificate scheme**. |
| + | |||
| + | We are unable to obtain a certificate therefore, as there is no certificate to obtain. | ||
| Read on to learn why. | Read on to learn why. | ||
| Line 52: | Line 54: | ||
| * At this time, there is no official pro-active auditing system in place to confirm compliance with the GDPR for small to medium businesses other than that administered retrospectively due to a data breach or known lack of compliance. Pro-active auditing is performed for large organisations (councils, police forces etc.) which process significant amounts of protected data, and distinct characteristics. | * At this time, there is no official pro-active auditing system in place to confirm compliance with the GDPR for small to medium businesses other than that administered retrospectively due to a data breach or known lack of compliance. Pro-active auditing is performed for large organisations (councils, police forces etc.) which process significant amounts of protected data, and distinct characteristics. | ||
| - | * A list of authorised schemes was finally made available from April 2021 (see [[https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/certification/|ICO Certification]]) and is therefore still very much in its infancy. At of the time of writing, only three such official schemes are listed as being approved by the ICO, and none of which are applicable to the products provided by Esferico ltd. | + | * A list of authorised schemes was finally made available from April 2021 (see [[https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/certification/|ICO Certification]]) and is therefore still very much in its infancy. At the time of writing, only three such official schemes are listed as being approved by the ICO, and none of which are applicable to the products provided by Esferico ltd. |
| - | * Certification can be an expensive process, and must be balanced against the information that is recorded within any individual product. Such costs would therefore also need to be passed on to clients. | + | * Certification can be an expensive process, and must be balanced against the information that is recorded within any individual product. Such costs would therefore also need to be passed on to clients. The same assurances of GDPR compliance can be obtained from the GDPR compliance documentation required to be generated by the statutory GDPR legislation in place (see [[PergamonMystic:linkedhelp:gdprdocuments|GDPR and Data Protection Documents]]) |
| * Esferico applications store a very small number of fields which are categorised as protected data (most is not personal in nature, and most is deemed as being in the public domain) and most is not useful for identification. | * Esferico applications store a very small number of fields which are categorised as protected data (most is not personal in nature, and most is deemed as being in the public domain) and most is not useful for identification. | ||
pergamonmystic/linkedhelp/gdprcertificate.txt · Last modified: 2024/02/06 11:05 by admin
Page Tools
