English
EU Data Privacy Requirements - A Quick Start
US companies doing business with European partners, are in the utmost cases obliged to comply with the rules of the European data privacy law, the so-called “General Data Privacy Regulation (GDPR)”.
The GDPR requests the processors of private data, among others, to
- ensure the rights of the people whose personal data they control.
- handle the data lawfully, fairly, in a transparent manner and limited to the purpose.
- keep the data accurate, safe and secure.
- All of which are very reasonable to be applied to any of your company’s data!
So, what needs to be done?
At the very minimum, you
- audit and document the private data you process. More precisely, you develop a “record of processing activities”.
- develop and document guidelines and procedures, train your users.
- provide a sufficient level of IT security.
With your support, we can identify the missing measures for your GDPR compliance. I can then provide you with a structured road map and project plan to get there, and if necessary, I can also provide missing building blocks.
About me
- born in 1959 in the northern German countryside
- lived / studied / worked in the beautiful city of Bremen for many years
- then 15 wonderful years in Munich and grasped opportunities
- for more than 12 years back in the north, with jobs in Oldenburg and Hannover
- and now I live gladly and happily married in Nienburg on river Weser!
What I have done so far
- Experienced in almost all aspects of the IT business for over thirty years - engineering, project management, presales, business development, consulting, and senior positions
- International project and leadership responsibility at Compaq Computer and Hewlett-Packard, National Semiconductor, and as management consultant at BTC AG
With particular relevance to information security and data privacy was my consulting work at Kai Viehmeier Consulting in Sarstedt
near Hannover
- Leading or with significant contribution to successful projects for companies in the automotive supply industry, energy / utilities, insurance, and SMB-businesses
- Application of security standards "VdS guideline 3473 Cyber Security for SMB", "VdS guideline 10010 data protection", BSI basic protection components, ISO 27001 family, VDA Information Security Assessment (German Association of the Automotive Industry)
- Development of standardized solution packages, especially for small and medium-sized enterprises
- Certified Data Protection Officer, VdS-approved Advisor for Cyber Security
Today, I combine my experiences into a service portfolio that I can best offer in a free entrepreneurial activity: whenever possible with fixed prices, predictable for my clients and myself, quality-oriented, with recognizable value add and, ultimately, with overall responsibility.