Bisio Training Ltd - Bisio Training Ltd

New Client For Bisio

New Client For Bisio

Bisio Provides Interview training...

Link to Grant Thornton UK LLP

Bisio Training gains ACP status with BSI

Bisio Training gains ACP status with BSI

BS102000 CONSULTANCY...


Bisio Partners with ExamWorks-IS

Bisio Partners with ExamWorks-IS

Bisio to Provide L3API to ExamWorks-IS...


Bisio/IFIG Partnership

Bisio/IFIG Partnership

Bisio to create 'Bespoke' SPOC course for IFIG...

Link to: IFIG Web Site

Bisio Training Ltd is a UKRLP Registered Company

Bisio Training Ltd is a UKRLP Registered Company

...



About Bisio Investigative Training




Bisio Training Ltd - Data Protection Policy
 
Company Registration Number Z3013960 – Information Commissioners Office (ICO)

Introduction –

The General Data Protection Regulation (GDPR) creates a new legal framework to apply across the EU, including the UK from the 25 May 2018. This replaces the Data Protection Act 1998.

New requirements include: -

  1. Reporting data breaches
  2. Cross border considerations
  3. New rights for contacts – the need to inform contacts how we are using personal data and their rights under GDPR to request that personal data is deleted
  4. The need to demonstrate that we are mitigating against risks of misuse of clients’ personal data

    Policy -

    Bisio Training will analyse the ten key areas of compliance with the GDPR viz:
  1. Governance – the leadership team and functional managers will be made aware that the law is changing to the GDPR and they will appreciate the impact this is likely to have.
  2. Risk Management – we will consider and manage any risk to the organisation, as well as risk to data subjects resulting from a data breach.
  3. GDPR Project – we have a project team comprising of two of the company directors addressing the specific requirements of GDPR to become compliant.
  4. Data Protection Officer (DPO) – a DPO will be appointed from the leadership team.
  5. Roles and Responsibilities – we will identify the roles that are likely to have responsibility under the GDPR and establish appropriate skills, knowledge and training.
  6. Scope of compliance – we will identify how much of the organisation is in the scope of the privacy compliance framework.
  7. Process analysis – we will identify all the controller-processor relationships that involve data processing. This area could form part of a data flow audit in a later stage of our GDPR compliance project.
  8. Personal information management system (PIMS) – we will manage our documentation to enable us to demonstrate GDPR compliance in respect of managing personal data.
  9. Information security management system (ISMS), Principle 6 and Article 32 – we will adhere to the responsibilities of information security and protecting the security of data subjects.
  10. Rights of data subjects – we recognise data subjects’ rights and will have procedures and technologies in place to help them exercise those rights.
 
 





 
emPOWERED v4.0 from Uxella © 2018