Organisatsiooniliste andmetöötlustoimingute hindamise lähenemine GDPR vastavuse saavutamiseks
Date
2018
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Selle lõputöö eesmärk oli leida lähenemine, mille abil hinnata GDPR vastavust ning seda lähenemist reaalse ettevõtte peal proovida. Teoreetilises osas analüüsiti GDPR-i põhilisi väljakutseid ning mõ-ningaid juhiseid, mille põhjal kavandati sobilik lähenemine. Lähenemist prooviti väikese B2B mude-liga ettevõtte peal, mille käigus kaardistati isikuandmete töötlusega seotud äriprotsessid ja koostati register töötlemistoimingutest. Ettevõttele pakuti välja ka edasised sammud saavutamaks täielikku GDPR vastavust.
The goal of the thesis was to find an approach to assess GDPR compliance and test the approach on an actual company. In the theoretical part, GDPR’s main challenges and several guidelines were analysed, and a suitable approach was devised. The approach was tested on a small business-to-business company, during which business processes related to personal data were mapped and a reg-istry containing data processing activities was created. The company was also given recommenda-tions in achieving full compliance.
The goal of the thesis was to find an approach to assess GDPR compliance and test the approach on an actual company. In the theoretical part, GDPR’s main challenges and several guidelines were analysed, and a suitable approach was devised. The approach was tested on a small business-to-business company, during which business processes related to personal data were mapped and a reg-istry containing data processing activities was created. The company was also given recommenda-tions in achieving full compliance.