+31 (0)73 - 220 2000 | info@brandcompliance.com
English
  • Dutch
  • English
Brand Compliance
  • A certification body
    • Accreditations, Conditions & Regulations
  • ISO 27701 certification & audit
  • Directions
Application certification process
  • About us
    • Accreditations
    • Vacancies
    • Compliment, complaint or tip
    • Privacy Statement
  • Knowledge base
  • News
  • Quality
    • Application certification process
    • ISO 9001
    • ISO 22301
    • Private Lease Quality Mark
    • Compliance Audits
    • Gap analysis
  • Information Security
    • Application certification process
    • ISO 19770-1
    • ISO 27001
    • ISO 27017 and ISO 27018
    • Baseline Information Security Government (BIO)
    • NEN 7510
    • ISAE 3402
    • SOC 2 statement
    • Gap analysis
  • Privacy
    • Application certification process
    • White paper GDPR certification mechanism
    • Certification criteria BC 5701:2022
    • BC 5701 (GDPR)
    • ISO 27701
    • Gap analysis
  • Academy
    • BC5701 Implementation Professional (GDPR)
    • OT Cyber Security using IEC 62443 (OT security)
    • Free online training ISO 27001:2022
    • ISO 27001 Lead Implementer training (version 2022)
    • ISO/IEC 19770-1 Practitioner course
    • Request training
  • Contact
    • Contact Form
    • Application certification process
    • Introductory meeting
    • Directions

Kennisbank

Certification process

10
  • Checklist certification
  • Do you have your first audit soon?
  • How long does ISO certification take?
  • What is a certification cycle?
  • Applying for a certification process
  • Initial audit Stage 1
  • Initial audit Stage 2
  • Nonconformities management system
  • Certificate suspended or revoked? This is how you solve it!
  • Transfer of certification

General

8
  • The Brand Compliance glossary
  • What is a management system?
  • Internal or external audit?
  • Find out more about internal audits
  • Tips to describe a proper scope
  • Accreditation versus certification
  • The differences between ISO 27001 and NEN 7510
  • The use of certification logos

ISO 27001:2022

2
  • ISO 27001:2022 – FAQ transition
  • ISO 27001:2022 – Transition process

Best practices

3
  • Mastering GDPR compliance: best practices
  • Excelling in information security: best practices
  • Quality Management: best practices for success

White papers

2
  • White paper management system audits
  • White paper GDPR-certification mechanism

Mastering GDPR compliance: best practices

A best practice is a standard or set of guidelines that is known to produce good outcomes if followed. Best practices are related to how to carry out a task or compose something. A best practice usually presents the optimal way to work, how to use a product or a set of ideals to reach toward. 

Best practice AVG

The General Data Protection Regulation (GDPR) is legislation that came into force in 2018 and regulates the protection of personal data of EU citizens. In this article we share some best practices that can help you comply with this law. 

Provide transparency  #

Make sure you communicate clearly with customers about what you do with their personal data and why you collect it. 

Only collect relevant data  #

Only collect the personal data you need for your activities and make sure to store it securely. 

Ensure data security  #

Provide appropriate security measures to protect personal data against unauthorized access, loss, theft or damage. 

Implement privacy by design  #

Consider privacy and data protection when designing and developing your products and services. 

Draw up a data protection policy  #

Create a documented policy to ensure your organization is GDPR compliant. This policy should describe, among other things, how you handle personal data, how you handle data security incidents and how you handle requests from individuals for access to their personal data. 

Designate a data protection officer  #

If necessary, designate a data protection officer (DPO) responsible for overseeing compliance with the GDPR. 

Train staff  #

Make sure your staff are aware of the GDPR and understand how to handle personal data securely. 

Create a register of processing activities  #

Keep a record of all processing activities you carry out in relation to personal data. 

Be prepared for incidents  #

Develop a plan for handling data security incidents, including procedures for reporting data breaches and informing data subjects. 

Evaluate processes regularly  #

Regularly review your processes and policies to ensure you are GDPR compliant and to identify and address any deficiencies. 

These best practices are a good starting point for GDPR compliance, but it’s important to make sure you stay abreast of new guidance and recommendations from supervisory authorities. Would you like to know what Brand Compliance can do for you in the field of GDPR certification? Contact one of our specialists, they will be happy to help you. 

Share This Article :
  • Facebook
  • Twitter
  • LinkedIn
Still stuck? How can we help?

How can we help?

Updated on 23 June 2023
Excelling in information security: best practices
Inhoud
  • Provide transparency 
  • Only collect relevant data 
  • Ensure data security 
  • Implement privacy by design 
  • Draw up a data protection policy 
  • Designate a data protection officer 
  • Train staff 
  • Create a register of processing activities 
  • Be prepared for incidents 
  • Evaluate processes regularly 

Accreditation

RvA C548Brand Compliance B.V. has accreditation (C548) to certify ISO 27001, NEN 7510 and ISO 9001 scope 33 information technology and 35 other services.

Brand Compliance B.V.

Hambakenwetering 8D2
5231 DC ‘s-Hertogenbosch

+31 (0)73 220 2000
info@brandcompliance.com

Chamber of Commerce nr.: 32101659
VAT nr.: NL8130.78.854.B01

Brand Compliance Belgie B.V.

Uitbreidingstraat 66
2600 Berchem (Antwerpen)

+32 (0)14 48 0730
be-info@brandcompliance.com

VAT nr.: BE0735.675.516

Brand Compliance Nordics AB

Vasagatan 16 2 TR
111 20 Stockholm

+46 73 157 7805
info@brandcompliance.com

Org.nr: 559238-1387

© Copyright 2023 Brand Compliance