ISDP©10003 DATA PROTECTION CERTIFICATION

International scheme for the protection of personal data, ISDP©10003 Control criteria and rules to certify processes in protecting natural persons with regard to the processing of their personal data and the free circulation of the same.

 

In compliance with EN ISO/IEC 17065:2012.
The GDPR has altered the landscape for public and private companies that operate within the scope of data protection management.
The ISDP10003 certification scheme, accredited by Accredia, arose from the need to assess suitability to the new GDPR.

WHAT IS THE ISDP AND WHY HAVE IT?
Designed to respond to the new rules which become operational in 2018, the ISDP 10003 scheme is voluntary and applicable to any type of organisation. It specifies the requirements for proper, secure management, as well as the compliance of the management, of a natural person's personal data with regard to the processing of personal data and the free circulation of the same.
The scheme provides the principles and lines of control for a complete compliance assessment of the organisation's internal processes regarding protection of personal data with particular reference to proper risk management.
Additionally, it details security requirements and controls, so that the data respect the levels of precision, accuracy, timeliness, consistency, completeness, credibility and updating required by current regulations regarding the protection of personal data, with particular attention to the principles of quality and security of the data processed, in compliance with the main international standards.
This scheme can also be used to assist any organisation that wishes to ensure their operational procedures are secure.

INTENDED AUDIENCE
ANY DATA CONTROLLER: whatever the sector and regardless of the type of processing carried out.
InVeo has also made the scheme available to Certification Bodies (CaB) who want to proceed with voluntary accreditation within the sphere of certifying processes that protect natural persons with regard to the processing of their personal data and the free circulation of the same.
Since no integrating criteria have yet been established, as referred to in articles 42 and 43 of Regulation 679/2016, should these be issued by the committee of the competent national authority, pursuant to articles 55 and 56, the ISDP10003:2015 scheme will be adapted immediately.

EVERY COMPANY THAT PROCESSES PERSONAL DATA: the organisation that obtains ISDP certification, in relation to all the applicable corporate processes, provides an assurance, to every interested party, of the voluntary adoption of an analysis and control system for the principles and the standards of reference that concerns protecting natural persons with regard to the processing of their personal data and the free circulation of the same.

Member States, control authorities, the committee and the Commission encourage, particularly at the European Union level, the establishment of data protection certification mechanisms as well as seals and marks indicating protected data with the aim of demonstrating compliance with the current regulations on data processing carried out by data controllers and data processors. The specific needs of micro, small and mid-sized businesses are taken into account.
EU-GDPR

 


THE ROAD TO GDPR

25th May 2018