iSecure logo
Personal data protection and GDPR audit

Preparing of documentation

Necessary component of personal data protection system implementation is developing of documentation required by law. Lack of it is a frequent discrepancy we discover during audits.

The complete documentation of personal data protection consists of:

  • security policy for personal data
  • instructions of management of IT system dedicated to personal data processing
  • authorizations to personal data processing
  • register of personnel authorized to personal data processing
  • privacy statements and declarations of acquaintance with binding law regulations related to data protection
  • agreements of entrust of personal data processing
  • applications of personal data records registration (update) reported to the President of the Personal Data Protection Office

Even though GDPR does not duplicate domestic regulations which require documents mentioned above, they may stand for a good basis for preparation of security procedures required by the regulations mentioned above. The condition to do so is fact whether the documents were prepared properly and personalized to a particular subject which is not a rule if e.g. drafts and patterns available in Internet are used.

Newsletter subscription
By adding your e-mail address and confirming "Sign up" you agree to processing your e-mail address by iSecure Sp. z o.o. for the purpose of sending a newsletter about services, events, or other activities of our Company