Skip to main content
Home

InfoTech conference

32nd International Conference on Information Technologies

A Model for Implementation GDPR Based on ISO Standards

Tzanko Tzolov
Member of the Commission for Personal Data Protection
Bulgaria
Abstract:

The implementation General Data Protection Regulation (GDPR) to organizations should be seen in the context of achieving their business goals. Very clear have to emphasize the benefits for organizations and the values adding to business. It is absolutely wrong to understand GDPR like as another restriction to the operating environment. GDPR is a tool for generating a strategic advantage based on trust between the organization, its employees, clients and partners. Building on business goals, deployment models should be focused on risk-based thinking, taking into account technology innovations, environmental factors, information management, supply management and globalization. In this text, the author pointed ISO 9001: 2015 standard like a model for implementing GDPR and offering a further insight into how to achieve the methodology of the implementation process.

Key words:
Privacy
Personal data protection
General Data Protection Regulation