Before the introduction of GDPR in the Netherlands, implemented by AVG regulation in the Netherlands, the news already mentioned several data breaches (link). These violations are presecutable with fine up tp €820K or 10% of an organisations turnover.
But the autorities did not impose a single fine, although warnings were given. And the large data processors like Google, Microsoft, Uber but also Dutch KPN were investigated by the autorities. It seems to be a matter of time before the first fines are written,
The following milestone in protecting privacy data is 25th of Mai 2018 when new EU regulation GDPR comes into force. This regulation is enforced by the Dutch authority Autoriteit Persoonsgegevens.
One of the regulations is that each organisation which handles individuals data as core business or in bulk has to appoint an officer, the so called Functionaris Persoonsgegevens . This natural person guards the privacy on behalf of the authorities. She/he is registered at the authorities and enjoys dismissal protection. But how can this person be responsible for this job ?
How asssures the privacy officer proper handling of personal data within his organisation ?
The answer is:
Data Governance
Data Governance is the implementation of measures to manage and control data within organisations. This can be achieved by data management but also by other suitable mechanisms in the domains of people, processes and/or technique (3P) . Or measures in the area of (corporate) governance , risk management and/or compliance (GRC). More information on this is found in my scientific research.
So, Data governance prevents you from data breaches or privacy data violations.
Determine in less than 10 minutes how mature is your organisation in handling data with the online self-assessment.
As part of scientific research, we can advise you on how to govern your data e.g. with data breaches, GDPR / AVG implementation and registration. Please contact Jan Merkus
Other links:
- Outsouce GDPR/AVG
- Link to Richtlijnen omgaan met datalekken (ingangsdatum: 01 januari 2016)
Data Governance 
Pingback: 600.000 reasons to take AVG / GDPR seriously with Data Governance | Data Governance