The most comprehensive data protection regulation in the world, the GDPR aims to give individuals control over their personal data and simplifies regulatory requirements for international businesses by unifying data protection standards for all companies operating within the EU. Any organizations that collect or process personal data from Europe must now comply with the GDPR. Non-compliance may trigger fines of up to EUR 20 million or up to 4 percent of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater.
SGS, leveraging its comprehensive data protection certification scheme for GDPR compliance, has partnered with EuroPrivacy to deliver certification services that demonstrates GDPR compliance. The first of its kind, the EuroPrivacy certification scheme provides a systematic and comprehensive assessment of GDPR compliance with a variety of benefits to organisations, enabling organisations to:
- Comply with ISO standards
- Combine certification with complementary national obligations and with ISO/IEC 27001 certification
- Certify products, services, processes and information management systems
- Address emerging technologies, such as smart cities, the Internet of Things and big data
- Perform GDPR audits and gap analyses
Maximised reliability and efficiency make the scheme accessible to SMEs. Certified services are expected to benefit from a competitive market advantage. Non-EU companies should gain easier access to EU markets.
EuroPrivacy has contributed to this partnership by providing a framework for analysing and identifying non-conformity with GDPR obligations. This framework can be used as an instrument for gap analysis to reduce legal and financial risks.
When asked about the significance of effective data protection and the impact of this scheme on business practices, Deepak Mistry, Global Head of Marketing – Certification and Business Enhancement of SGS, stated: "SGS is committed to the highest level of data protection and security for our clients. In line with the Charter of Trust on Cybersecurity we signed earlier this year, along with eight other companies, including Siemens and Dell, this partnership cements the significance of data protection and cyber security threats to our businesses and gives us a simplified and structured framework to ensure that all organizations are operating in a compliant and efficient manner."
Dr Sébastien Ziegler, Chairman of the EuroPrivacy International Board of Experts, added: "EuroPrivacy is the result of several years of research and development through the H2020 European research program to develop a highly reliable certification scheme. It has been developed with the support of top experts in personal data protection law from various countries. It is now a great satisfaction to make it globally accessible to the industry for demonstrating their compliance with and respect for personal data protection."
Within the United States, Anonos, a global data enablement/privacy technology solutions provider, has leveraged EuroPrivacy certification. When asked about the added business value the scheme has provided, Gary LaFever, Anonos Chief Executive Officer, stated: "The credibility associated with the EuroPrivacy certification was instrumental in securing leading analyst coverage for the launch of our SaveYourData offering as the first certified solution complying with legal and technical requirements for pseudonymising data under the EU General Data Protection Regulation (GDPR)."
"The Commission Nationale pour la Protection des Données [Luxembourg National Commission for Data Protection] is pleased to see the European Center for Certification and Privacy in Luxembourg contributing to bringing new solutions for certification in line with the objectives of the GDPR," said Christophe Buschmann, Commissioner at CNDP. "The CNPD welcomes EuroPrivacy's initiative to provide organisations with a tool that supports their efforts in regard to compliance with the GDPR. We appreciate the fact that EuroPrivacy has engaged with us to submit the certification scheme for obtaining the European seal under GDPR."
Professor Andrew Charlesworth, Director of the Center for IT and Law at the University of Bristol Law School in the UK, said, "EuroPrivacy is an important demonstration of the H2020 research program's role in connecting international academic and business competencies, to not just innovate across new technologies, but also to develop and promote the efficient and scalable regulatory and certification infrastructures required to facilitate effective transnational business practices."
Luca Bolognini, President of the Italian Institute for Privacy and Data Valorization and co-chair of the EuroPrivacy International Board of Experts, stated: "SMEs, big companies and other organisations, both in private nonprofit and public sectors, will benefit from this brand new GDPR certification scheme, which should be interpreted as a strategic instrument not only to demonstrate compliance with the European regulation, but also, even more, to regularly test, assess and evaluate the effectiveness of technical and organisational measures for ensuring the security of processing. Italian and European data controllers and processors who completed the first round of GDPR compliance activity in 2018 definitely need to focus on privacy maintenance enhancement and certification audits from 2019 onwards."
"Certifying GDPR compliance through a trusted expert authority is key to increasing trust in one's own brand, leveraging a significant competitive advantage and confidence in the eyes of customers," stated Latif Ladid, Founder and President, IPv6 Forum and researcher on privacy issues.
For more information please contact:
Client Relationship Executive
t: +44 (0)1276 697715
EuroPrivacy is a highly reliable and efficient certification scheme to assess compliance with the GDPR and complementary national obligations where applicable. It has been developed with the support of the H2020 European research program and is managed by an international board of experts in data protection with the support of the European Center for Certification and Privacy in Luxembourg.
SGS is the world's leading inspection, verification, testing and certification company. SGS is recognised as the global benchmark for quality and integrity. With more than 95,000 employees, SGS operates a network of over 2,400 offices and laboratories around the world.