Data Sharing Agreement Security Measures
Data protection legislation has never stopped you from doing so and the GDPR is no different. However, you must ensure that your disclosure of data is legal, fair and transparent and that you keep in mind other fundamental data protection principles. Data subjects have the right to obtain certain information about the processing of their personal data (including shared data) through a request for access to subjects. In certain circumstances, data subjects may also demand the rectification, erasure or blocking of their personal data and exercise other rights. Accordingly, you should endeavor to keep a record of the individual requests of the persons concerned, including the decisions taken and the measures taken. You must keep accurate records of the security measures you have taken and provide us with these records upon request. You should regularly test security measures to assess the effectiveness of measures to ensure the security, confidentiality, integrity, availability and resilience of shared data, as well as your compliance with this Agreement and data protection legislation. Data lists are often shared by data shredders, credit agencies, political parties, and even marketing agencies. The draft ICO code clearly highlights the resonsiblitites: “You are responsible for compliance with the law for the data you receive and for the data shared on your behalf. They must carry out appropriate requests and checks regarding the data, including its origin and the consents given. You must take appropriate technical and organisational measures to ensure a level of security appropriate to the risk associated with this Agreement: we will regularly review and update this Agreement. This can be done in reciprocity or in one direction, it could be to allow employees of another company to access your data for a specific purpose or several organizations that share information, etc.
This data exchange can be a regular activity or an ad hoc activity. You must comply with this Agreement and your obligations under data protection legislation with respect to any shared data that will be communicated to you under this Agreement. She and we are committed to providing each other with adequate support so that they can respond to data subjects` access requests and respond to other rights requests, requests or complaints from data subjects. . . .