Once an organization is on the path to compliance, the team can focus on documenting compliance efforts. The organization can compile copies of data protection notices and consent forms, the database and registry of data relating to computer activities, written policies and procedures, training materials, internal data transmission agreements to the company and supplier contracts. If necessary, the organisation may appoint a data protection delegate and designate the relevant EU supervisory authority. It is also useful for organizations to conduct regular evaluations or audits of the data protection program to ensure that everything is working as planned. Salesforce provides a model for this here. www.salesforce.com/content/dam/web/en_us/www/documents/legal/Agreements/data-processing-addendum.pdf rights of the person concerned: mechanisms and procedures are needed to manage the consent preferences of the person concerned and respond to complaints and requests for access, rectification, limitation, portability and cancellation. Over the past 4.5 years, I have been consulting with dozens of companies operating on the Salesforce platform. A consistent observation is that things can quickly become chaotic, especially for organizations that have a high degree of adaptation and a significant user base. It is always easier to quickly interpret a user`s admin rights (who can then see, edit and export any data set within the organization) than to solve visibility and ad hoc access issues for individual users. This is especially true for companies that, in their existing technical configuration, are constantly innovating and prototypeing new business entities. The good news is that Salesforce immediately offers state-of-the-art features within its security settings to management, which active users can see, edit and export, which is at a granular level in your Salesforce organization.
Data Protection Guidelines: Data protection guidelines must be provided wherever personal data is collected, including using cookies and website tags. Every day, new customers relocate their businesses to the Salesforce platform, while existing customers use the agility of technology to find new revenue streams and create prototypes. Training: Staff and supplier training should be provided to raise public awareness of data protection policies, processes and requirements, as well as to report data concerns and suspicious activity.