As businesses evolve, they need technology that is simple to help them succeed today and flexible enough to help them build for tomorrow. Chrome is fit for the workplace of the future — providing a secure, consistent user experience across a range of devices that can be used anywhere.
Therefore it is of great importance that enterprise-focused applications are in harmony with GDPR and once GDPR is enforced, there is a series of obligations that will apply to data processors, including:
- Data Processing Agreements – Personal data can only be processed on behalf of the controller when there is a written contract in place that imposes mandatory terms on the data processor.
- Sub-processors – processors can not engage a sub-processor without the prior written authorisation of the controller.
- Controller instructions – personal data can only be processed in accordance with the instructions of the controller.
- Accountability – records must be maintained of data processing activities and they must be available to the supervisory authority on request.
- Co-operation – processors must co-operate with the supervisory authority.
- Data security – appropriate security measures must be taken and controllers must be informed of any data breaches suffered.
- Data Protection Officers – processors must, in specified circumstances, designate a data protection officer.
- Cross-border transfers – restrictions regarding cross-border transfers must be compliant.
- Sanctions – Should processors fail to comply, they risk fines of up to four per cent of global annual turnover.
What is Google doing to comply can has been published on a company blog.