CODES OF CONDUCT
The GDPR (Article 40) specifically states that;
“The Member States, the supervisory authorities, the Board and the Commission shall encourage the drawing up of codes of conduct intended to contribute to the proper application of this Regulation,”
“Associations and other bodies representing categories of controllers or processors may prepare codes of conduct”
GDPR limited (www.gdpr.ie ) is already working with several organisations on the preparation of codes of conduct which are intended to form the basis upon which their members shall develop their own plans and in doing so evidence compliance with the GDPR.
The Codes of Conduct for the compliant handling of data created by Representative bodies will allow them to:
- Provide guidance on the GDPR’s requirements to their members
- Signal to data subjects and regulators that an organization and their members are in compliance with the Regulation
This provides an opportunity for representative bodies to develop a Code of Conduct for the handling of data and other guidance, policies and procedure templates, training and support for their members.
This will increase value to the representative bodies and their members, by saving them time, effort and money. This will also encourage and foster compliance amongst members, thereby increasing the value of the representative body to their members.
FTC Takes Action against Companies Falsely Claiming Compliance with the EU-U.S. Privacy Shield, Other International Privacy Agreements
European Data Protection Board – Eleventh Plenary session: Guidelines on Codes of Conduct, annex to the Guidelines on Accreditation, annex to the Guidelines on Certification