Register to become a member

Demonstrating Privacy Compliance

Including -- Privacy Self-Assessment Questionnaire

In response to the EU's directive on Privacy and Data Protection, ICX (International Commerce Exchange) has produced a Code of Conduct on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data.

The Code of Conduct states:

"To ensure that the policies, processes and procedures, introduced by an organisation to ensure compliance with the requirements of the Directive, are effective and are maintained to reflect changes within the organisation, periodic audits must be carried out. An initial, in depth, audit should be performed as a priority. Subsequent audits should be carried out annually…..".

The guidebook helps de-mystify the process of providing privacy assurance. This is not an in-depth look into the rules, regulations and details but an easy to use, step by step process for demonstrating compliance with the ICX Code of Conduct.

These guidelines are a template on which to build an individual company plan to attain compliance through self-assessment and verification auditing. How this is implemented within an individual organisation is up to the organisation. A company should develop their own operating conditions with the help of these guidelines. They will then be in a position with their local regulatory body (of their own country) to seek advise that the measures they (plan to) take will comply with local laws. Thus taking an organisation a long way towards compliance and establishing "adequacy", but it cannot be assumed to be the complete solution.

For a list of regulatory bodies in the European countries, check the European Commission's website: Visit their site

So, for this guide to serve its purpose a good working order could be for you to:

  1. read this guide
  2. look at your own business
  3. write your own operational policy or plan and
  4. when in doubt, consult your local authority.

Contents include:

  • Introduction
  • What is data protection?
  • Why is data protection needed?
  • Demonstrating Privacy Compliance
  • Self Assessment Questionnaire
  • Law
  • Quality requirements
  • Duties and obligations
  • Security
  • Rights
  • International transfer of data
  • Website
  • Audits for compliance

Find out more about obtaining this guide



ICX News

ICX in the News

Newsletter Archive (members only)