Jean Christophe

GDPR and local legislation compliance: Ensure compliance with current data protection regulations, such as GDPR, and adapt internal policies and procedures accordingly.

Awareness: Raise awareness among school staff and researchers about data protection issues.

Management of researcher and staff data: Oversee the collection, storage, processing, and deletion of personal data of researchers and staff, ensuring these actions comply with privacy and security principles.

Information requests: Act as the point of contact for data protection information requests from researchers, staff, and regulatory authorities.

Data Protection Impact Assessment (DPIA): Identify potential privacy risks for individuals affected by data processing.

Incident management: Manage security incidents or data breaches, implementing procedures for effective response, notification to competent authorities, and minimization of consequences for affected individuals.

Internal collaboration: Work closely with the school's various departments (administration, IT, teaching) to integrate data protection considerations into their processes and projects.

Documentation and record-keeping: Maintain detailed documentation of data processing activities, keep records of processing activities up-to-date, and ensure mandatory records are kept.

Continuous evaluation and improvement: Regularly evaluate the school's data protection practices, propose improvements, and implement corrective measures as needed.

Regulatory watch: Stay informed about legal developments and best practices in data protection to ensure the school remains compliant and adopts the best strategies for data protection.

Monitor compliance: ensure the company complies with data protection laws and applicable privacy regulations.

Advise and raise awareness: advise management and staff on legal obligations regarding data protection and raise awareness throughout the organization on these issues.

Handle requests: manage requests from data subjects (e.g., requests for access to personal data) and respond appropriately.

Audits and risk assessments: conduct audits and risk assessments related to data processing to identify potential vulnerabilities and implement adequate security measures.

Training: Implement training programs for company staff to ensure adequate understanding of data protection rules.

Documentation: ensure the maintenance of internal records related to data processing activities, including records of data breaches.

Data security advice: advise on appropriate security measures to protect personal data.

Assisted French social ministries (public sector) and companies (private sector) in their GDPR compliance efforts.