Wet politiegegevens (Police Data Act)
Mandatory audits for compliance with Police Data Act (Wpg)
ARC People is an experienced specialist in IT and privacy audits and can support your organization in conducting the external privacy audit or the internal IT audit, including the TPM statement to be provided to the Personal Data Authority.
The Police Data Act (Wpg) regulates the rights and obligations of both the police and citizens for processing police data. Police data are personal data processed in the context of police tasks. In addition to the police, other organizations that perform police tasks, such as municipalities and public transport organizations through BOAs (extraordinary investigating officers), must also comply with this law. Think of enforcement officers, school attendance officers and streetcar inspectors.
According to Article 33 of the Wpg, the data controller (usually the employer of executor of police duties) must monitor the correct implementation of the law by conducting periodic audits.Â
According to the 'Police Data Decree', for the first time in 2021 and once every four years thereafter, the data controller must have a privacy audit performed by an external independent auditor. Article 5 of the 'Police Data Periodic Audit Regulations' states that an external audit must be conducted by an auditor registered as a Registered EDP Auditor with the Dutch Association of Registered EDP Auditors (NOREA), or with an international or European equivalent. In addition, Article 3 of these regulations provides that the data controller must ensure that, partly in preparation for the four-yearly privacy audit, an internal audit takes place at least annually.
Specifically, what does this mean in terms of audit requirements for your organization?
- Once every four years an external privacy audit, to be conducted by an independent certified IT auditor (RE);
- An internal audit to be conducted at least annually on both design, existence and ongoing operation of measures and procedures;
Any deficiencies found in the audits must be remedied through improvement plans.Â
Do you not yet have visibility into the requirements of the Wpg? Do you not yet know where your organization stands and have not yet completed the mandatory exgternal audit on 2021? Not to worry, we have summarized the most important information for you in a white paper and we will be happy to help you.
Fill out the form to download your white paper immediately
Would you like to know more about our approach or meet without any obligation? Please feel free to contact Carlo Bavius.
