A further milestone was reached at the end of 2017 with the publication of VdS 10010. These guidelines describe an intelligent way to implement the requirements of the European General Data Protection Regulation (GDPR for short).
As with the information security management system in accordance with VdS 10000, the data protection management system (DPMS) in accordance with VdS 10010 is such that implementation by the companies themselves on their own initiative will be difficult and probably the exception rather than the rule. For reasons of efficiency and error prevention, companies will seek professional help in implementing VdS 10010 - especially in order to prepare optimally for a certification audit.
Therefore VdS offers a consultant approval procedure for this area: The VdS-approved consultant for data protection management systems in accordance with VdS 10010, where it is important to note that the subject of the approval is not data protection-related advice but management system-related advice. The approval procedure is described in the VdS 10013 guidelines. The required knowledge and skills must be demonstrated in writing. In addition, an examination must be passed, which is carried out after the VdS 10010 course and the additional workshop day. VdS approval as a DSMS consultant is valid for four years and can be extended upon request.