Every company in the EU that processes personal data must comply with the European General Data Protection Regulation since the 25th May 2018.
The effects on organisational, customer management and even IT processes are particularly far-reaching for small and medium-sized enterprises. Liability is also being radically tightened: fines of up to €20 million or 4% of the previous year's turnover are threatened. Implementation is made even more difficult by the fact that EU regulations often require additional interpretation. SMEs certainly face major challenges as a result of these serious and often vague regulations, for the implementation of which no practicable standards have existed until now.
That is why VdS supports small and medium-sized companies with the usual compact and practicable guidelines in implementing the EU regulation. With the VdS 10010 guideline, SMEs ensure the required data security with optimum resource efficiency - auditable and certifiable.
The user-oriented assistance VdS 10010 can be found here free of charge.
With this compact guide, which is specially tailored to small and medium-sized companies, you can implement the legal, organisational and technical requirements of the GDPR in a clearly structured manner and with manageable effort. The VdS 10010 guidelines are closely linked to the award-winning VdS 3473 on information security. The current VdS publication ensures the necessary practicability and precise alignment with the corporate reality through the co-authorship of numerous organisational experts and data protection officers directly from small and medium-sized companies.