GDPR knowledge transfer
The new GDPR legislation has a major impact on education institutions. SURF is taking various initiatives to inform institutions about the changes in the privacy legislation as well as possible.
Five areas for knowledge transfer
SURF has gained a great deal of knowledge about the GDPR, often in collaboration with the institutions. There are four areas for GDPR knowledge transfer that SURF actively engages in:
- Wiki with GDPR principles and topics, with an explanation of the law and its interpretation and a comparison with the Dutch Personal Data Protection Act (in Dutch).
- Each quarter, SURF's privacy community SCIPR has a meeting to discuss the various GDPR subjects.
- SURF organises knowledge sessions on GDPR implementation. The following topics have already been discussed (all in Dutch)
- The European Privacy Regulation: an action plan
- The role of the Data Protection Officer (14 December)
- The controller and the processor
- A talk with the Personal Data Authority
- The annual Privacy Awareness event: SURF is involved in the annual Privacy Speech and examines this topic together with the institutions in the week of the speech. The last Privacy Speech was on 21 November 2017.
- Privacy training module: the way we deal with personal data and privacy in education and research is about to change. With the arrival of the GDPR in May 2018, adjustments will also have to be made to the working methods of researchers and lecturers. But how do we approach this change and how do we make researchers and lecturers privacy aware? SURF offers blended teaching materials for this, that you, as a trainer or teacher, can use to help the people in your organisation to make their work GDPR-compliant. These materials are available in the Cybersave Yourself toolkit.