Dorus-Jan ten Boom

GDPR roles: when to use a processor agreement and when it’s unnecessary

“Better safe than sorry,” “better too many than too few,” and “fire is worse.” All true, but still not a reason to start signing agreements unnecessarily. Yet this is exactly what I now see happening on a large scale. Organizations that share data are massively sending each other data processing agreements. And not just to each other: their own employees, the Tax Authority, and the company doctor are also being dragged into it. Please don’t forget to fill in annexes 1 through 4 yourself, in the name of the GDPR. No processing without a processing agreement. Or is there? Let’s start at the beginning.

Responsible-by-Design in the Public Sector

In recent years, the use of data and AI in the public sector has grown significantly. These technologies offer opportunities to carry out tasks more efficiently and effectively, but they also come with risks. How can you ensure that data and AI are used in a responsible and transparent way? And how do you prevent decisions from being based on unreliable or hard-to-explain insights? In this whitepaper, we explore how responsible use of data and AI can be translated into practice. We introduce the principle of “responsible-by-design”—an approach that systematically maps both the opportunities and the risks. In addition, we offer a set of building blocks: best practices that demonstrate how organizations can take concrete steps toward the careful and ethical use of data and AI.

Rijkswaterstaat gets to grip with digital communication

Highberg helped Rijkswaterstaat get to grips with the three new laws governing digital communication with citizens and businesses. Because all these laws relate to the same processes, the multidisciplinary team was able to use an integrated approach to assess each process at once.