What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation that will enforce a stronger data protection regime for organizations that operate in the European Union (EU) and handle EU citizens’ data. GDPR constitutes the protection of personal data of employees, customers and others. In case organizations fail to comply with this regulation, they will be subject to heavy fines and damaged reputation. Considering that personal data represents critical and sensitive information that all organizations should protect, such a regulation will help put in place appropriate procedures and controls to prevent Information Security breaches. By May 2018, all organizations that operate in the EU should comply with this regulation.


Pozovite, pošaljite e-mail, zatražite PONUDU po meri Vaše organizacije, ODGOVOR očekujte istog dana!

Zakon o zaštiti podataka o ličnosti (ZZPL)

Zakon o zaštiti podataka o ličnosti propisuje brojne obaveze rukovalaca.

U zavisnosti da li se obaveze odnose na sve ili samo pojedine rukovaoce, možemo ih podelite na opšte i posebne obaveze. Opšte obaveze se odnose na sve rukovaoce, nezavisno od specifičnosti rukovaoca, kao što je to slučaj sa organima vlasti, kai i nezavisno od obima obrade ili broja zaposlenih kod rukovaoca kao poslodavca. Pojedini rukovaoci imaju posebne obaveze koje su posledica bilo vrste rukovaoca, bilo podataka koji se obrađuju ili načina njihove obrade.

Opšte obaveze:

Primena svih načela obrade podataka:
Načelo zakonitosti (zakonitosti, poštenja i transparentnosti)
Načelo svrsishodnosti (ograničenosti svrhe)
Načelo srazmernosti(minimizacije podataka)
Načelo tačnosti podataka
Načelo ograničenog čuvanja podataka
Načelo bezbednosti podataka
Načelo odgovornosti
Postupanja po zahtevima (čl. 21.-22.)
Obaveštenje o obradi (čl. 23.-24.)
Ostvarivanje prava lica (čl. 26.-40.)

Posebne obaveze:

Ugovorni odnos sa obrađivačem (čl. 45.)
Evidencije o radnjama obrade (čl. 47.)
Beleženje radnji obrade nadležnih organa (čl. 48.)
Obaveštenje o povredi zaštite podataka (čl. 52. -52.)
Procena uticaja na zaštitu podataka (čl. 54.-55.)
Lice za zaštitu podataka (čl. 56.-58.)
Kodeks postupanja (čl. 59.)
Posebne obaveze u pogledu prenosa podataka o ličnosti u druge države i međunarodne organizacije

Why is the General Data Protection Regulation important for you?

Considering that data breaches have become highly sophisticated in the recent years, the need for data protection has increased as well.

Information Security is crucial to the success of any organization since it deals with the protection of sensitive data from unauthorized access, use, replication and destruction. As such, organizations should put in place measures and controls to manage and diminish Information Security risks and comply with GDPR requirements. In case organizations fail to comply with the GDPR requirements, the penalties can reach up to 2% of an organization’s annual turnover. Also, in case of more serious infringements, the penalties can amount to 4% of an organization’s annual revenue. The implementation of a Privacy Framework, on the other hand, will allow professionals to develop and implement reliable controls that are generally accepted.

Becoming a Certified Data Protection Officer will enable you to acquire the necessary expertise to understand the risks that could have a negative impact on your organization and implement the required strategic responses based on the GDPR best practices, requirements and principles.

If you need help getting started in IST with PECB training for GDPR CDPO – Certified Data Protection Officer, contact us to begin with the first step.

How do I get started with the Data Protection Training?

The first step is to get equipped with the GDPR fundamentals which will help you reach compliance. Our training courses are delivered by experienced trainers who will help you understand the benefits and how it can be applicable to your organization.

With the adequate combination of focus and dedication, you can become certified and distinguish yourself in the competitive market.

IST experts are here to assist you throughout the entire process; If you need help getting started, contact us to begin with the first step.


It  will help your organization to acknowledge, understand, and improve your organization’s compliance level to GDPR. A set of questions have been developed to discover and identify the strengths and weaknesses of your organization’s compliance to GDPR.

This online assessment tool involves a quick review, available at no cost, for the purpose of evaluating your organization’s readiness to GDPR. The questionnaire consists of 16 comprehensive closed-ended questions. After answering the questionnaire, a calculated score result will be provided, so you can have an understanding of your organization’s compliance with GDPR.

Benefits of the Data Protection Training

IST as Authorized Silver PECB partner offers training courses with exam and certification on Data Protection according to GDPR that will help you to:

  • Protect an organization’s reputation
  • Minimize security incidents
  • Build customer trust
  • Retain existing customers and attract new customers
  • Facilitate data access
  • Ensure a stronger enforcement of rules
  • Enable accurate storage of customer data
  • Enable adequate access control

If you need help getting started in IST with PECB training for GDPR CDPO – Certified Data Protection Officer, contact us to begin with the first step.


PECB obuka (GDPR) Certified Data Protection Officer

saznaj više


Currently, with the introduction of General Data Protection Regulation (GDPR) from the European Union and its enforcement beginning on May 2018, the importance of data protection collected from organizations for a variety of reasons is becoming the utmost objective of each organization and involved individuals.

Without a doubt, the business growth in the modern world drives up the amount of collected personal data from organizations for different purposes. As a result, there is a need for organizations to develop an enhanced system to manage the collection of data, based on the premises of General Data Protection Regulation (GDPR).


The aim of the GDPR Project Compliance implementation is to establish comprehensive management system with audit assessment to evaluate and measure the compliance of your organization towards GDPR requirements. A GDPR Management System and audit assessment provides a efficient governance and an estimate evaluation of the ongoing processes in your organization in terms of risks and benefits which need to be considered in order to achieve compliance to the GDPR.

Our extensive experience in the information security and data privacy makes our GDPR Management System with audit assessment the most enhanced and comprehensive service.

Therefore, the purpose of the IST GDPR Management System with audit assessment is to assist your organization in identifying the areas of improvement and evaluating your organization’s commitment to GDPR requirements. The implementaton process with audit assessment duration will be determined based on the size of your organization, scope, and business & process complexity.

We believe that GDPR management System with audit assessment is an important step at this stage of your organization growth in regards to the greater transparency and information of your clients about the concept of data protection and individual privacy rights.

If you need help getting started with IST on GDPR Compliance Project Implementation or Data Protection Officer Services, contact us to begin with the first step.

IST as Authorized PECB Gold Partner offers the General Data Protection Regulation training and certification, which will help you achieve compliance with the new data protection requirements, avoid non-compliance potential fines, build deeper trust and boost customer loyalty. We are here to address your specific needs and help you through this journey!

Benefits of GDPR management system Implementation and Audit assessment: 

  • Demonstrate accountability and compliance with the GDPR
  • Show commitment to data protection and privacy
  • Prevent financial and data loss
  • Create competitive advantage in the market
  • Increase reputation and brand strength
  • Remedies, liabilities, and penalties
  • Develop an appropriate level of expertise for GDPR legal and technical evaluation