European Union General Data Protection Regulation Control Mapping Worksheet
Sali Osman, Amazon Web Services (AWS)
October 2020 (document history)
This guidance helps you to translate European Union (EU) General Data Protection Regulation
(GDPR) language to a control objective that your technology teams can consume. The worksheet and the Data Privacy Impact Assessment (DPIA) template
Overview
The worksheet provides a breakdown of the four domains of the EU GDPR: lawful basis and transparency, data security, accountability and governance, and the privacy rights. The controls are mapped to the Secure Controls Framework.
This is the first step to verify that you have captured all the needed requirements of the regulation. The second step is to implement the controls required for each section. If you aren't sure how to configure your AWS environment to meet the regulatory requirement, contact AWS Professional Services Security, Risk, and Compliance. To help achieve compliance, AWS Professional Services will work with your legal and compliance teams.