Menu

Filter by
content
PONT Data&Privacy
  • PONT home
    • mill

    0

    Police Data Act (Wpg).
    Voor de bescherming van persoonsgegevens bij de politie is er een speciale wet: de Wet politiegegevens (Wpg). Politiegegevens zijn persoonsgegevens die in het kader van de politietaak worden verwerkt. De Autoriteit Persoonsgegevens houdt toezicht op de Wpg.

    Wpg audit roadmap

    Autoriteit Persoonsgegevens October 29, 2025

    Published

    For whom
    All organizations that process police data (including municipalities and employers of boas) are required by law to conduct periodic Wpg audits.

    Step 1: Annual internal audit

    • Conduct an internal privacy audit every year.
    • Review processes, measures and procedures around police data.
    • Use the NOREA handbook as a guide.

    Step 2: Four-year external audit

    • Have an external, independent auditor conduct an audit at least once every four years.
    • External auditor may not be the Data Protection Officer (FG).
    • Ensure that the auditor is knowledgeable and independent

    Step 3: Reporting and delivery

    • Prepare a "short-form" audit report.
    • Submit the report digitally to the Autoriteit Persoonsgegevens (AP) between March 1, 2025 and March 1, 2026.
    • Remove personal names; preferably deliver the report in PDF/A format.

    Step 4: Improvement plan and recheck (if necessary)

    • Does the audit reveal that your organization is not compliant? Establish an improvement plan within a year.
    • Have rechecking done by an independent party.
    • Send the re-audit report to the AP - the improvement plan itself need not be reported.

    Step 5: Assurance and collaboration

    • Always keep a copy of submitted reports in your own records.
    • Take responsibility when lending/hiring boas or collaborating with other organizations.

    Share article

    Comments

    MORE REACTIONS

    Leave a comment

    You must be logged in to post a comment.

    Privacy laws in detection

    You will be informed about legislation that applies to data processing by BOAs. You will learn when your BOAs must comply with the Wpg, when with the AVG and what the main differences are. You will also learn what steps need to be taken to comply with the Wpg.

    Learn more

    Undermining and Processing of Personal Data.

    This course discusses the legal framework for data processing when dealing with undermining. It discusses how to determine which processing of personal data is and is not permitted and why. In particular, the sharing of personal data within and outside one's own organization will be discussed, as well as the requirements for processing personal data. After this course you will be fully aware of the main issues, recent experience and case law and you will be able to identify problems in this area in practice.

    Learn more

    Join PONT | Data & Privacy

  • Access to Knowledge Base
  • Read e-books
  • Contact with peers
  • Own news overview
    • BECOME A MEMBER

    General

    Service

    Navigate

    Berghauser Pont Media Group

    CONTACT

    𝕏

    Copyright 2025 Berghauser Pont | Website created by Buro Zero