GDPR and DPO. DPO and DPM. Michel Gerdes DPO DFN-CERT Services GmbH DFN-CERT Services GmbH GDPR and DPO: Slide 1
|
|
- Paula Walton
- 6 years ago
- Views:
Transcription
1 GDPR and DPO DPO and DPM Michel Gerdes DPO DFN-CERT Services GmbH DFN-CERT Services GmbH GDPR and DPO: Slide 1
2 ToC The DPO Role according to GDPR Data Protection at research institutions and universities Remaining challenges 2017 DFN-CERT Services GmbH GDPR and DPO: ToC Slide 2
3 GDPR and DPO The DPO Role according to GDPR 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 3
4 GDPR and National Adjustments No national adaption required Member States may adjust and define within certain boundaries National law for public bodies 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 4
5 DPO by GDPR, legal grounds Article 37 DPO 5. Professional qualities, expert knowledge of data protection law and practices and the ability to fulfill the tasks 7. Controller shall publish contact details to supervisory authority Article 38 Position 1. involved, properly and in a timely manner, in all issues which relate to the protection of personal data 2. support by controller, 3. no instructions regarding DPO related tasks by controller 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 5
6 Accountability Article 5 (2) Article 24 (1) requires Data Protection Management 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 6
7 Data Protection at DFN-CERT DFN-CERT 50 employees, 5 teams, backoffice various topics, all focus information security awareness separation of duties DPO Since July 2015, part time (20 %, real 15 %) Trainings Preparations for GDPR Register of processing activities and Getting it done Issues brought up by colleagues Identifying issues and check with persons in charge 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 7
8 Selecting a DPO Personal suitability No conflict of interests Speak the language of the employees Time slot Skill set Collaboration Question superiors and seniors Scrutinize every data processing activity Dedication to the role Self organization Tasks may not be handled straight forward 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 8
9 Challenges & Achievements Challenges Getting persons in charge getting things done It s about the time they have to dedicate to the tasks or teaching them how to do it (fast but accurately) Achievements Birthdays of employees in calendar application Access to account for invoice during vacation of the employee Login timestamps in world-readable log file 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 9
10 Framework for Data Protection Management Responsibilities Awareness Policies Processes Ressources 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 10
11 Responsibilities Controller implement Data Protection Management define responsibilities raise awareness define policies define processes provide ressources fulfill Article 38 (Position of DPO) Records of processing activities Consider data protection in contractual aggreements/contracts Data protection impact assessment (Article 35) Information systems security DPO (Art. 39) inform and advise controller monitor compliance cooperation with supervisory authority contact point for supervisory authority obviously not limited to these report directly to board 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 11
12 Awareness periodic trainings for employees regular communication campaigns on data protection data protection coordinator per team/faculty/... project initiation should/may require consultation of DPO/DPM highlight compliance to data protection principles (Article 5) 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 12
13 Policies commitment of top level management define responsibilities define processes sharing responsibilies if joint controller 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 13
14 Processes Ensure data subjects rights Article 12 clause 3 Notification of data breach Communication of data breach Re-assessment of DPM changemanagement access to data on DPO s computer 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 14
15 Ressources further training and networking for DPO and DPM officials projects: documentation overhead and adjustments for data protection compliance appropriate technical and organisational measures to ensure security of processing, data protection by design and by default, data processing system security 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 15
16 Links DataProtection-Framework pdf data-protection-governance-data-protection-governance-enterpriseorganisation Danish vs. English version of GDPR R0679&from=EN 2017 DFN-CERT Services GmbH GDPR and DPO: The DPO Role according to GDPR Slide 16
17 GDPR and DPO Data Protection at research institutions and universities 2017 DFN-CERT Services GmbH GDPR and DPO: Data Protection at research institutions and universities Slide 17
18 Scientific research legal grounds for processing Art. 5 (1) b Art. 89 beware of special law e.g. telecommunication law 2017 DFN-CERT Services GmbH GDPR and DPO: Data Protection at research institutions and universities Slide 18
19 Different set of challenges Administration centralized employment local DP coordinator standardized data processing activities may be based on state/national law (public body) Teaching Freedom of teaching (Art. 5 German Grundgesetz) elearning Data Protection! evaluations consent awareness may be based on state/national law as well Guideline: If and only if required for evaluation Research decentralized time-constraints data protection measures conflict with research progress/interests local DP coordinator awareness enforce policy cooperation with other bodies 2017 DFN-CERT Services GmbH GDPR and DPO: Data Protection at research institutions and universities Slide 19
20 GDPR and DPO Remaining challenges 2017 DFN-CERT Services GmbH GDPR and DPO: Remaining challenges Slide 20
21 Interpretation of laws Court decisions affecting interpretations commented printed versions 2017 DFN-CERT Services GmbH GDPR and DPO: Remaining challenges Slide 21
22 Dealing with older or other laws data protection sections may not be applied anymore e.g. private bodies or section is regulated by Union law contrary public bodies or section not regulated by Union law 2017 DFN-CERT Services GmbH GDPR and DPO: Remaining challenges Slide 22
23 eprivacy Regulation 2018 into force May still in draft extends GDPR with regards to information security specify legal situation for electronic communication data refers to GDPR principles and regulations 2017 DFN-CERT Services GmbH GDPR and DPO: Remaining challenges Slide 23
24 Adequacy Decisions EU-US-Privacy-Shield In evaluation after first year New US administration disagrees with privacy regulations for EU citizens Brexit UK government plans to adapt the GDPR after the Brexit Allows an adequacy decision Ruling of ECJ? 2017 DFN-CERT Services GmbH GDPR and DPO: Remaining challenges Slide 24
25 Further trainings Certification GDDcert.EU Certification as data protection officer, focus on data protection organisation and data protection management (in German) TÜV.IT Certification as data protection officer with technical focus (in German) DFN-CERT Conference veranstaltungen/ Datenschutzkonferenz. html Conference organised by DFN-CERT for DFN with focus on data protection (in German) Tutorials veranstaltungen/ EU-Datenschutzgrundvero html Tutorial highlighting Differences between BDSG and GDPR (in German) 2017 DFN-CERT Services GmbH GDPR and DPO: Remaining challenges Slide 25
26 Person of contact Michel Gerdes DPO DFN-CERT Services GmbH DFN-CERT Services GmbH GDPR and DPO: Remaining challenges Slide 26
PREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI
PREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI Jarkko Reittu Data Protection Officer and Legal Counsel University of Helsinki, Administrative Services jarkko.reittu@helsinki.fi 1 MY BACKGROUND JARKKO
More informationPrivacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016
Privacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016 Pēteris Zilgalvis, J.D., Head of Unit for Health and Well-Being, DG CONNECT Table of Contents 1. Context
More informationDo you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?
European Union (EU) General Data Protection Regulation (GDPR) Do you handle EU residents personal data? The GDPR update is coming May 25, 2018. Are you ready? What do you need to do? Governance and Accountability
More informationCisco Spark and GDPR. Thomas Flambeaux. Collaboration Consulting Solution Engineer, Security and Compliance. Cisco Connect 2018 Copenhagen April 12th
Cisco Spark and GDPR Thomas Flambeaux Collaboration Consulting Solution Engineer, Security and Compliance Cisco Connect 2018 Copenhagen April 12th 2015 Cisco and/or its affiliates. All rights reserved.
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationGeneral Data Protection Regulation (GDPR)
BCD Travel s Response to the EU General Data Protection Regulation (GDPR) November 2017 Page 1 Response to the EU GDPR Copyright 2017 by BCD Travel N.V. All rights reserved. November 2017 Copyright 2017
More informationThe Role of the Data Protection Officer
The Role of the Data Protection Officer Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 28 July 2016 www.itgovernance.co.uk Introduction Adrian Ross GRC consultant Infrastructure services
More informationIMPACT OF INTERNATIONAL PRIVACY REGULATIONS. Michelle Caswell, Coalfire Julia Jacobson, K&L Gates
IMPACT OF INTERNATIONAL PRIVACY REGULATIONS Michelle Caswell, Coalfire Julia Jacobson, K&L Gates Introduction to International Privacy Law General Data Protection Regulation 2 2018 HITRUST Alliance What
More informationGeneral Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Michael Eva, London Grid for Learning What is GDPR? General Data Protection Regulation (GDPR) protects the personal data of EU citizens regardless of where the
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationPRIVACY ACROSS THE POND
PRIVACY ACROSS THE POND GDPR, PRIVACY SHIELD AND BREXIT OH MY! ACC NATIONAL CAPITAL REGION 2017 DATA PRIVACY AND SECURITY CONFERENCE SEPTEMBER 13, 2017 Michelle Beistle, CIPP/E/US Jessica Retka Gretchen
More informationGDPR and the Privacy Shield
GDPR and the Privacy Shield Mark Prinsley Partner +44 20 3130 3900 mprinsley@mayerbrown.com Kendall Burman Counsel + 202 263 3210 kburman@mayerbrown.com Speakers Kendall Burman Counsel Washington DC Mark
More informationBHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD
BHBIA New Data Protection Rules Pharma Company Perspective Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD Pharma Company Perspective Data Controllers Responsibilities
More informationYou will see lots of references in the Checklist to the GDPR Pack if you would like to purchase this, go to
Suzanne Dibble 2018. Copyright in this document belongs to Suzanne Dibble. You may not copy or use it for any purpose unless you have purchased this template document from Suzanne Dibble. You may not allow
More informationAdtech and GDPR What to consider when choosing your partner
Adtech and GDPR What to consider when choosing your partner 1 Agenda What to avoid and What to do Where is Adform on GDPR Posibilities for advertisers 2 This is about GDPR, not the unknown eprivacy update
More informationImpacts of the GDPR in Afnic - Registrar relations: FAQ
Impacts of the GDPR in Afnic - Registrar relations: FAQ Background The adoption of Regulation (Eu) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural
More informationHow icims Supports. Your Readiness for the European Union General Data Protection Regulation
How icims Supports Your Readiness for the European Union General Data Protection Regulation The GDPR is the EU s next generation of data protection law. Aiming to strengthen the security and protection
More informationMotorola Mobility Binding Corporate Rules (BCRs)
Motorola Mobility Binding Corporate Rules (BCRs) Introduction These Binding Privacy Rules ( Rules ) explain how the Motorola Mobility group ( Motorola Mobility ) respects the privacy rights of its customers,
More informationPS Mailing Services Ltd Data Protection Policy May 2018
PS Mailing Services Ltd Data Protection Policy May 2018 PS Mailing Services Limited is a registered data controller: ICO registration no. Z9106387 (www.ico.org.uk 1. Introduction 1.1. Background We collect
More informationEXAM PREPARATION GUIDE
EXAM PREPARATION GUIDE PECB Certified Data Protection Officer The objective of the PECB Certified Data Protection Officer examination is to ensure that the candidate has acquired the knowledge and skills
More informationChanging times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon
Changing times in Swiss Data Privacy: new opportunities? Clara-Ann Gordon Which countries have Data Protection Laws? Source: https://www.taylorwessing.com/globaldatahub/risk_map.html Page 2 Different Data
More informationData Processor Agreement
Data Processor Agreement Data Controller: Customer located within the EU (the Data Controller ) and Data Processor: European Representative Company: ONE.COM (B-one FZ-LLC) One.com A/S Reg.no. Reg.no. 19.958
More informationENISA s Position on the NIS Directive
ENISA s Position on the NIS Directive 1 Introduction This note briefly summarises ENISA s position on the NIS Directive. It provides the background to the Directive, explains its significance, provides
More informationData Protection. Code of Conduct for Cloud Infrastructure Service Providers
Data Protection Code of Conduct for Cloud Infrastructure Service Providers 27 JANUARY 2017 Introduction... 3 1 Structure of the Code... 5 2 Purpose... 6 3 Scope... 7 4 Data Protection Requirements... 9
More informationGeneral Data Protection Regulation (GDPR) The impact of doing business in Asia
SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer
More informationGDPR Compliance. Clauses
1 Clauses GDPR The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU). It became enforceable from May 25 2018. The
More informationTo make that choice, please click under privacy policy the checkbox (https://www.uniassist.de/en/privacy-policy/)
Privacy Information Protecting your privacy is important to us, the ARBEITS- UND SERVICESTELLE FÜR INTERNATIONALE STUDIENBEWERBUNGEN (uni-assist) e.v., Geneststraße 5, 10829 Berlin, Germany. You may also
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationData Processing Agreement
Data Processing Agreement Merchant (the "Data Controller") and Nets (the "Data Processor") (separately referred to as a Party and collectively the Parties ) have concluded this DATA PROCESSING AGREEMENT
More informationGeneral Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) a. General Data Protection... 2 b. IT systems compliance... 2 c. Employee awareness... 2 d. Information we hold... 3 e. Data flow & Data sharing... 4 f. Data Accuracies
More informationThe GDPR and NIS Directive: Risk-based security measures and incident notification requirements
The GDPR and NIS Directive: Risk-based security measures and incident notification requirements Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 4 May 2017 Introduction Adrian Ross GRC consultant
More informationSHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT
SHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT AGREEMENT DATED [ ] BETWEEN: (1) SHELTERMANAGER LTD and (2) [ ] ( The Customer ) BACKGROUND (A) (B) (C) This Agreement is to ensure there is in place
More informationDATA PROCESSING TERMS
DATA PROCESSING TERMS Safetica Technologies s.r.o. These Data Processing Terms (hereinafter the Terms ) govern the rights and obligations between the Software User (hereinafter the User ) and Safetica
More informationINFORMATION MEMORANDUM ON DATA PROCESSING
INFORMATION MEMORANDUM ON DATA PROCESSING Dear customers and business partners, the document you are reading contains basic information about the way how we process your personal data. We appreciate the
More informationSCHOOL SUPPLIERS. What schools should be asking!
SCHOOL SUPPLIERS What schools should be asking! Page:1 School supplier compliance The General Data Protection Regulation (GDPR) comes into force on 25 May 2018 and will be applied into UK law via the updated
More informationGetting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions
Getting ready for GDPR Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions GDPR Background Single EU-wide Regulation Harmonizes Global User Data Protection across
More informationLiechtenstein. General I Data Protection Laws. Contributed by Wanger Advokaturbüro. National Legislation. National Regulatory Authority.
Contributed by Wanger Advokaturbüro General I Data Protection Laws National Legislation General data protection laws The Data Protection Act (the DPA ) dated 14 March 2002 and the relevant Ordinance on
More informationElement Finance Solutions Ltd Data Protection Policy
Element Finance Solutions Ltd Data Protection Policy CONTENTS Section Title 1 Introduction 2 Why this Policy Exists 3 Data Protection Law 4 Responsibilities 5 6 7 8 9 10 Data Protection Impact Assessments
More informationINFORMATION TO BE GIVEN 2
(To be filled out in the EDPS' office) REGISTER NUMBER: 1423 (To be filled out in the EDPS' office) NOTIFICATION FOR PRIOR CHECKING DATE OF SUBMISSION: 03/01/2017 CASE NUMBER: 2017-0015 INSTITUTION: ESMA
More informationMore detailed information, including the information about your rights is available below.
Depending on the content of the correspondence, your data will be processed for the purposes of conclusion and performance of the agreement to which you are a party, to fulfil the legal obligation of the
More informationEU GDPR & ISO Integrated Documentation Toolkit https://advisera.com/eugdpracademy/eu-gdpr-iso integrated-documentation-toolkit
EU GDPR & https://advisera.com/eugdpracademy/eu-gdpr-iso-27001-integrated-documentation-toolkit Note: The documentation should preferably be implemented in the order in which it is listed here. The order
More informationArkadin Data protection & privacy white paper. Version May 2018
Arkadin Data protection & privacy white paper Version May 2018 Table of Contents 1- About Arkadin 4 2- Objectives 6 3- What does the GDPR cover? 8 4- What does the GDPR require? 10 5- Who are the data
More informationARE YOU READY FOR GDPR?
SQL Security Whitepaper ARE YOU READY FOR GDPR? BY BOB FULLAM AND STEPHEN STOUT Demonstrate Compliance with IDERA SQL Security Suite OVERVIEW The European Union s General Data Protection Regulation (GDPR)
More informationGeneral Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant
General Data Protection Regulation April 3, 2018 Sarah Ackerman, Managing Director Ross Patz, Consultant Introductions Sarah Ackerman, CISSP, CISA Managing Director, Cincinnati Responsible for overall
More informationPrivacy Policy. You may exercise your rights by sending a registered mail to the Privacy Data Controller.
Privacy Policy Revision date: April, 26th 2018 Privacy and security of personal data are of utmost importance to epresspack and we strive to ensure that our technical and organisational measures we have
More informationEU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know
EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know The General Data Protection Regulation (GDPR) The eprivacy Regulation (epr) The Network and Information Security Directive
More informationPrivacy policy SIdP website EU 2016/679
Privacy policy SIdP website EU 2016/679 Categories of data subjects: Website users and users of the members-only area Update of the privacy policy: 30/08/2018 The present document contains the information
More informationGeneral Data Protection Regulation (GDPR) Key Facts & FAQ s
General Data Protection Regulation (GDPR) Key Facts & FAQ s GDPR comes into force on 25 May 2018 GDPR replaces the Data Protection Act 1998. The main principles are much the same as those in the current
More informationEU GDPR: The General Data Protection Regulation
EU GDPR: The General Data Protection Regulation A Brief Overview Duke Privacy The General Data Protection Regulation Became effective May 25, 2018. Formally codifies privacy as a fundamental right and
More informationAWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
More informationGDPR compliance: some basics & practical to do list
GDPR compliance: some basics & practical to do list Philippe LAURENT independent full service business law firm located in Brussels May 2017 Personal data processing = any operation or set of operations
More informationAIRMIC ENTERPRISE RISK MANAGEMENT FORUM
AIRMIC ENTERPRISE RISK MANAGEMENT FORUM Date 10 November 2016 Name Nick Gibbons Position, PARTNER BLM T: 0207 457 3567 E: Nick.Gibbons@blmlaw.com SUMMARY Cyber crime is now a daily reality Every business
More informationData Protection System of Georgia. Nina Sarishvili Head of International Relations Department
Data Protection System of Georgia Nina Sarishvili Head of International Relations Department 14/12/2016 Legal Framework INTERNATIONAL INSTRUMENTS CoE 108 Convention AP on Supervisory Authorities and Trans-
More informationG DATA Whitepaper. The new EU General Data Protection Regulation - What businesses need to know
G DATA Whitepaper The new EU General Data Protection Regulation - What businesses need to know G DATA Software AG September 2017 Introduction Guaranteeing the privacy of personal data requires more than
More informationTalenom Plc. Description of Data Protection and Descriptions of Registers
Talenom Plc. Description of Data Protection and Descriptions of Registers TALENOM DESCRIPTION OF DATA PROTECTION Last updated 14 March 2018 Scope Limitations Data protection principles Personal data Registers
More informationCreative Funding Solutions Limited Data Protection Policy
Creative Funding Solutions Limited Data Protection Policy CONTENTS Section Title 1 Introduction 2 Why this Policy Exists 3 Data Protection Law 4 Responsibilities 5 6 7 8 9 10 Data Protection Impact Assessments
More informationData Processing Clauses
Data Processing Clauses The examples of processing clauses below are proposed pending the adoption of standard contractual clauses within the meaning of Article 28.8 of general data protection regulation.
More informationGDPR ESSENTIALS END-USER COMPLIANCE TRAINING. Copyright 2018 Logical Operations, Inc. All rights reserved.
GDPR ESSENTIALS END-USER COMPLIANCE TRAINING 1 POTENTIAL MAXIMUM GDPR PENALTY 2 WHAT IS DATA PRIVACY? MOST NOTABLE US/CA PRIVACY LAWS Federal Trade Commission Act, Sec4on 5 California Online Privacy Protec4on
More informationCity, University of London Institutional Repository. This version of the publication may differ from the final published version.
City Research Online City, University of London Institutional Repository Citation: Collins, D. A. & Klotz, E. (2018). GDPR and E-Commerce. City, University of London. This is the published version of the
More informationEU data security and privacy trends
EU data security and privacy trends Top issues for HR and global mobility 26 29 October 2014 Disclaimer EY refers to the global organization, and may refer to one or more, of the member firms of Ernst
More informationEU-R VIDEO SECURITY, DATA PROTECTION AND DATA SECURITY
EU-R P GD VIDEO SECURITY, DATA PROTECTION AND DATA SECURITY EU-GDPR quo vadis, video security? COMPANY PHILOSOPHY single source of trust. New laws: Increasing transparency requirements After a two-year
More informationCall for Expressions of Interest
Call for Expressions of Interest ENISA M/CEI/17/T01 Experts for assisting in the implementation of the annual ENISA Work Programme TECHNICAL DESCRIPTION CONTENTS TECHNICAL DESCRIPTION... 3 1. INTRODUCTION...
More informationJane Nishida and participants of Group D
International Workshop on EIA System and Implementation in Asia 24-26 February 2015, Tokyo, Japan GROUP DISCUSSION ON EMP AND MONITORING (GROUP D) Jane Nishida and participants of Group D 6 MAIN CHALLENGES
More informationBreach Notification in the GDPR Era. Speakers: Sam Pfeifle, IAPP Dennis Holmes, PwC
Breach Notification in the GDPR Era Speakers: Sam Pfeifle, IAPP Dennis Holmes, PwC Welcome Sam Pfeifle, Content Director, IAPP sam@iapp.org Dennis Holmes, Lawyer, Cybersecurity and Data Protection Legal
More informationData Processing Agreement
Data Processing Agreement Addendum to the Main Contract between Simonsen Chartering Aps Christiansmindevej 74 CBR no.: 20702206 (hereinafter referred to as the Shipping Company ) and 3 rd party processing
More informationSecurity Awareness Compliance Requirements. Updated: 11 October, 2017
Security Awareness Compliance Requirements Updated: 11 October, 2017 Executive Summary The purpose of this document is to identify different standards and regulations that require security awareness programs.
More informationAon Service Corporation Law Global Privacy Office. Aon Client Data Privacy Summary
Aon Client Data Privacy Summary Table of Contents Our Commitment to Data Privacy 3 Our Data Privacy Principles 4 Aon Client Data Privacy Summary 2 Our Commitment to Data Privacy Data Privacy Backdrop As
More informationData Processing Agreement
In accordance with the European Parliament- and Council s Directive (EU) 2016/679 of 27th April 2016 (hereinafter GDPR) on the protection of physical persons in connection with the processing of personal
More informationPRIVACY NOTICE 1. Introduction
PRIVACY NOTICE 1. Introduction The protection of the privacy and personal data of our customers, partners and employees is important to us and we work hard to ensure to always process personal data in
More informationma recycle GDPR Privacy Policy .com Rely and Comply... Policy Date: 24 May 2018
ma recycle.com Rely and Comply... GDPR Privacy Policy Policy Date: 24 May 2018 Max Recycle Hawthorne House Blackthorn Way Sedgeletch Industrial Estate Fencehouses Tyne & Wear DH4 6JN T: 0845 026 0026 F:
More informationACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION
ACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION Document Control Owner: Distribution List: Data Protection Officer Relevant individuals who access, use, store or
More informationECTA 32 nd Annual Conference
ECTA 32 nd Annual Conference Paul Maier Director EU Observatory on infringements of IPR Bucharest, 19-22 June 2013 Legal basis Art. 7 Regulation 386/2012 Annual Work Programme Submitted to AB for information
More informationDevelopments in Global Data Protection & Transfer: How They Impact Third-Party Contracts
Developments in Global Data Protection & Transfer: How They Impact Third-Party Contracts Rebecca Eisner Partner +1 312 701 8577 reisner@mayerbrown.com Mark Prinsley Partner +44 20 3130 3900] mprinsley@mayerbrown.com
More informationGDPR Impacts. SEV GDPR Workshop Athens Giles Watkins, UK Country Leader. Wednesday 7th February,
GDPR Impacts SEV GDPR Workshop Athens Giles Watkins, UK Country Leader Wednesday 7th February, 2018 Agenda What is the Privacy Opportunity? What is different under GDPR? Where organisations are focusing?
More informationRobert Bond. Respecting Privacy, Securing Data and Enabling Trust a view from Europe
Respecting Privacy, Securing Data and Enabling Trust a view from Europe Robert Bond, Partner & Notary Public Robert Bond Robert Bond has nearly 40 years' experience in advising national and international
More informationIntroductory guide to data sharing. lewissilkin.com
Introductory guide to data sharing lewissilkin.com Executive Summary Most organisations carry out some form of data sharing, whether it be data sharing between organisations within the group or with external
More informationData Protection and GDPR
Data Protection and GDPR At DPDgroup UK Ltd (DPD & DPD Local) we take data protection seriously and have updated all our relevant policies and documents to ensure we meet the requirements of GDPR. We have
More informationcenter Guide to GDPR
Guide Emailcenter Guide to GDPR For Marketers Contents Introduction...3 What Is GDPR & Why Is This Happening?...4 What Is Going To Change?...5 How You Obtain Email Addresses...6 How You Store Personal
More informationA practical guide to using ScheduleOnce in a GDPR compliant manner
A practical guide to using ScheduleOnce in a GDPR compliant manner Table of Contents Glossary 2 Background What does the GDPR mean for ScheduleOnce users? Lawful basis for processing Inbound scheduling
More informationData Management and Security in the GDPR Era
Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini
More informationPROJECT BACKGROUND AND RATIONALE
PROJECT BACKGROUND AND RATIONALE The political agreement on the EU General Data Protection Regulation (GDPR) has been reached and the new Regulation will be on the books by the end of the first quarter
More information2. Which personal data is processed by SF Studios and from which source does the personal data originate?
PRIVACY NOTICE 1. Introduction The protection of the privacy and personal data of our customers, partners and employees is important to us and we work hard to ensure to always process personal data in
More informationDATA PROTECTION POLICY THE HOLST GROUP
DATA PROTECTION POLICY THE HOLST GROUP INTRODUCTION The purpose of this document is to provide a concise policy regarding the data protection obligations of The Holst Group. The Holst Group is a data controller
More informationRequest for information according to article 15 GDPR about personal data processed by Volkswagen AG
Request for information according to article 15 GDPR about personal data processed by Volkswagen AG Using this form, the request for information according to article 15 GDPR of the personal data processed
More informationPrivacy Policy Hafliger Films SpA
Hafliger Films SpA, with registered office at Via B. Buozzi no. 14-20089 Rozzano (MI), has for many years considered it of fundamental importance to protect the personal details of customers and suppliers,
More informationKnowing and Implementing the GDPR Part 3
Knowing and Implementing the GDPR Part 3 11 a.m. ET, 16:00 GMT March 29, 2017 Welcome & Introductions Panelists Your Host Dave Cohen IAPP Knowledge Manager Omer Tene Vice President Research & Education
More informationTRULY INDEPENDENT CYBER SECURITY SPECIALISTS. Cyber Major
TRULY INDEPENDENT CYBER SECURITY SPECIALISTS Cyber Major 1 WHO WE ARE Cyber Major is a world class, independent and cutting-edge cyber security consultancy. We specialise in conducting full end-to-end
More informationAs set out in the Hong Kong ID card, or any relevant identification document referred to in 1(g) above.
As set out in the Hong Kong ID card, or any relevant identification document referred to in 1(g) above. B (1)B (2) * In the case of a non-hong Kong ID cardholder, state the passport number or any identification
More informationCybersecurity Considerations for GDPR
Cybersecurity Considerations for GDPR What is the GDPR? The General Data Protection Regulation (GDPR) is a brand new legislation containing updated requirements for how personal data of European Union
More informationThe Apple Store, Coombe Lodge, Blagdon BS40 7RG,
1 The General Data Protection Regulation ( GDPR ) is the new legal framework that will come into effect on the 25th of May 2018 in the European Union ( EU ) and will be directly applicable in all EU Member
More information1.3 Please follow the links below for further information. Where relevant, we have made a distinction between different categories of data subjects:
PRIVACY STATEMENT Last date of revision: 18-05-2018 1. WHO DOES THIS GDPR PRIVACY STATEMENT APPLY TO? 1.1 Claeys & Engels cvba ( We or Claeys & Engels ) is a specialist law firm offering a full range of
More informationData protection is important to us
Data protection is important to us According to the requirements of Regulation no. 679/2016 for the protection of individuals with regard to the processing of personal data and the free movement of such
More information1 Who is this guide designed for?
Contents 1 Who is this guide designed for?... 2 2 What does the GDPR change regarding the duty to inform?... 2 3 Who must be informed and when?... 3 4 Where and how to inform?... 4 5 Layered information...
More informationNOTIFICATION FOR PRIOR CHECKING INFORMATION TO BE GIVEN(2)
To be filled out in the EDPS' office REGISTER NUMBER: 0507 NOTIFICATION FOR PRIOR CHECKING Date of submission: 25/05/2009 Case number: 2009-377 Institution: Commission Legal basis: article 27-5 of the
More informationGDPR RECRUITMENT POLICY
> General characteristics Company Credendo Export Credit Agency Date 12/12/2018 Version 1.2 Classification Public Status Final Document reference GDPR Recruitment Policy Revision frequency Ad hoc Document
More informationAttribute Release. Contractual Matters
Attribute Release Technical and Legal Issues Contractual Matters Wolfgang Pempe, DFN-Verein pempe@dfn.de DARIAH/DASISH AAI Workshop, 17/18 October 2013, Cologne Overview Attribute Release Technical Issues
More informationGDPR and digital advertising: Strategies and best practices for implementing GDPR compliance
IP, Tech & Data GDPR and digital advertising: Strategies and best practices for implementing GDPR compliance Presented by: Gerard M. Stegmaier, Partner, Washington, D.C. October 17, 2018 What is GDPR,
More informationSword vs. Shield: Using Forensics Pre-Breach in a GDPR World. September 20, 2017
Sword vs. Shield: Using Forensics Pre-Breach in a GDPR World September 20, 2017 The information and opinions expressed by our panelists today are their own, and do not necessarily represent the views of
More informationCOMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2
COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September 2018 Table of Contents 1. Scope, Purpose and Application to Employees 2 2. Reference Documents 2 3. Definitions 3 4. Data Protection Principles
More information