GDPR Privacy Webinar. Prioritizing Your Path towards GDPR Compliance Annika Sponselee and Nicole Vreeman 28 February 2018
|
|
- Kristopher Short
- 5 years ago
- Views:
Transcription
1 GDPR Privacy Webinar Prioritizing Your Path towards GDPR Compliance Annika Sponselee and Nicole Vreeman 28 February 2018
2 Prioritizing Your Path to GDPR Compliance Presented by
3 Half-Day Workshops Online Webinar Series OneTrust Certification Training PRIVACYCONNECT.COM
4 A short introduction Who are we? Annika Sponselee Partner at Deloitte Risk Advisory and head of Privacy Team Nicole Vreeman Manager at Deloitte Risk Advisor Deloitte The Netherlands 3
5 Privacy / personal data protection in Europe The development of personal data protection within the EU Rapid technological changes endangered our privacy Equal level of personal data protection in all EU Member States 1950 European Convention on Human Rights 1995 Need for rules on EU-level: European Data Protection Directive (95/46/EC) 1998 Creation of Google 2001 National laws adapt: Wet bescherming persoonsgegevens (NL) Creation Facebook and Twitter 2012 Proposal for a new EU Regulation 2016 General Data Protection Regulation adopted Harmonization of the rules concerning privacy and personal data protection throughout the EU 2018 Deloitte The Netherlands 4
6 The Big Picture Key elements of the GDPR FINES UP TO 4% OF GLOBAL TURNOVER Previously fines were limited in size and impact. GDPR fines will apply to both controllers and processors. INCREASED TERRITORIAL SCOPE GDPR will apply to all companies processing the personal data of data subjects residing in the EU, regardless of the company s location. EXPLICIT AND RETRACTABLE CONSENT Must be provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it. DATA SUBJECT RIGHTS Data subjects can request confirmation whether or not their personal data is being processed, where and for what purpose. Additionally, data subjects can request to be forgotten, which entails the removal of all the data related to the data subject. 72 hr???? BREACH NOTIFICATION WITHIN 72 HOURS Security breaches involving personal data may need to be reported to the authorities within 72 hours after detection and possibly be reported to individuals as well. PRIVACY BY DESIGN Now a legal requirement for the inclusion of data protection from the onset of the designing of systems, rather than a retrospective addition. DATA INVENTORY Organizations must maintain a record of processing activities under its responsibility or, in short, they must keep an inventory of all personal data processed. The inventory must include the multiple types of information, such as the purpose of the processing. MANDATORY DATA PROTECTION OFFICERS Appointed in certain cases to facilitate the need to demonstrate compliance to the GDPR and to compensate for no longer requiring bureaucratic submission of data processing activities or transfers based on Model Contract Clauses Deloitte The Netherlands Deloitte Risk Advisory NWE GDPR Brochure
7 Privacy Transformation Program A holistic enterprise privacy program Strategy Organization and Accountability Data Management Policies & procedures Data Transfers Communication, Training & Awareness Audit en compliance Audit and Certification Privacy Impact Assessment Privacy by Design Processing Inventory 2018 Deloitte The Netherlands 6
8 Privacy Transformation Program A phased approach 1. Define 2. Design 3. Implement 4. Operate Mobilize stakeholders Create buy-in Collect baseline information Define (key) stakeholders Define scope, objectives, stakeholders, timeline and [insert company name] involvement for design phase Define business requirements (Re)design, optimize or harmonize draft deliverables (Re)design roles & responsibilities Develop implementation plan Complete relevant review cycles Gather necessary approvals Execute implementation plan Piloting new solutions Optimize and harmonize solutions Implement organizational changes Roll out new processes, roles & responsibilities Starting daily operations in newly designed way Support of managers and staff to ensure that the new situation is operationalized Ensure continuous improvement by using the Plan-Do-Check-Act cycle Ensuring hand over to business Collect and assess existing documentation Train in the use of new processes and solutions Create commitment within organization Gather necessary approvals 2018 Deloitte The Netherlands 7
9 Deloitte s vision on privacy GDPR: turn the headache into opportunity Growth opportunity Regulatory pressure 2018 Deloitte The Netherlands 8
10 2017 Deloitte The Netherlands Subjective Objective Strategy Governance Policies Training & Awareness Data Subject Rights Privacy by Design & Change management Privacy statement Inventory Data Retention DPIA/Risk Assessment x z y Necessary changes in process & technologies Security Data Processing Agreement (Internal) Audit - Controls Data Breach management Data transfer Sub-Data Processing Agreement
11 The General Data Protection Regulation Ten General Concepts Inventory Data Protection Impact Assessment (DPIA) Maintain an overview of processing activities Both controller and processor Contact details, purpose of processing, description of categories of data subjects, description of categories of recipients Make available to Authority upon request A means to identify risks for privacy rights of individuals Prior to the start of the processing activity Formulate appropriate security measures for the identified risks Security measures Agreements with third parties Measures must be taken to secure an appropriate level of security for the processing activity Link to risk assessment You may choose your own measures Controllers may only work with processors that provide sufficient guarantees regarding processing Guarantees concern technical and organization measures There must be a data processing agreement 10
12 The General Data Protection Regulation Ten General Concepts Data transfers Data retention & Data Minimization Within EU/EEA data may be transferred without major restrictions To countries that have an Adequacy Decision given by the European Commission To other countries: additional requirements apply Personal data may not be kept longer than necessary in relation to the purpose for which is was collected Legal obligation / business purpose Retention terms should be implemented Data deletion should be possible Privacy by Design & Privacy by Default Data subjects rights Privacy must be considered at the earliest possible stage in development And also when changes are implemented Default settings should be set to the most privacy friendly option Concerns rights such as access, rectification, deletion, data portability and the right to be forgotten The GDPR does not stipulate what the procedures concerning these rights should look like There are strict time lines for response 11
13 The General Data Protection Regulation Ten General Concepts Transparency Data Breach management Data subjects must be informed about how their data is processed This must be done in a concise, transparent, intelligible and easily accessible form, using clear and plan language Part of providing transparency is having a good privacy statement Organizations are obliged to report security or data breaches to the Data Protection Authority Sometimes it must also be reported to the individuals affected Timelines are tight, so having a clear data breach procedure is important 12
14 Questions? 2018 Deloitte The Netherlands Insert your footer here - confidential 13
15 Learn More About PrivacyConnect
16 2018 WORKSHOP SCHEDULE Free, Half-Day GDPR Workshops 4.5 IAPP CPE Credit Hours OneTrust Certification Program in Select Cities Monthly GDPR Webinar Series Hosted by Top Tier Law Firms & Consultancies RSVP TODAY: PrivacyConnect.com Washington DC Paris New York Amsterdam Frankfurt Seattle Dublin Denver Vienna Dubai Los Angeles Boston Berlin London Munich Toronto Warsaw Milan Madrid Rome Tallinn Atlanta Dallas Portland Budapest Phoenix Brussels San Francisco Chicago Geneva Helsinki Manchester Stockholm Tel Aviv Houston Columbus Prague Belfast This was the best GDPR-focused conference I have ever been to. This was not just a high-level look into requirements, but an in-depth educational experience for myself and my colleagues.
17 OneTrust Certification Program Become a OneTrust Certified Privacy Management Professional LEARN MORE AND REGISTER TODAY AT PrivacyConnect.com
18 Half-Day Workshops Online Webinar Series OneTrust Certification Training PRIVACYCONNECT.COM
19 Thank you for joining the OneTrust / Deloitte GDPR Privacy Webinar! Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ( DTTL ), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as Deloitte Global ) does not provide services to clients. Please see to learn more about our global network of member firms. Deloitte provides audit & assurance, consulting, financial advisory, risk advisory, tax and related services to public and private clients spanning multiple industries. Deloitte serves four out of five Fortune Global 500 companies through a globally connected network of member firms in more than 150 countries and territories bringing world-class capabilities, insights and service to address clients most complex business challenges. To learn more about how Deloitte s approximately 264,000 professionals make an impact that matters, please connect with us on Facebook, LinkedIn, or Twitter. This communication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the Deloitte network ) is, by means of this communication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte network shall be responsible for any loss whatsoever sustained by any person who relies on this communication Deloitte The Netherlands
Plan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationMulti-factor authentication enrollment guide for Deloitte client or business partner user
Deloitte OnLine eroom Global Technology Services December 2017 Multi-factor authentication enrollment guide for Deloitte client or business partner user What is multi-factor authentication (MFA) and how
More informationMFA Enrollment Guide. Multi-Factor Authentication (MFA) Enrollment guide STAGE Environment
Multi-Factor Authentication (MFA) Enrollment guide STAGE Environment December 2017 00 Table of Contents What is MFA and how does it impact the way I sign into applications? 2 MFA Enrollment Log-in 3 Setup
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationDo you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?
European Union (EU) General Data Protection Regulation (GDPR) Do you handle EU residents personal data? The GDPR update is coming May 25, 2018. Are you ready? What do you need to do? Governance and Accountability
More informationEY s data privacy service offering
EY s data privacy service offering How to transform your data privacy capabilities for an EU General Data Protection Regulation (GDPR) world Introduction Data privacy encompasses the rights and obligations
More informationCreating your own payment card Joost Kremers MSc CEH
Joost Kremers MSc CEH Contents Who am I? Introduction Landscape Landscape elements Hardware Security Modules Key Management 1 Who am I? Joost Kremers MSc CEH 2007-2014: Computer Science @ RU/TU/e/Utwente
More informationThe New Healthcare Economy is rising up
The New Healthcare Economy is rising up February 2017 The ever-rising costs of healthcare are fostering innovative solutions and disruptive business models Cybersecurity concerns come to medical technology
More informationAdopting SSAE 18 for SOC 1 reports
Adopting SSAE 18 for SOC 1 reports Overview Since its adoption in 2011, service auditor reports issued in accordance with SSAE 16 have become increasingly common in the marketplace. In April 2016, the
More informationEU General Data Protection Regulation (GDPR) A Point of View for Technology Sector Organisations. For private circulation only.
EU General Data Protection Regulation (GDPR) A Point of View for Technology Sector Organisations For private circulation only Cyber Risk Preface Does the EU GDPR impact organisations in India? Yes! This
More informationGDPR and digital advertising: Strategies and best practices for implementing GDPR compliance
IP, Tech & Data GDPR and digital advertising: Strategies and best practices for implementing GDPR compliance Presented by: Gerard M. Stegmaier, Partner, Washington, D.C. October 17, 2018 What is GDPR,
More informationAchieving effective risk management and continuous compliance with Deloitte and SAP
Achieving effective risk management and continuous compliance with Deloitte and SAP 2 Deloitte and SAP: collaborating to make GRC work for you Meeting Governance, Risk and Compliance (GRC) requirements
More informationCyber Security is it a boardroom issue?
Brisbane, 23 September 2014 Alistair Blake Director Cyber Security & Risk Services Today s session will cover Cyber Security and the Boardroom Executive sponsorship Organisational culture Operational readiness
More informationAssociation of Corporate Counsel
Type in document reference # if needed Privacy protection in a Globalized World Association of Corporate Counsel New York, 24 March 2015 1 The plan Bringing out the main cross-border privacy issues for
More informationGeneral Data Protection Regulation (GDPR) NEW RULES
General Data Protection Regulation (GDPR) NEW RULES AGENDA A. GDPR : general overview B. Sectorial topics and concerns GDPR GENERAL OVERVIEW 1. GDPR : WHAT IS IT AND WHY CARE? 27 April 2016 : Approval
More informationCustomer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach
Customer Breach Support A Deloitte managed service Notifying, supporting and protecting your customers through a data breach Customer Breach Support Client challenges Protecting your customers, your brand
More informationGeneral Data Protection Regulation (GDPR) The impact of doing business in Asia
SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer
More informationGeneral Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Deloitte NWE Privacy Services Vision and Approach Deloitte Risk Advisory - 2018 The Big Picture Key elements of the GDPR FINES UP TO 4% OF GLOBAL TURNOVER Previously
More informationImplementing the new GDPR: what does it mean for Universities?
Implementing the new GDPR: what does it mean for Universities? Case study Alumni Portal Cosimo Monda Director - European Centre on Privacy and Cybersecurity Maastricht University Twitter: @ecpcmaastricht
More informationGDPR compliance: some basics & practical to do list
GDPR compliance: some basics & practical to do list Philippe LAURENT independent full service business law firm located in Brussels May 2017 Personal data processing = any operation or set of operations
More informationDeveloping your GDPR response for competitive advantage. EU General Data Protection Regulation (GDPR)
Developing your GDPR response for competitive advantage EU General Data Protection Regulation (GDPR) Introduction In May 2018, the EU s new GDPR ushers in unprecedented levels of data protection for EU
More information#DeloitteInnovation: In-Time Uncover the Potential of SAP HANA
#DeloitteInnovation: In-Time Uncover the Potential of SAP HANA Deloitte In-Time in a Nutshell In-Time is the first and only SAP HANA optimization add-on that can analyze the effectiveness of SAP HANA usage
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationEY s data privacy service offering. How to transform your data privacy capabilities for an EU General Data Protection Regulation (GDPR) world
EY s data privacy service offering How to transform your data privacy capabilities for an EU General Data Protection Regulation (GDPR) world In May 2018, the European Union s new General Data Protection
More informationHOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA
HOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA Ksenia Andreeva Anastasia Dergacheva Vasilisa Strizh November 27, 2018 2018 Morgan, Lewis & Bockius 2017 Morgan, Lewis & Bockius Contents News from the Russian
More informationTHE PLATFORM EQUINIX VISION
THE PLATFORM EQUINIX VISION Build Here, and Go Anywhere SUMMARY Key trends are driving the need for a single interconnection platform for digital business On the Equinix global interconnection platform
More informationBHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD
BHBIA New Data Protection Rules Pharma Company Perspective Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD Pharma Company Perspective Data Controllers Responsibilities
More informationPrivacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016
Privacy Code of Conduct on mhealth apps the role of soft-law in enhancing trust ehealth Week 2016 Pēteris Zilgalvis, J.D., Head of Unit for Health and Well-Being, DG CONNECT Table of Contents 1. Context
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationIntroduction. When it comes to GDPR compliance, is OK for now enough? Minds made for protecting financial services
When it comes to GDPR compliance, is OK for now enough? EY CertifyPoint s GDPR certification process will help you achieve and demonstrate compliance. Minds made for protecting financial services Introduction
More informationHow icims Supports. Your Readiness for the European Union General Data Protection Regulation
How icims Supports Your Readiness for the European Union General Data Protection Regulation The GDPR is the EU s next generation of data protection law. Aiming to strengthen the security and protection
More informationThe Role of the Data Protection Officer
The Role of the Data Protection Officer Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 28 July 2016 www.itgovernance.co.uk Introduction Adrian Ross GRC consultant Infrastructure services
More informationMagento GDPR Frequently Asked Questions
Magento GDPR Frequently Asked Questions Whom does GDPR impact? Does this only impact European Union (EU) based companies? The new regulation provides rules that govern how companies may collect and handle
More informationProtection of clients information in the age of IT ECBA Spring Conference Prague 2017 Jan Balatka, Analytic & Forensic Technology
Protection of clients information in the age of IT ECBA Spring Conference Prague 2017 Jan Balatka, Analytic & Forensic Technology Agenda 1 Information lifecycle 2 How to protect information 3 Is it enough?
More information#DeloitteInnovation: In-Time How efficiently do you use your SAP HANA?
#DeloitteInnovation: In-Time How efficiently do you use your SAP HANA? Deloitte In-Time in a Nutshell In-Time is the first and only SAP HANA optimization software that can analyze the effectiveness of
More informationRisk Advisory Academy Training Brochure
Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty
More informationGDPR is coming in less than 2 months Are you ready?
GDPR is coming in less than 2 months Are you ready? Charles-Albert Helleputte Partner, Brussels +32 2 551 5982 chelleputte@mayerbrown.com 30 March 2018 2 GDPR is everywhere... You were invited by UNICEO
More informationCIPP/E CIPT. Data Protection Technologist (DPT) Training Bundle Official IAPP Training and Certification
CIPP/E CIPT Data Protection Technologist (DPT) Training Bundle Official IAPP Training and Certification The CIPP/E + CIPT credentials shows you ve got the knowledge to build your organization s privacy
More informationTHE PLATFORM EQUINIX VISION
THE PLATFORM EQUINIX VISION Build Here, and Go Anywhere SUMMARY Key trends are driving the need for a single interconnection platform for digital business On the Equinix global interconnection platform
More informationImpacts of the GDPR in Afnic - Registrar relations: FAQ
Impacts of the GDPR in Afnic - Registrar relations: FAQ Background The adoption of Regulation (Eu) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural
More informationEU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know
EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know The General Data Protection Regulation (GDPR) The eprivacy Regulation (epr) The Network and Information Security Directive
More informationCFOs in a new global environment Sandy Cockrell, Deloitte
CFOs in a new global environment Sandy Cockrell, Deloitte CFOs in a new global environment 1 2 3 Background The CFO role CFOs Challenges Where does our data come from? How is the CFO role evolving in the
More informationAon Service Corporation Law Global Privacy Office. Aon Client Data Privacy Summary
Aon Client Data Privacy Summary Table of Contents Our Commitment to Data Privacy 3 Our Data Privacy Principles 4 Aon Client Data Privacy Summary 2 Our Commitment to Data Privacy Data Privacy Backdrop As
More informationAchieving third-party reporting proficiency with SOC 2+
Achieving third-party reporting proficiency with SOC 2+ Achieving third-party reporting proficiency with SOC 2+ Today s organizations do business within a broad ecosystem. Customers, partners, agents,
More informationThe HIPAA Security & Privacy Rule How Municipalities Can Prepare for Compliance
The HIPAA Security & Privacy Rule How Municipalities Can Prepare for Compliance Russell L. Jones Partner Health Sciences Sector Deloitte & Touche LLP Security & Privacy IMLA 2013 Annual Conference San
More informationDemonstrating data privacy for GDPR and beyond
Demonstrating data privacy for GDPR and beyond EY data privacy assurance services Introduction The General Data Protection Regulation (GDPR) is ushering in a new era of data privacy in Europe. Organizations
More informationGeneral Data Protection Regulation (GDPR)
BCD Travel s Response to the EU General Data Protection Regulation (GDPR) November 2017 Page 1 Response to the EU GDPR Copyright 2017 by BCD Travel N.V. All rights reserved. November 2017 Copyright 2017
More informationGDPR Impacts. SEV GDPR Workshop Athens Giles Watkins, UK Country Leader. Wednesday 7th February,
GDPR Impacts SEV GDPR Workshop Athens Giles Watkins, UK Country Leader Wednesday 7th February, 2018 Agenda What is the Privacy Opportunity? What is different under GDPR? Where organisations are focusing?
More informationSpread your wings Professional qualifications and development at Deloitte. What impact will you make? careers.deloitte.com
Spread your wings Professional qualifications and development at Deloitte What impact will you make? careers.deloitte.com It s your future. How far will you take it? Do you want to make an impact in your
More informationGeneral Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Deloitte NWE Privacy Services Vision and Approach Deloitte Risk Advisory - 2017 The Big Picture Key changes of the GDPR Fines of up to 4% of annual global turnover
More informationPrivacy and Data Protection Draft Personal Data Protection Bill 2018: A Summary. For Private Circulation Only August 2018.
Privacy and Data Protection Draft Personal Data Protection Bill 2018: A Summary For Private Circulation Only August 2018 Introduction Protection of of data principal* is at the core of the draft Personal
More informationEXAM PREPARATION GUIDE
EXAM PREPARATION GUIDE PECB Certified Data Protection Officer The objective of the PECB Certified Data Protection Officer examination is to ensure that the candidate has acquired the knowledge and skills
More informationDesign by Privacy: A holistic approach to privacy by design
Design by Privacy: A holistic approach to privacy by design Erik Luysterborg (EMEA Data Protection & Privacy Practice Lead) Jan Vanhaecht (EMEA IAM Practice Lead) Privacy Café, Mechelen, 14th December
More informationKnowing and Implementing the GDPR Part 3
Knowing and Implementing the GDPR Part 3 11 a.m. ET, 16:00 GMT March 29, 2017 Welcome & Introductions Panelists Your Host Dave Cohen IAPP Knowledge Manager Omer Tene Vice President Research & Education
More informationThe Future of IT Internal Controls Automation: A Game Changer. January Risk Advisory
The Future of IT Internal Controls Automation: A Game Changer January 2018 Risk Advisory Contents Introduction 01 Future Operating Models for Managing Internal Controls 02 Summary 07 Introduction Internal
More informationGDPR - Are you ready?
GDPR - Are you ready? Anne-Marie Bohan and Michael Finn 24 March 2018 Matheson Ranked Ireland s Most Innovative Law Firm Financial Times 2017 International Firm in the Americas International Tax Review
More informationGDPR Compliance. Clauses
1 Clauses GDPR The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a privacy and data protection regulation in the European Union (EU). It became enforceable from May 25 2018. The
More informationGDPR and the Privacy Shield
GDPR and the Privacy Shield Mark Prinsley Partner +44 20 3130 3900 mprinsley@mayerbrown.com Kendall Burman Counsel + 202 263 3210 kburman@mayerbrown.com Speakers Kendall Burman Counsel Washington DC Mark
More informationPROJECT BACKGROUND AND RATIONALE
PROJECT BACKGROUND AND RATIONALE The political agreement on the EU General Data Protection Regulation (GDPR) has been reached and the new Regulation will be on the books by the end of the first quarter
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationEmerging Technologies The risks they pose to your organisations
Emerging Technologies The risks they pose to your organisations 10 June 2016 Digital trends are fundamentally changing the way that customers behave and companies operate Mobile Connecting people and things
More informationGeneral Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Michael Eva, London Grid for Learning What is GDPR? General Data Protection Regulation (GDPR) protects the personal data of EU citizens regardless of where the
More informationEU GDPR & ISO Integrated Documentation Toolkit https://advisera.com/eugdpracademy/eu-gdpr-iso integrated-documentation-toolkit
EU GDPR & https://advisera.com/eugdpracademy/eu-gdpr-iso-27001-integrated-documentation-toolkit Note: The documentation should preferably be implemented in the order in which it is listed here. The order
More informationIMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES
IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data
More informationCyber Risk and Networked Medical Devices
Cyber Risk and Networked Medical Devices Hot Topics Deloitte & Touche LLP February 2016 Copyright Scottsdale Institute 2016. All Rights Reserved. No part of this document may be reproduced or shared with
More informationGeneral Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant
General Data Protection Regulation April 3, 2018 Sarah Ackerman, Managing Director Ross Patz, Consultant Introductions Sarah Ackerman, CISSP, CISA Managing Director, Cincinnati Responsible for overall
More informationEU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS
EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS 18 May 2014 Monica Salgado Portuguese Laywer (Advogada) / Registered European Lawyer Janine Regan Solicitor Monica Salgado Monica is a Portuguese qualified
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationSCCE ECEI 2014 EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS. Monica Salgado JANINE REGAN CIPP/E
EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS 18 May 2014 Monica Salgado Portuguese Laywer (Advogada) / Registered European Lawyer Janine Regan Solicitor Monica Salgado Monica is a Portuguese qualified
More informationEmbedding GDPR into the SDLC. Sebastien Deleersnyder Siebe De Roovere
Embedding GDPR into the SDLC Sebastien Deleersnyder Siebe De Roovere Who is Who? Sebastien Deleersnyder 5 years developer experience 15+ years information security experience Application security consultant
More informationDeloitte Audit and Assurance Tools
Deloitte Audit and Assurance Tools Privacy Statement Last updated: 26 September 2017 Introduction This Privacy Statement applies to our various audit and assurance tools and other related online tools
More informationBUILT FOR THE STORM. AND THE NORM.
BUILT FOR THE STORM. AND THE NORM. Data volumes are overwhelming. Stakes are sky-high. Time frames are shorter than ever. GET ANSWERS NOW. EM[URGENT]CY EXIT In a world where the routine can quickly become
More informationGeneral Data Protection Regulation Preparing for a new era in Privacy
General Data Protection Regulation Preparing for a new era in Privacy 2017 General Data Protection Regulation The key points The General Data Protection Regulation After four years of negotiations, the
More informationEmbedding GDPR into the SDLC
Embedding GDPR into the SDLC Sebastien Deleersnyder Siebe De Roovere Toreon 2 Who is Who? Sebastien Deleersnyder Siebe De Roovere 5 years developer experience 15+ years information security experience
More informationPreface. Operations within the EU. Serving the EU customers. Third parties operating in the EU
Cyber Risk EU General Data Protection Regulation (GDPR) I A Point of View for Global In-house Centres (GICs) in India Preface Does the EU GDPR impact organisations in India? Yes! This new law will have
More information2. Who we collect information (data) from & why we collect it
1. Introduction Our Privacy Policy applies to the personal data that Ambrey collects and uses. References in this Privacy Policy to Ambrey, we, us or our mean Ambrey Limited and the Ambrey Group of companies:
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More informationEY Cyber Response Services. Plan. React. Recover.
EY Cyber Response Services Plan. React. Recover. Insurance claim preparation Data recovery How EY can help Data privacy and GDPR compliance Cyber planning Our full suite of cyber capabilities Litigation
More informationData Management and Security in the GDPR Era
Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini
More informationTHE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES. Forum financier du Brabant wallon
THE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES Forum financier du Brabant wallon 14.12.2017 Data Protection should be part of every company s or organisation s DNA Do you process
More informationPREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI
PREPARING FOR THE GDPR AT THE UNIVERSITY OF HELSINKI Jarkko Reittu Data Protection Officer and Legal Counsel University of Helsinki, Administrative Services jarkko.reittu@helsinki.fi 1 MY BACKGROUND JARKKO
More informationCloud Computing - Reaping the Benefits and Avoiding the Pitfalls. Stuart James & Delizia Diaz. Intellectual Property & Technology Webinar
Intellectual Property & Technology Webinar Cloud Computing - Reaping the Benefits and Avoiding the Pitfalls Stuart James & Delizia Diaz 37 Offices in 18 Countries Birmingham Wednesday, 11 July 2012 Speakers
More informationAIRMIC ENTERPRISE RISK MANAGEMENT FORUM
AIRMIC ENTERPRISE RISK MANAGEMENT FORUM Date 10 November 2016 Name Nick Gibbons Position, PARTNER BLM T: 0207 457 3567 E: Nick.Gibbons@blmlaw.com SUMMARY Cyber crime is now a daily reality Every business
More informationReal estate predictions 2017 What changes lie ahead?
Real estate predictions 2017 What changes lie ahead? Cyber Risk 2017. For information, contact Deloitte Consultores, S.A. Real Estate Predictions 2017 2 Cyber Risk Rising cyber risk in real estate through
More informationQ&A for Citco Fund Services clients The General Data Protection Regulation ( GDPR )
Q&A for Citco Fund Services clients The General Data Protection Regulation ( GDPR ) May 2018 Document Classification Public Q&A for Citco Fund Services clients in relation to The General Data Protection
More informationCyber Espionage A proactive approach to cyber security
Cyber Espionage A proactive approach to cyber security #DeloitteRA To mitigate the risks of advanced cyber threats, organisations should enhance their capabilities to proactively gather intelligence and
More informationYou will see lots of references in the Checklist to the GDPR Pack if you would like to purchase this, go to
Suzanne Dibble 2018. Copyright in this document belongs to Suzanne Dibble. You may not copy or use it for any purpose unless you have purchased this template document from Suzanne Dibble. You may not allow
More informationPRIVACY NOTICE 1. Introduction
PRIVACY NOTICE 1. Introduction The protection of the privacy and personal data of our customers, partners and employees is important to us and we work hard to ensure to always process personal data in
More informationUSER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy.
These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy. I. OBJECTIVE ebay s goal is to apply uniform, adequate and global data protection
More informationACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION
ACCOUNTING TECHNICIANS IRELAND DATA PROTECTION POLICY GENERAL DATA PROTECTION REGULATION Document Control Owner: Distribution List: Data Protection Officer Relevant individuals who access, use, store or
More informationUnderstand & Prepare for EU GDPR Requirements
Understand & Prepare for EU GDPR Requirements The information landscape has changed significantly since the European Union (EU) introduced its Data Protection Directive in 1995 1 aimed at protecting the
More informationChanging times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon
Changing times in Swiss Data Privacy: new opportunities? Clara-Ann Gordon Which countries have Data Protection Laws? Source: https://www.taylorwessing.com/globaldatahub/risk_map.html Page 2 Different Data
More informationFrom Dabbling to Doing The Age of the Intuitive Enterprise
GMA Executive Forum From Dabbling to Doing The Age of the Intuitive Enterprise The Clorox Company Unilever Deloitte Consulting LLP please welcome our panelists Frank Tataseo EVP, New Business Development
More informationThe NIS Directive and Cybersecurity in
The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security
More information2. Which personal data is processed by SF Studios and from which source does the personal data originate?
PRIVACY NOTICE 1. Introduction The protection of the privacy and personal data of our customers, partners and employees is important to us and we work hard to ensure to always process personal data in
More informationG DATA Whitepaper. The new EU General Data Protection Regulation - What businesses need to know
G DATA Whitepaper The new EU General Data Protection Regulation - What businesses need to know G DATA Software AG September 2017 Introduction Guaranteeing the privacy of personal data requires more than
More informationAWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
More informationDeloitte Discovery Caribbean & Bermuda Countries Guide
Deloitte Discovery Caribbean & Bermuda Countries Guide Deloitte Discovery Caribbean & Bermuda Countries Guide Caribbean & Bermuda Countries Our Region Deloitte CBC primarily serves businesses located or
More informationARTICLE 29 DATA PROTECTION WORKING PARTY
ARTICLE 29 DATA PROTECTION WORKING PARTY 18/EN WP261 Article 29 Working Party Draft Guidelines on the accreditation of certification bodies under Regulation (EU) 2016/679 Adopted on 6 february 2018 1 THE
More information