The GDPR Are you ready?

Similar documents
EU General Data Protection Regulation (GDPR) Achieving compliance

GDPR: A QUICK OVERVIEW

Do you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?

SCHOOL SUPPLIERS. What schools should be asking!

Aon Service Corporation Law Global Privacy Office. Aon Client Data Privacy Summary

HIPAA Privacy, Security and Breach Notification

General Data Protection Regulation (GDPR)

BHConsulting. Your trusted cybersecurity partner

Data Management and Security in the GDPR Era

Plan a Pragmatic Approach to the new EU Data Privacy Regulation

Changing times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon

How icims Supports. Your Readiness for the European Union General Data Protection Regulation

Testers vs Writers: Pen tests Quality in Assurance Projects. 10 November Defcamp7

Accelerate GDPR compliance with the Microsoft Cloud

How to avoid storms in the cloud. The Australian experience and global trends

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions

Cyber security and awareness for non-financial services. 24/25 May 2017

G DATA Whitepaper. The new EU General Data Protection Regulation - What businesses need to know

CYBER CAMPUS KPMG BUSINESS SCHOOL THE CYBER SCHOOL FOR THE REAL WORLD. The Business School for the Real World

COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2

General Data Protection Regulation (GDPR)

GDPR compliance: some basics & practical to do list

General Data Protection Regulation (GDPR) NEW RULES

EU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?

General Data Protection Regulation (GDPR) and the Implications for IT Service Management

BHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD

EU GDPR & ISO Integrated Documentation Toolkit integrated-documentation-toolkit

Data Protection and GDPR

Cybersecurity Considerations for GDPR

GDPR How to Comply in an HPE NonStop Environment. Steve Tcherchian GTUG Mai 2018

General Data Protection Regulation (GDPR) Key Facts & FAQ s

EY s data privacy service offering. How to transform your data privacy capabilities for an EU General Data Protection Regulation (GDPR) world

General Data Protection Regulation: Knowing your data. Title. Prepared by: Paul Barks, Managing Consultant

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

BHConsulting. Your trusted cybersecurity partner

Sword vs. Shield: Using Forensics Pre-Breach in a GDPR World. September 20, 2017

This Policy has been prepared with due regard to the General Data Protection Regulation (EU Regulation 2016/679) ( GDPR ).

Developing your GDPR response for competitive advantage. EU General Data Protection Regulation (GDPR)

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

IT MANAGEMENT AND THE GDPR: THE VMWARE PERSPECTIVE

NEWSFLASH GDPR N 8 - New Data Protection Obligations

PROTECT YOUR DATA AND PREPARE FOR THE EUROPEAN GENERAL DATA PROTECTION REGULATION

EU General Data Protection Regulation (GDPR) A Point of View for Technology Sector Organisations. For private circulation only.

Data Protection Policy

EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know

Robert Bond. Respecting Privacy, Securing Data and Enabling Trust a view from Europe

ARE YOU READY FOR GDPR?

The Role of the Data Protection Officer

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Islam21c.com Data Protection and Privacy Policy

Prohire Software Systems Limited ("Prohire")

PS Mailing Services Ltd Data Protection Policy May 2018

Cyber Security. It s not just about technology. May 2017

Physical security advisory services Securing your organisation s future

What Directors and C-Suite professionals need to know kpmg.ca/insuranceconference2017

What You Need to Know About Addressing GDPR Data Subject Rights in Pivot

General Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant

Security Hygiene. Be in a defensible position. Be cyber resilient. November 8 th, 2017

EY s data privacy service offering

EY s Data Privacy Services. January 2019

GDPR. Lessons Learned

THE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES. Forum financier du Brabant wallon

Our agenda. The basics

A practical guide to using ScheduleOnce in a GDPR compliant manner

GDPR is coming in less than 2 months Are you ready?

Disruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise

DEPARTMENT OF JUSTICE AND EQUALITY. Data Protection Policy

THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE

Knowing and Implementing the GDPR Part 3

1. Right of access. Last Approval Date: May 2018

AIRMIC ENTERPRISE RISK MANAGEMENT FORUM

Data Sheet The PCI DSS

This guide is for informational purposes only. Please do not treat it as a substitute of a professional legal

GDPR: A technical perspective from Arkivum

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

Clarity on Cyber Security. Media conference 29 May 2018

GDPR AND WHAT IT MEANS FOR CRM AND CUSTOMER ENGAGEMENT MAY. A 7-step practical guide to achieving and maintaining GDPR compliance by 25 May 2018

Google Cloud & the General Data Protection Regulation (GDPR)

The Apple Store, Coombe Lodge, Blagdon BS40 7RG,

Lead Forensics Software Data Compliance Policy

ADMA Briefing Summary March

Meeting GDPR Requirements with GoAnywhere MFT

General Data Protection Regulation Frequently Asked Questions (FAQ) General Questions

Arkadin Data protection & privacy white paper. Version May 2018

Survey - Governance, Risk and Compliance

Impacts of the GDPR in Afnic - Registrar relations: FAQ

IEEE GDPR Implementation & NTC

National College for High Speed Rail DATA BREACH NOTIFICATION PROCEDURE

The GDPR and NIS Directive: Risk-based security measures and incident notification requirements

Adtech and GDPR What to consider when choosing your partner

USER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy.

Data Protection Policy

Charting the Course to GDPR: Setting Sail

General Data Protection Regulation (GDPR) The impact of doing business in Asia

Leveraging ediscovery Technology for Internal Audit 2016 Houston IIA 7th Annual Conference

WHITE PAPER. Meeting GDPR Challenges with Delphix. KuppingerCole Report

Vanderbilt Video Surveillance. EU General Data Protection Regulation A Compliance Guide

Data Processing Agreement

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

Eight Minute Expert GDPR. Login. Password

Transcription:

The GDPR Are you ready? kpmg.ie

The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection framework under the EU Data Protection Directive. This regulation imposes new obligations and stricter requirements on all organisations involved in the processing of personal data, emphasising transparency, security and accountability. Objectives The primary objectives of the GDPR are to: Institute citizens rights in controlling their personal data Simplify the regulatory business environment by adopting a unified regulation across the EU Implications Failure to comply with the directive may result in: Fines of up to 20,000,000 or 4% of total annual global turnover (whichever is greater) Reputational risk Individuals are also empowered to bring private claims against organisations where their data privacy has been infringed THE GENERAL DATA PROTECTION REGULATION 1

The GDPR - Summary of key requirements GDPR contains 99 articles and 173 recitals. A summary of key requirements include: Personal data Extended definition now includes direct and indirect identification. Breach notification obligation Breach notification within 72 hours of identification. Accountability Mandatory accountability culture, privacy management activities and record keeping with enforcement policies. Privacy impact assessments Regular testing, assessment and evaluation of effectiveness of technical and organisational measures. Vendor Management Liability now includes both data controllers and data processors making vendor management a critical aspect. Expanded personal privacy rights Additional rights of access, notice, consent, portability, objection, profiling and erasure. Data protection officer Under certain circumstances, requirement for an assigned and empowered DPO to steer compliance. Cross-border data transfer Restrictions on the transfer of data outside the EU unless certain conditions are met. Privacy by design and default Embed privacy-related technical and organisational measures into design and by default only process personal data where necessary. 2 THE GENERAL DATA PROTECTION REGULATION

The GDPR and YOU If your organisation processes personal data, you will need to be in compliance with the GDPR by the 25th May 2018 Do you have interactions with individuals? e.g. via Sales, Procurement, Marketing, Human Resource and Payroll processes What is your Data Privacy strategy People/Process/Technology and Protect/Detect/Respond? Do you have a culture of Data Monitoring? Are your employees aware of the GDPR implications? Who is in charge of Data Privacy and Protection in the company? Do you know where your data is stored and who has access to it? Did you obtain the data on a lawful basis? Is it shared outside of the EU? Do you know how your third parties safeguard your data? 3 THE GENERAL DATA PROTECTION REGULATION THE GENERAL DATA PROTECTION REGULATION 3

How KPMG can help Implementing GDPR requires a multi-disciplinary team of subject matter experts. KPMG S unrivalled experience of large transformational change projects means we understand the challenges facing you and can assist you in addressing them. GDPR Readiness Management Consulting Forensic Services Legal Services Risk Consulting GDPR Readiness Assessment GDPR Programme Planning & Management Data Governance Process Design Change Management Data Discovery Where complexity requires a softwaredriven response Ongoing monitoring and control over your personal data storage Legal basis for Data Processing activities Data Retention and Security Requirements Data Processing Rules Privacy and Data Protection notices to meet the GDPR requirements Data Protection Risk, Process and Control Assessments Information Security & Controls Cyber Security 3rd Party Contract Review 4 THE GENERAL DATA PROTECTION REGULATION

How KPMG can help We can offer you a full range of services which can be customised to suit your specific needs at any stage in your journey to GDPR readiness. ASSESS GDPR readiness assessment Create & collate personal data registers Start Now 1 IMPLEMENT Revised data governance structures Policies, procedures, notices & contract changes Staff training & awareness DESIGN Initiate GDPR readiness programme Design your data protection & governance framework 3 2 MONITOR Demonstrate ongoing compliance Regular testing, assessing & evaluation of security measures 4 GDPR 25 th May 2018 5 THE GENERAL DATA PROTECTION REGULATION THE GENERAL DATA PROTECTION REGULATION 5

Market Leading GDPR Consulting Provider Michael Daughton Partner, Risk Consulting T. +353 1 410 2965 E. michael.daughton@kpmg.ie John Poole Partner, Audit & Assurance T. +44 28 9089 3854 E. john.poole@kpmg.ie Bernard O Hara Director, Risk Consulting T. +44 28 9089 3725 E. bernard.ohara@kpmg.ie William O Brien Director, Forensics T. +353 1 700 4119 E. william.obrien@kpmg.ie Gordon Wade Associate Director, Legal Services T. +353 1 700 4806 E. gordon.wade@kpmg.ie Tony Hughes Associate Director, Risk Consulting T. +353 1 700 4229 E. tony.hughes@kpmg.ie(details will follow) kpmg.ie 2018 KPMG, a partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. The KPMG name and logo are registered trademarks of KPMG International Cooperative ( KPMG International ), a Swiss entity. If you ve received this communication directly from KPMG, it is because we hold your name and company details for the purpose of keeping you informed on a range of business issues and the services we provide. If you would like us to delete this information from our records and would prefer not to receive any further updates from us please unsubscribe from all here or contact unsubscribe@kpmg.ie. Produced by: KPMG s Creative Services. Publication Date: February 2018. (3616)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback