SlideShare ist ein Scribd-Unternehmen logo

General Data Protection Regulation

Als PPTX, PDF herunterladen
BCC - Solutions for IBM Collaboration Software
BCC - Solutions for IBM Collaboration Software

MWLUG - 2017 Tim Clark & Stephanie Heit Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready. Data sources are in the final slides. For more information about how BCC can help you get your Domino data ready for GDPR please contact us here. http://bcchub.com/bcc-domino-protect/

Technologie
1 von 28
MWLUG 2017 Moving Collaboration Forward General Data Protection Regulation. Ignoring this = Paying Fines! Tim Clark Stephanie Heit BCC Ltd.
MWLUG 2017 Moving Collaboration Forward Our Amazing Sponsors
MWLUG 2017 Moving Collaboration Forward Agenda • BCC, Stephanie & Tim • What is GDPR • Who it affects • What you have to do • Penalties • Summary • Where to find more information
MWLUG 2017 Moving Collaboration Forward Presenters • Tim Clark • Director Services & Support • IBM Champion 13-17 • Stephanie Heit • Director, BCC Ltd • 17 years with Notes & Domino
MWLUG 2017 Moving Collaboration Forward About BCC • Founded in 1996 • IBM Business Partner • Locations: Frankfurt (HQ), London, Boston • 800+ customers
MWLUG 2017 Moving Collaboration Forward BCC Solutions
MWLUG 2017 Moving Collaboration Forward • Europe – Personal self determination – Personal Data Protection – Laws, not directives • USA – Consumer focused – Treated fairly – Not Protected – Directives, not laws Cultural Differences
MWLUG 2017 Moving Collaboration Forward What is GDPR • General Data Protection Regulations – Regulation • (EU) 2016/679 (88 pages) – Directives • (EU) 2016/680 (43pages) • (EU) 2016/681 (18 pages) • Now the boring stuff is out of the way…..
MWLUG 2017 Moving Collaboration Forward What is it really to do with? • Single set of legislation across Europe that gives individuals get better control of their personal data • Became effective law in 2016 • 2 year grace period to get ready
MWLUG 2017 Moving Collaboration Forward Why worry about it now? “The GDPR is causing great concern for businesses, with 50 percent of global companies saying they will struggle to meet the rules set out by Europe unless they make significant changes to how they operate.” James Walker, UK MD, JAW Consulting UK https://www.scmagazineuk.com/preparing-for-the-eu-gdpr-what-you-need-to-know/article/531492/ Must be ready by Friday, May 25th 2018
MWLUG 2017 Moving Collaboration Forward Legal Glossary • Personal Data • Controllers & Processors • Data Protection Officers • Profiling • Breach & Notification • Data Subject Access Requests
MWLUG 2017 Moving Collaboration Forward Definition of ‘Personal Data’ “Any information relating to an person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.” A Summary of the EU General Data Protection Regulation: Peter Galdies DataIQ. 14th January 2016. www.dataiq.co.uk/blog/summary-eu-general-data-protection-regulation
MWLUG 2017 Moving Collaboration Forward Controllers & Processors • Controllers – Owners of the data – Responsible for data security – Make sure Processors are compliant • Processors – Work with the data – Must take responsible actions with the data • The relationship between Controllers and Processor must be documented
MWLUG 2017 Moving Collaboration Forward Legal Glossary (cont.) • Data Protection Officers – Public Authorities, Large scale processing of special types of personal data – Expert knowledge of DP laws – Can be made tighter by EU Member States • Profiling – Any automated processing of personal data to determine certain criteria about a person. “In particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements”.
MWLUG 2017 Moving Collaboration Forward Legal Glossary (cont.) • Breach & Notification – “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed” • Data Subject Access Request – The right of the individual to understand what is stored and how it is used
MWLUG 2017 Moving Collaboration Forward Brief Summary • If you collect any personal data of an EU citizen, you need to comply • Data subjects can – ask for data • There are Penalties for non-compliance
MWLUG 2017 Moving Collaboration Forward Who it affects • ANYONE who collects data about any EU citizen that is identifiable to them • Anywhere in the world • No boundaries
MWLUG 2017 Moving Collaboration Forward Privacy Management • Data protection safeguards to be ‘built in’ to systems. Data by Design • Privacy-friendly – pseudonymisation • Record keeping has increased emphasis – Answering auditors – Data Subject Access Requests • The right to be forgotten
MWLUG 2017 Moving Collaboration Forward Consent • Consent to collect the data has to be given – Does not have to be explicit – Purpose for data collection has to be explicit – Has to be demonstrable, how and when • Withdrawing consent has to be possible – Should be as easy as giving consent
MWLUG 2017 Moving Collaboration Forward Breaches & Notification • Breach & Notification – “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed” • 72 hours to notify supervisory authority • May have to notify data subjects too
MWLUG 2017 Moving Collaboration Forward WARNING!!! • The next slide may make you sit up sharply in your seat. • You have been warned.
MWLUG 2017 Moving Collaboration Forward Penalties • Greater of €10 million or 2% of entity’s global gross revenue – Violation of record keeping, security, breach notifications & privacy impact assessment • Greater of €20 million or 4% of entity’s global gross revenue – Violations of legal justification for processing (consent), data subject rights and cross-border data transfers
MWLUG 2017 Moving Collaboration Forward Please be ready
MWLUG 2017 Moving Collaboration Forward Suggested minimum technical steps • Firewalls • User access control management functionality in Windows • Unique passwords of sufficient complexity and regular (but not too frequent) expiry on all devices • Regular software updates • Timely decommissioning and secure wiping of old software and hardware • Real-time protection anti-virus, anti-malware and anti-spyware software • Encryption of all portable devices ensuring appropriate protection of the key • Encryption of personal data in transit by using suitable encryption solutions • Implement secure configuration on all devices (including mobile phones) • Put in place intrusion detection and prevention • Data backup
MWLUG 2017 Moving Collaboration Forward What can you do now? 1. Make key departments aware 2. Work out what you have 3. Get you minimum technical steps in progress 4. Revise existing privacy notices 5. Review procedures for new rights 6. Plan how to handle requests 7. Document your legal basis for your use of data 8. Review how you get consent and record it 9. Procedures for data breaches and checks 10. Appoint a Data Protection Officer
MWLUG 2017 Moving Collaboration Forward Sources • EU General Data Protection Regulation ratified: KPMG 2016 assets.kpmg.com/content/dam/kpmg/pdf/2016/05/EU-General-Data-Protection-Regulation-ratified-18-04-2016.pdf • Guidance: what to expect and when: Information Commissioner’s Office. ico.org.uk/for-organisations/data-protection-reform/guidance-what-to-expect-and-when/ • Overview of the General Data Protection Regulation (GDPR): Information Commissioner’s Office ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/ • Preparing for the EU GDPR: What You Need To Know: James Walker. SC Media 4th March 2016. www.scmagazineuk.com/preparing-for-the-eu-gdpr-what-you-need-to-know/article/531492/ • A Summary of the EU General Data Protection Regulation: Peter Galdies DataIQ. 14th January 2016. www.dataiq.co.uk/blog/summary-eu-general-data-protection-regulation • EU Official Journal issue L 119 eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=OJ:L:2016:119:FULL&from=EN • Preparing for the General Data Protection Regulation (GDPR): 12 steps to take now. Information Commissioner’s Office 14th March 2016. ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf • IBM – Little Bee books - How it works – GDPR http://littlebeelibrary.com/pdfs/GDPR.pdf
MWLUG 2017 Moving Collaboration Forward Our Amazing Sponsors
MWLUG 2017 Moving Collaboration Forward Questions • Tim Clark • tim_clark@bcc.biz • TimsterC (Skype) • Stephanie Heit • stephanie_heit@bcc.biz • Stephanie Heit (Skype) http://bcchub.com

Empfohlen

GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationVicky Dallas
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPRPriyab Satoshi
 
What about GDPR?
What about GDPR?What about GDPR?
What about GDPR?Martin Hawksey
 
GDPR
GDPRGDPR
GDPRGopi PD
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentationSudarsan Reddy
 
GDPR Introduction and overview
GDPR Introduction and overviewGDPR Introduction and overview
GDPR Introduction and overviewJane Lambert
 

Empfohlen

GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationVicky Dallas
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPRPriyab Satoshi
 
What about GDPR?
What about GDPR?What about GDPR?
What about GDPR?Martin Hawksey
 
GDPR
GDPRGDPR
GDPRGopi PD
 
GDPR Presentation slides
GDPR Presentation slidesGDPR Presentation slides
GDPR Presentation slidesNaomi Holmes
 
Gdpr presentation
Gdpr presentationGdpr presentation
Gdpr presentationSudarsan Reddy
 
GDPR Introduction and overview
GDPR Introduction and overviewGDPR Introduction and overview
GDPR Introduction and overviewJane Lambert
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)Extentia Information Technology
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR DemystifiedSPIN Chennai
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographicMarketing Team at Crown Worldwide Group
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Kimberly Simon MBA
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR The Pathway Group
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
 
GDPR training
GDPR training GDPR training
GDPR training ASL
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018amirhannan
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysQualsys Ltd
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Le dossier RGPD
Le dossier RGPDLe dossier RGPD
Le dossier RGPDProf. Jacques Folon (Ph.D)
 
GDPR and Personal Data Transfers 1.1.pdf
GDPR and Personal Data Transfers 1.1.pdfGDPR and Personal Data Transfers 1.1.pdf
GDPR and Personal Data Transfers 1.1.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteita
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteitaTietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteita
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteitaHarto Pönkä
 
GDPR and Security.pdf
GDPR and Security.pdfGDPR and Security.pdf
GDPR and Security.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Personal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data PrivacyPersonal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data PrivacylegalPadmin
 
GDPR
GDPRGDPR
GDPRYounes Boukamher
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Complianceaccenture
 
PDPA 2010 at office (HairulHafiz)
PDPA 2010 at office (HairulHafiz)PDPA 2010 at office (HairulHafiz)
PDPA 2010 at office (HairulHafiz)Hairul Hafiz Hasbullah
 
GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsAdrian Dumitrescu
 
Global Data Privacy Regulation
Global Data Privacy RegulationGlobal Data Privacy Regulation
Global Data Privacy RegulationJatin Kochhar
 

Weitere ähnliche Inhalte

Was ist angesagt?

General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Kimberly Simon MBA
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
 
GDPR training
GDPR training GDPR training
GDPR training ASL
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018amirhannan
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysQualsys Ltd
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...IT Governance Ltd
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteita
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteitaTietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteita
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteitaHarto Pönkä
 
Personal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data PrivacyPersonal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data PrivacylegalPadmin
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Complianceaccenture
 

Was ist angesagt? (20)

General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR Demystified
 
GDPR infographic
GDPR infographicGDPR infographic
GDPR infographic
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
 
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...
 
GDPR training
GDPR training GDPR training
GDPR training
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by Qualsys
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
Le dossier RGPD
Le dossier RGPDLe dossier RGPD
Le dossier RGPD
 
GDPR and Personal Data Transfers 1.1.pdf
GDPR and Personal Data Transfers 1.1.pdfGDPR and Personal Data Transfers 1.1.pdf
GDPR and Personal Data Transfers 1.1.pdf
 
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteita
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteitaTietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteita
Tietosuojavastaavan tehtävä ja henkilötietojen käsittelyn perusteita
 
GDPR and Security.pdf
GDPR and Security.pdfGDPR and Security.pdf
GDPR and Security.pdf
 
Personal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data PrivacyPersonal Data Protection Act - Employee Data Privacy
Personal Data Protection Act - Employee Data Privacy
 
GDPR
GDPRGDPR
GDPR
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Compliance
 
PDPA 2010 at office (HairulHafiz)
PDPA 2010 at office (HairulHafiz)PDPA 2010 at office (HairulHafiz)
PDPA 2010 at office (HairulHafiz)
 

Ähnlich wie General Data Protection Regulation

Global Data Privacy Regulation
Global Data Privacy RegulationGlobal Data Privacy Regulation
Global Data Privacy RegulationJatin Kochhar
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
GDPR Privacy Introduction
GDPR Privacy IntroductionGDPR Privacy Introduction
GDPR Privacy IntroductionNiclasGranqvist
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
Why We Require GDPR?
Why We Require GDPR?Why We Require GDPR?
Why We Require GDPR?Jatin Kochhar
 
De groote de man Ingrid de Poorter
De groote de man Ingrid de PoorterDe groote de man Ingrid de Poorter
De groote de man Ingrid de PoorterBigDataExpo
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance Dovetail Software
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
Data protection within development
Data protection within developmentData protection within development
Data protection within developmentowaspsuffolk
 
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPiwik PRO
 
Gdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulationGdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulationJames Mulhern
 
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...Knobbe Martens - Intellectual Property Law
 
EU Data Protection Legislation, Peter Ridley (HPE)
EU Data Protection Legislation, Peter Ridley (HPE)EU Data Protection Legislation, Peter Ridley (HPE)
EU Data Protection Legislation, Peter Ridley (HPE)Napier University
 

Ähnlich wie General Data Protection Regulation (20)

GDPR Part 1: Quick Facts
GDPR Part 1: Quick FactsGDPR Part 1: Quick Facts
GDPR Part 1: Quick Facts
 
Global Data Privacy Regulation
Global Data Privacy RegulationGlobal Data Privacy Regulation
Global Data Privacy Regulation
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 
GDPR Privacy Introduction
GDPR Privacy IntroductionGDPR Privacy Introduction
GDPR Privacy Introduction
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
Why We Require GDPR?
Why We Require GDPR?Why We Require GDPR?
Why We Require GDPR?
 
De groote de man Ingrid de Poorter
De groote de man Ingrid de PoorterDe groote de man Ingrid de Poorter
De groote de man Ingrid de Poorter
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance
 
GDPR: The Regulator's Perspective, Peter Brown, ICO
GDPR: The Regulator's Perspective, Peter Brown, ICOGDPR: The Regulator's Perspective, Peter Brown, ICO
GDPR: The Regulator's Perspective, Peter Brown, ICO
 
Gdpr action plan
Gdpr action plan Gdpr action plan
Gdpr action plan
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overview
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
 
Data protection within development
Data protection within developmentData protection within development
Data protection within development
 
Privacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital SetupPrivacy Regulations and Your Digital Setup
Privacy Regulations and Your Digital Setup
 
Gdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulationGdpr demystified - making sense of the regulation
Gdpr demystified - making sense of the regulation
 
Ritz 4th-july-gdpr
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
 
GDPR for your Payroll Bureau
GDPR for your Payroll BureauGDPR for your Payroll Bureau
GDPR for your Payroll Bureau
 
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
What You Should Know About Data Privacy- Knobbe Martens Webinar Series for St...
 
2016 11-17-gdpr-integro-webinar
2016 11-17-gdpr-integro-webinar2016 11-17-gdpr-integro-webinar
2016 11-17-gdpr-integro-webinar
 
EU Data Protection Legislation, Peter Ridley (HPE)
EU Data Protection Legislation, Peter Ridley (HPE)EU Data Protection Legislation, Peter Ridley (HPE)
EU Data Protection Legislation, Peter Ridley (HPE)
 

Mehr von BCC - Solutions for IBM Collaboration Software

Mehr von BCC - Solutions for IBM Collaboration Software (20)

Connections 5.x to 6.0 migration
Connections 5.x to 6.0 migrationConnections 5.x to 6.0 migration
Connections 5.x to 6.0 migration
 
Systematisch: Von der alten in die neue Welt - Migrations-Szenarien
Systematisch: Von der alten in die neue Welt - Migrations-SzenarienSystematisch: Von der alten in die neue Welt - Migrations-Szenarien
Systematisch: Von der alten in die neue Welt - Migrations-Szenarien
 
MaRisk Andorderungen erfüllen - Analyse von Rechten und Rollen in IBM Domino ...
MaRisk Andorderungen erfüllen - Analyse von Rechten und Rollen in IBM Domino ...MaRisk Andorderungen erfüllen - Analyse von Rechten und Rollen in IBM Domino ...
MaRisk Andorderungen erfüllen - Analyse von Rechten und Rollen in IBM Domino ...
 
Protect your IBM Domino data from leaks with BCC DominoProtect
Protect your IBM Domino data from leaks with BCC DominoProtectProtect your IBM Domino data from leaks with BCC DominoProtect
Protect your IBM Domino data from leaks with BCC DominoProtect
 
IBM Connections Cloud Administration
IBM Connections Cloud AdministrationIBM Connections Cloud Administration
IBM Connections Cloud Administration
 
IBM Connect 2016: Speaker Session with Teresa Deane, Senior Developer, BCC
IBM Connect 2016: Speaker Session with Teresa Deane, Senior Developer, BCCIBM Connect 2016: Speaker Session with Teresa Deane, Senior Developer, BCC
IBM Connect 2016: Speaker Session with Teresa Deane, Senior Developer, BCC
 
Dr. Strangelove, or how I learned to love plug-in development - SNoUG 2014
Dr. Strangelove, or how I learned to love plug-in development - SNoUG 2014Dr. Strangelove, or how I learned to love plug-in development - SNoUG 2014
Dr. Strangelove, or how I learned to love plug-in development - SNoUG 2014
 
Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...Using Social Business Software and being compliant with EU data protection la...
Using Social Business Software and being compliant with EU data protection la...
 
XPages Performance Master Class - Survive in the fast lane on the Autobahn (E...
XPages Performance Master Class - Survive in the fast lane on the Autobahn (E...XPages Performance Master Class - Survive in the fast lane on the Autobahn (E...
XPages Performance Master Class - Survive in the fast lane on the Autobahn (E...
 
Keine Kompromisse! Mehr Sicherheit & Compliance für IBM Domino
Keine Kompromisse! Mehr Sicherheit & Compliance für IBM DominoKeine Kompromisse! Mehr Sicherheit & Compliance für IBM Domino
Keine Kompromisse! Mehr Sicherheit & Compliance für IBM Domino
 
Honey, I shrunk the data - Mehr Platz am IBM Domino Server
Honey, I shrunk the data - Mehr Platz am IBM Domino ServerHoney, I shrunk the data - Mehr Platz am IBM Domino Server
Honey, I shrunk the data - Mehr Platz am IBM Domino Server
 
Wie schützen Sie Ihre Messaging- & Collaboration-Infrastruktur? Lessons learn...
Wie schützen Sie Ihre Messaging- & Collaboration-Infrastruktur? Lessons learn...Wie schützen Sie Ihre Messaging- & Collaboration-Infrastruktur? Lessons learn...
Wie schützen Sie Ihre Messaging- & Collaboration-Infrastruktur? Lessons learn...
 
IBM Connect 2014 SPOT114: No Compromise on Compliance: Streamline Administrat...
IBM Connect 2014 SPOT114: No Compromise on Compliance: Streamline Administrat...IBM Connect 2014 SPOT114: No Compromise on Compliance: Streamline Administrat...
IBM Connect 2014 SPOT114: No Compromise on Compliance: Streamline Administrat...
 
Platz schaffen auf dem Domino - Compact, Compress, De-Duplicate - Ulrich Krau...
Platz schaffen auf dem Domino - Compact, Compress, De-Duplicate - Ulrich Krau...Platz schaffen auf dem Domino - Compact, Compress, De-Duplicate - Ulrich Krau...
Platz schaffen auf dem Domino - Compact, Compress, De-Duplicate - Ulrich Krau...
 
XPages: Performance-Optimierung - Ulrich Krause (eknori) SNoUG 2013
XPages: Performance-Optimierung - Ulrich Krause (eknori) SNoUG 2013XPages: Performance-Optimierung - Ulrich Krause (eknori) SNoUG 2013
XPages: Performance-Optimierung - Ulrich Krause (eknori) SNoUG 2013
 
Deep Dive Domino Mail Routing - SMTP Cookbook - DNUG Herbstkonferenz 2013
Deep Dive Domino Mail Routing - SMTP Cookbook - DNUG Herbstkonferenz 2013Deep Dive Domino Mail Routing - SMTP Cookbook - DNUG Herbstkonferenz 2013
Deep Dive Domino Mail Routing - SMTP Cookbook - DNUG Herbstkonferenz 2013
 
Deep Dive AdminP Process - Admin and Infrastructure Track at UKLUG 2012
Deep Dive AdminP Process - Admin and Infrastructure Track at UKLUG 2012Deep Dive AdminP Process - Admin and Infrastructure Track at UKLUG 2012
Deep Dive AdminP Process - Admin and Infrastructure Track at UKLUG 2012
 
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...
Platz da! Platz schaffen auf dem Domino Server - Vortrag von Ulrich Krause be...
 
Wie gewährleisten Sie die Einhaltung von Sicherheitsanforderungen an Ihre Mes...
Wie gewährleisten Sie die Einhaltung von Sicherheitsanforderungen an Ihre Mes...Wie gewährleisten Sie die Einhaltung von Sicherheitsanforderungen an Ihre Mes...
Wie gewährleisten Sie die Einhaltung von Sicherheitsanforderungen an Ihre Mes...
 
Wie schützen Sie Ihre E-Mail-Kommunikation? Kurzfristige Lösungsansätze bis z...
Wie schützen Sie Ihre E-Mail-Kommunikation? Kurzfristige Lösungsansätze bis z...Wie schützen Sie Ihre E-Mail-Kommunikation? Kurzfristige Lösungsansätze bis z...
Wie schützen Sie Ihre E-Mail-Kommunikation? Kurzfristige Lösungsansätze bis z...
 

Kürzlich hochgeladen

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 

Kürzlich hochgeladen (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 

General Data Protection Regulation

  • 1. MWLUG 2017 Moving Collaboration Forward General Data Protection Regulation. Ignoring this = Paying Fines! Tim Clark Stephanie Heit BCC Ltd.
  • 2. MWLUG 2017 Moving Collaboration Forward Our Amazing Sponsors
  • 3. MWLUG 2017 Moving Collaboration Forward Agenda • BCC, Stephanie & Tim • What is GDPR • Who it affects • What you have to do • Penalties • Summary • Where to find more information
  • 4. MWLUG 2017 Moving Collaboration Forward Presenters • Tim Clark • Director Services & Support • IBM Champion 13-17 • Stephanie Heit • Director, BCC Ltd • 17 years with Notes & Domino
  • 5. MWLUG 2017 Moving Collaboration Forward About BCC • Founded in 1996 • IBM Business Partner • Locations: Frankfurt (HQ), London, Boston • 800+ customers
  • 6. MWLUG 2017 Moving Collaboration Forward BCC Solutions
  • 7. MWLUG 2017 Moving Collaboration Forward • Europe – Personal self determination – Personal Data Protection – Laws, not directives • USA – Consumer focused – Treated fairly – Not Protected – Directives, not laws Cultural Differences
  • 8. MWLUG 2017 Moving Collaboration Forward What is GDPR • General Data Protection Regulations – Regulation • (EU) 2016/679 (88 pages) – Directives • (EU) 2016/680 (43pages) • (EU) 2016/681 (18 pages) • Now the boring stuff is out of the way…..
  • 9. MWLUG 2017 Moving Collaboration Forward What is it really to do with? • Single set of legislation across Europe that gives individuals get better control of their personal data • Became effective law in 2016 • 2 year grace period to get ready
  • 10. MWLUG 2017 Moving Collaboration Forward Why worry about it now? “The GDPR is causing great concern for businesses, with 50 percent of global companies saying they will struggle to meet the rules set out by Europe unless they make significant changes to how they operate.” James Walker, UK MD, JAW Consulting UK https://www.scmagazineuk.com/preparing-for-the-eu-gdpr-what-you-need-to-know/article/531492/ Must be ready by Friday, May 25th 2018
  • 11. MWLUG 2017 Moving Collaboration Forward Legal Glossary • Personal Data • Controllers & Processors • Data Protection Officers • Profiling • Breach & Notification • Data Subject Access Requests
  • 12. MWLUG 2017 Moving Collaboration Forward Definition of ‘Personal Data’ “Any information relating to an person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.” A Summary of the EU General Data Protection Regulation: Peter Galdies DataIQ. 14th January 2016. www.dataiq.co.uk/blog/summary-eu-general-data-protection-regulation
  • 13. MWLUG 2017 Moving Collaboration Forward Controllers & Processors • Controllers – Owners of the data – Responsible for data security – Make sure Processors are compliant • Processors – Work with the data – Must take responsible actions with the data • The relationship between Controllers and Processor must be documented
  • 14. MWLUG 2017 Moving Collaboration Forward Legal Glossary (cont.) • Data Protection Officers – Public Authorities, Large scale processing of special types of personal data – Expert knowledge of DP laws – Can be made tighter by EU Member States • Profiling – Any automated processing of personal data to determine certain criteria about a person. “In particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements”.
  • 15. MWLUG 2017 Moving Collaboration Forward Legal Glossary (cont.) • Breach & Notification – “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed” • Data Subject Access Request – The right of the individual to understand what is stored and how it is used
  • 16. MWLUG 2017 Moving Collaboration Forward Brief Summary • If you collect any personal data of an EU citizen, you need to comply • Data subjects can – ask for data • There are Penalties for non-compliance
  • 17. MWLUG 2017 Moving Collaboration Forward Who it affects • ANYONE who collects data about any EU citizen that is identifiable to them • Anywhere in the world • No boundaries
  • 18. MWLUG 2017 Moving Collaboration Forward Privacy Management • Data protection safeguards to be ‘built in’ to systems. Data by Design • Privacy-friendly – pseudonymisation • Record keeping has increased emphasis – Answering auditors – Data Subject Access Requests • The right to be forgotten
  • 19. MWLUG 2017 Moving Collaboration Forward Consent • Consent to collect the data has to be given – Does not have to be explicit – Purpose for data collection has to be explicit – Has to be demonstrable, how and when • Withdrawing consent has to be possible – Should be as easy as giving consent
  • 20. MWLUG 2017 Moving Collaboration Forward Breaches & Notification • Breach & Notification – “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed” • 72 hours to notify supervisory authority • May have to notify data subjects too
  • 21. MWLUG 2017 Moving Collaboration Forward WARNING!!! • The next slide may make you sit up sharply in your seat. • You have been warned.
  • 22. MWLUG 2017 Moving Collaboration Forward Penalties • Greater of €10 million or 2% of entity’s global gross revenue – Violation of record keeping, security, breach notifications & privacy impact assessment • Greater of €20 million or 4% of entity’s global gross revenue – Violations of legal justification for processing (consent), data subject rights and cross-border data transfers
  • 23. MWLUG 2017 Moving Collaboration Forward Please be ready
  • 24. MWLUG 2017 Moving Collaboration Forward Suggested minimum technical steps • Firewalls • User access control management functionality in Windows • Unique passwords of sufficient complexity and regular (but not too frequent) expiry on all devices • Regular software updates • Timely decommissioning and secure wiping of old software and hardware • Real-time protection anti-virus, anti-malware and anti-spyware software • Encryption of all portable devices ensuring appropriate protection of the key • Encryption of personal data in transit by using suitable encryption solutions • Implement secure configuration on all devices (including mobile phones) • Put in place intrusion detection and prevention • Data backup
  • 25. MWLUG 2017 Moving Collaboration Forward What can you do now? 1. Make key departments aware 2. Work out what you have 3. Get you minimum technical steps in progress 4. Revise existing privacy notices 5. Review procedures for new rights 6. Plan how to handle requests 7. Document your legal basis for your use of data 8. Review how you get consent and record it 9. Procedures for data breaches and checks 10. Appoint a Data Protection Officer
  • 26. MWLUG 2017 Moving Collaboration Forward Sources • EU General Data Protection Regulation ratified: KPMG 2016 assets.kpmg.com/content/dam/kpmg/pdf/2016/05/EU-General-Data-Protection-Regulation-ratified-18-04-2016.pdf • Guidance: what to expect and when: Information Commissioner’s Office. ico.org.uk/for-organisations/data-protection-reform/guidance-what-to-expect-and-when/ • Overview of the General Data Protection Regulation (GDPR): Information Commissioner’s Office ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/ • Preparing for the EU GDPR: What You Need To Know: James Walker. SC Media 4th March 2016. www.scmagazineuk.com/preparing-for-the-eu-gdpr-what-you-need-to-know/article/531492/ • A Summary of the EU General Data Protection Regulation: Peter Galdies DataIQ. 14th January 2016. www.dataiq.co.uk/blog/summary-eu-general-data-protection-regulation • EU Official Journal issue L 119 eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=OJ:L:2016:119:FULL&from=EN • Preparing for the General Data Protection Regulation (GDPR): 12 steps to take now. Information Commissioner’s Office 14th March 2016. ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf • IBM – Little Bee books - How it works – GDPR http://littlebeelibrary.com/pdfs/GDPR.pdf
  • 27. MWLUG 2017 Moving Collaboration Forward Our Amazing Sponsors
  • 28. MWLUG 2017 Moving Collaboration Forward Questions • Tim Clark • tim_clark@bcc.biz • TimsterC (Skype) • Stephanie Heit • stephanie_heit@bcc.biz • Stephanie Heit (Skype) http://bcchub.com

Hinweis der Redaktion

  1. So in many cases online identifiers including IP address, cookies and so forth will now be regarded as personal data if they can be (or are capable of being) without undue effort linked back to the data subject. To be clear there is no distinction between personal data about individuals in their private, public or work roles – the person is the person.