SlideShare ist ein Scribd-Unternehmen logo

How To Approach GDPR Preparation & Discovery

Gabriella Davis
Gabriella Davis

In this session, presented as a workshop outline, we will walk you through your GDPR responsibilities and how to assess your risk. We’ll give some recommendations on high priority but easy to fix issues and how to discover, secure and take ownership of existing data. At the end of the session we will share the workshop outline to help with your own planning. Prepared for Social Connections 13 in Philadelphia April 2018

Business
1 von 23
Downloaden Sie, um offline zu lesen
Philadelphia, April 26-27 2018 13 The Looming GDPR & You Gabriella Davis Technical Director, The Turtle Partnership IBM Lifetime Champion for Social Business gabriella@turtlepartnership.com
Gab Davis • Admin of all things and especially quite complicated things where the fun is • Working with the design, deployment and security of IBM technologies within global infrastructures • working with the real world security and privacy aspects of expanding data ecosystems • Stubborn and relentless problem solver • http://turtleblog.infohttps:// www.turtlepartnership.com • IBM Lifetime Champion
PLATINUM SPONSOR GOLD SPONSORS SILVER SPONSORS GOLD+ SPONSOR
Social Connections 13 Philadelphia, April 26-27 2018 13 Gab is not a lawyer You will want to speak to one to get advice on your legal exposure
Social Connections 13 Philadelphia, April 26-27 2018 • General Data Protection Regulation (GDPR) is a new EU directive that comes into effect May 2018 regulating the processing of personal data • Personal data is defined as any data that directly or indirectly identifies a data subject • Processing consists of any operation or set of operations that are performed on personal data
Social Connections 13 Philadelphia, April 26-27 2018 • Individuals have more ownership of information • Corporations bear more responsibility • This is a process challenge first and a technical one last • Yet lots of companies are offering technical GDPR solutions!
Social Connections 13 Philadelphia, April 26-27 2018 • Where Do You Start?
Social Connections 13 Philadelphia, April 26-27 2018 • I Know - It’s EXHAUSTING To Even Think About • But There Are No Shortcuts • You Can’t Just Hope You Are Too Small To Matter • A Possible Fine Of €20m or 4% of Your Global Turnover Is At Stake • Per Instance
Social Connections 13 Philadelphia, April 26-27 2018 Controllers and Processors • Data responsibility differs depending on whether you are considered a Controller or a Processor • Controllers determine the purpose and means of processing personal data • Processors actually perform the data processing • Your company may act in both guises but cannot avoid GDPR responsibility by offloading the processing to another entity • - you would still be considered the Controller
Social Connections 13 Philadelphia, April 26-27 2018 Controller Responsibilities • Article 5 applies responsibility for compliance with the principles of processing personal data including • lawfulness • fairness and transparency • data minimisation • storage limitation • Article 24 makes you responsibility for implementing technical and organisational processes to protect the information • Data breach notification
Social Connections 13 Philadelphia, April 26-27 2018 Processors Responsibilities • Article 28 makes the Controller responsible for ensuring the chosen processor abides by the requirements of GDPR • This includes ensuring organisational and technical processes are in place to protect the data
Social Connections 13 Philadelphia, April 26-27 2018 But Hey I’m In The US! • A company with a location in the EU must comply with GDPR if they are processing any data for EU citizens or within the EU regardless of where that processing occurs • If goods or services are marketed / sold to any part of the EU regardless of where the company is based, there is a requirement for GDPR • Any company gathering data on EU citizen behaviour • this includes both physical tracking and online tracking
Social Connections 13 Philadelphia, April 26-27 2018 ADMINISTRATIVE • Who is assigned the role of data protection officer and where do they sit in the organisation. • Who is the point of contact for the data protection authority • Privacy and consent agreements need to be reviewed and updated
Social Connections 13 Philadelphia, April 26-27 2018 Assigning A Data Protection Officer • Responsible for overall understanding and enforcing of GDPR alignment • Formal senior role within the organisational hierarchy • Contact point and decision maker for both internal policies and data requests
Social Connections 13 Philadelphia, April 26-27 2018 Data Protection Authority Contact • GDPR escalations are directed to the declared Data Protection Authority contact • Any suspected breaches must be reported along with a remediation plan • In theory within 72hrs of the breach but more likely within 72hrs of finding out about the breach
Social Connections 13 Philadelphia, April 26-27 2018 Review Existing Consent Agreements • For customers • For suppliers • For employees • For anyone whose data you process, consume or retain • Consent going forward is easier than permission to retain historical data • How to convey to people the services that can be lost if data isn’t maintained
Social Connections 13 Philadelphia, April 26-27 2018 PROCESSES • for notifying authorities and affected customers in the case of a breach • for approving new data storage and handling
Social Connections 13 Philadelphia, April 26-27 2018 Process For User Requests • Right to be forgotten • Right to have incorrect data updated / changed • Right to have visibility of data • Finding and cleaning all the information 
 • What needs to be kept for internal reasons
Social Connections 13 Philadelphia, April 26-27 2018 Process For Accessing Information • Auditable and traceable • Who can access what to complete their work • Granting and removing access
Social Connections 13 Philadelphia, April 26-27 2018 Process For Requesting Consent Going Forward • Gathering and retaining information is acceptable if it’s necessary to provide the service / product / relationship with the user • However the user must agree to that happening • It can be as simple as asking
Social Connections 13 Philadelphia, April 26-27 2018 DATA • What data is held , where and why • How is it secured • For how long • Who can access it • What is its purpose
Social Connections 13 Philadelphia, April 26-27 2018 • No-one knows how this will work • for that reason there’s huge potential for exposure • no technology will fix everything for you • putting some processes in place and having a plan shows understanding & positive intent
Social Connections 13 Philadelphia, April 26-27 2018 Questions • Remember once more: Gab is not a lawyer

Empfohlen

An Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsAn Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsGabriella Davis
 
The Cloud Security Rules
The Cloud Security RulesThe Cloud Security Rules
The Cloud Security RulesKai Roer
 
Cloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicesCloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicese-Marefa
 
What's new in Exchange Online - Microsoft Office 365 - Atidan
What's new in Exchange Online - Microsoft Office 365 - AtidanWhat's new in Exchange Online - Microsoft Office 365 - Atidan
What's new in Exchange Online - Microsoft Office 365 - AtidanDavid J Rosenthal
 
Health Care Mobility: Staying Securely Connected
Health Care Mobility: Staying Securely ConnectedHealth Care Mobility: Staying Securely Connected
Health Care Mobility: Staying Securely ConnectedGettins' Law LLC
 
Proxy
ProxyProxy
ProxyProxies Rent
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionAlbert Hoitingh
 
20110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.020110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.0Jesse Wilkins
 

Empfohlen

An Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsAn Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsGabriella Davis
 
The Cloud Security Rules
The Cloud Security RulesThe Cloud Security Rules
The Cloud Security RulesKai Roer
 
Cloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicesCloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicese-Marefa
 
What's new in Exchange Online - Microsoft Office 365 - Atidan
What's new in Exchange Online - Microsoft Office 365 - AtidanWhat's new in Exchange Online - Microsoft Office 365 - Atidan
What's new in Exchange Online - Microsoft Office 365 - AtidanDavid J Rosenthal
 
Health Care Mobility: Staying Securely Connected
Health Care Mobility: Staying Securely ConnectedHealth Care Mobility: Staying Securely Connected
Health Care Mobility: Staying Securely ConnectedGettins' Law LLC
 
Proxy
ProxyProxy
ProxyProxies Rent
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionAlbert Hoitingh
 
20110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.020110518-4 ARMA Central Iowa Records Management 2.0
20110518-4 ARMA Central Iowa Records Management 2.0Jesse Wilkins
 
Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveBenedek Menesi
 
Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...Benedek Menesi
 
Stealth Extranet for SharePoint_datasheet
Stealth Extranet for SharePoint_datasheetStealth Extranet for SharePoint_datasheet
Stealth Extranet for SharePoint_datasheetMark Stratman
 
Cloud computing legal issues
Cloud computing legal issuesCloud computing legal issues
Cloud computing legal issuesAdv Prashant Mali
 
Box Security Whitepaper
Box Security WhitepaperBox Security Whitepaper
Box Security WhitepaperBoxHQ
 
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...Scott Hoag
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 
GDPR and technology - details matter
GDPR and technology - details matterGDPR and technology - details matter
GDPR and technology - details matterExove
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Benedek Menesi
 
SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365Joanne Klein
 
Proxy
ProxyProxy
ProxyProxies Rent
 
Analyzing Microsoft Teams engagement & adoption: Why, What & How?
Analyzing Microsoft Teams engagement & adoption: Why, What & How?Analyzing Microsoft Teams engagement & adoption: Why, What & How?
Analyzing Microsoft Teams engagement & adoption: Why, What & How?Benedek Menesi
 
Legal ethics & cloud computing
Legal ethics & cloud computingLegal ethics & cloud computing
Legal ethics & cloud computingPatrick Fowler
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID Inc
 
Legal issues in cloud computing
Legal issues in cloud computingLegal issues in cloud computing
Legal issues in cloud computingmovinghats
 
Security and Compliance in Office 365
Security and Compliance in Office 365Security and Compliance in Office 365
Security and Compliance in Office 365Joel Jeffery
 
Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
 
Introducing OpenAthens Cloud for content providers
Introducing OpenAthens Cloud for content providersIntroducing OpenAthens Cloud for content providers
Introducing OpenAthens Cloud for content providersOpenAthens
 
Authentication cloud
Authentication cloudAuthentication cloud
Authentication cloudvidhya dharmarajan
 
GDPR Considerations for IBM Connections
GDPR Considerations for IBM ConnectionsGDPR Considerations for IBM Connections
GDPR Considerations for IBM ConnectionsLetsConnect
 
GDPR: Leverage the Power of Graphs
GDPR: Leverage the Power of GraphsGDPR: Leverage the Power of Graphs
GDPR: Leverage the Power of GraphsNeo4j
 

Weitere ähnliche Inhalte

Was ist angesagt?

Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveBenedek Menesi
 
Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...Benedek Menesi
 
Stealth Extranet for SharePoint_datasheet
Stealth Extranet for SharePoint_datasheetStealth Extranet for SharePoint_datasheet
Stealth Extranet for SharePoint_datasheetMark Stratman
 
Cloud computing legal issues
Cloud computing legal issuesCloud computing legal issues
Cloud computing legal issuesAdv Prashant Mali
 
Box Security Whitepaper
Box Security WhitepaperBox Security Whitepaper
Box Security WhitepaperBoxHQ
 
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...Scott Hoag
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 
GDPR and technology - details matter
GDPR and technology - details matterGDPR and technology - details matter
GDPR and technology - details matterExove
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Benedek Menesi
 
SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365Joanne Klein
 
Analyzing Microsoft Teams engagement & adoption: Why, What & How?
Analyzing Microsoft Teams engagement & adoption: Why, What & How?Analyzing Microsoft Teams engagement & adoption: Why, What & How?
Analyzing Microsoft Teams engagement & adoption: Why, What & How?Benedek Menesi
 
Legal ethics & cloud computing
Legal ethics & cloud computingLegal ethics & cloud computing
Legal ethics & cloud computingPatrick Fowler
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID Inc
 
Legal issues in cloud computing
Legal issues in cloud computingLegal issues in cloud computing
Legal issues in cloud computingmovinghats
 
Security and Compliance in Office 365
Security and Compliance in Office 365Security and Compliance in Office 365
Security and Compliance in Office 365Joel Jeffery
 
Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
 
Introducing OpenAthens Cloud for content providers
Introducing OpenAthens Cloud for content providersIntroducing OpenAthens Cloud for content providers
Introducing OpenAthens Cloud for content providersOpenAthens
 

Was ist angesagt? (20)

Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's Perspective
 
Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...Office365 in today's digital threats landscape: attacks & remedies from a hac...
Office365 in today's digital threats landscape: attacks & remedies from a hac...
 
Stealth Extranet for SharePoint_datasheet
Stealth Extranet for SharePoint_datasheetStealth Extranet for SharePoint_datasheet
Stealth Extranet for SharePoint_datasheet
 
Cloud computing legal issues
Cloud computing legal issuesCloud computing legal issues
Cloud computing legal issues
 
Box Security Whitepaper
Box Security WhitepaperBox Security Whitepaper
Box Security Whitepaper
 
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
SharePoint Conference 2018 - Securing Office 365 and SharePoint Online with A...
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
 
GDPR and technology - details matter
GDPR and technology - details matterGDPR and technology - details matter
GDPR and technology - details matter
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debate
 
Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck
 
SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365SPFest Chicago - Information Management and Data Governance in Office 365
SPFest Chicago - Information Management and Data Governance in Office 365
 
Proxy
ProxyProxy
Proxy
 
Analyzing Microsoft Teams engagement & adoption: Why, What & How?
Analyzing Microsoft Teams engagement & adoption: Why, What & How?Analyzing Microsoft Teams engagement & adoption: Why, What & How?
Analyzing Microsoft Teams engagement & adoption: Why, What & How?
 
Legal ethics & cloud computing
Legal ethics & cloud computingLegal ethics & cloud computing
Legal ethics & cloud computing
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
 
Legal issues in cloud computing
Legal issues in cloud computingLegal issues in cloud computing
Legal issues in cloud computing
 
Security and Compliance in Office 365
Security and Compliance in Office 365Security and Compliance in Office 365
Security and Compliance in Office 365
 
Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) Journey
 
Introducing OpenAthens Cloud for content providers
Introducing OpenAthens Cloud for content providersIntroducing OpenAthens Cloud for content providers
Introducing OpenAthens Cloud for content providers
 
Authentication cloud
Authentication cloudAuthentication cloud
Authentication cloud
 

Ähnlich wie How To Approach GDPR Preparation & Discovery

GDPR Considerations for IBM Connections
GDPR Considerations for IBM ConnectionsGDPR Considerations for IBM Connections
GDPR Considerations for IBM ConnectionsLetsConnect
 
GDPR: Leverage the Power of Graphs
GDPR: Leverage the Power of GraphsGDPR: Leverage the Power of Graphs
GDPR: Leverage the Power of GraphsNeo4j
 
How to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataHow to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataNeo4j
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionInfoGoTo
 
Introduction to data protection
Introduction to data protectionIntroduction to data protection
Introduction to data protectionRachel Aldighieri
 
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...Alan McSweeney
 
Data science and pending EU privacy laws - a storm on the horizon
Data science and pending EU privacy laws - a storm on the horizonData science and pending EU privacy laws - a storm on the horizon
Data science and pending EU privacy laws - a storm on the horizonDavid Stephenson, Ph.D.
 
Big Data Expo 2015 - Data Science Innovation Privacy Considerations
Big Data Expo 2015 - Data Science Innovation Privacy ConsiderationsBig Data Expo 2015 - Data Science Innovation Privacy Considerations
Big Data Expo 2015 - Data Science Innovation Privacy ConsiderationsBigDataExpo
 
GDPR: What Your Startup Should Know and Start Doing Now
GDPR: What Your Startup Should Know and Start Doing NowGDPR: What Your Startup Should Know and Start Doing Now
GDPR: What Your Startup Should Know and Start Doing NowAmazon Web Services
 
Data Privacy in the Work From Home Era
Data Privacy in the Work From Home EraData Privacy in the Work From Home Era
Data Privacy in the Work From Home EraNeo4j
 
ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
 
Ease out the GDPR adoption with ManageEngine
Ease out the GDPR adoption with ManageEngineEase out the GDPR adoption with ManageEngine
Ease out the GDPR adoption with ManageEngineManageEngine
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationGrittyCC
 
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...Jeff Kelly
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera
 
Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...
Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...
Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...Jadu
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteSilverTech
 
sunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfsunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfmsacs
 
An introduction to data protection - Edinburgh
An introduction to data protection - EdinburghAn introduction to data protection - Edinburgh
An introduction to data protection - EdinburghRachel Aldighieri
 

Ähnlich wie How To Approach GDPR Preparation & Discovery (20)

GDPR Considerations for IBM Connections
GDPR Considerations for IBM ConnectionsGDPR Considerations for IBM Connections
GDPR Considerations for IBM Connections
 
GDPR: Leverage the Power of Graphs
GDPR: Leverage the Power of GraphsGDPR: Leverage the Power of Graphs
GDPR: Leverage the Power of Graphs
 
How to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected DataHow to turn GDPR into a Strategic Advantage using Connected Data
How to turn GDPR into a Strategic Advantage using Connected Data
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and Retention
 
Introduction to data protection
Introduction to data protectionIntroduction to data protection
Introduction to data protection
 
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
Data Privatisation, Data Anonymisation, Data Pseudonymisation and Differentia...
 
Data science and pending EU privacy laws - a storm on the horizon
Data science and pending EU privacy laws - a storm on the horizonData science and pending EU privacy laws - a storm on the horizon
Data science and pending EU privacy laws - a storm on the horizon
 
Big Data Expo 2015 - Data Science Innovation Privacy Considerations
Big Data Expo 2015 - Data Science Innovation Privacy ConsiderationsBig Data Expo 2015 - Data Science Innovation Privacy Considerations
Big Data Expo 2015 - Data Science Innovation Privacy Considerations
 
GDPR: What Your Startup Should Know and Start Doing Now
GDPR: What Your Startup Should Know and Start Doing NowGDPR: What Your Startup Should Know and Start Doing Now
GDPR: What Your Startup Should Know and Start Doing Now
 
Data Privacy in the Work From Home Era
Data Privacy in the Work From Home EraData Privacy in the Work From Home Era
Data Privacy in the Work From Home Era
 
ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]ABM Display Advertising Success in the World of GDPR [PPT]
ABM Display Advertising Success in the World of GDPR [PPT]
 
Ease out the GDPR adoption with ManageEngine
Ease out the GDPR adoption with ManageEngineEase out the GDPR adoption with ManageEngine
Ease out the GDPR adoption with ManageEngine
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
 
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020
 
Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...
Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...
Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your Website
 
sunil_soares_dama_day.pdf
sunil_soares_dama_day.pdfsunil_soares_dama_day.pdf
sunil_soares_dama_day.pdf
 
Gdpr for business full
Gdpr for business fullGdpr for business full
Gdpr for business full
 
An introduction to data protection - Edinburgh
An introduction to data protection - EdinburghAn introduction to data protection - Edinburgh
An introduction to data protection - Edinburgh
 

Mehr von Gabriella Davis

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Engage2022 - Domino Admin Tips
Engage2022 - Domino Admin TipsEngage2022 - Domino Admin Tips
Engage2022 - Domino Admin TipsGabriella Davis
 
. Design Decisions: Developing for Mobile - The Template Experience Project
. Design Decisions: Developing for Mobile - The Template Experience Project. Design Decisions: Developing for Mobile - The Template Experience Project
. Design Decisions: Developing for Mobile - The Template Experience ProjectGabriella Davis
 
Domino Server Health - Monitoring and Managing
Domino Server Health - Monitoring and Managing Domino Server Health - Monitoring and Managing
Domino Server Health - Monitoring and ManagingGabriella Davis
 
Face Off Domino vs Exchange On Premises
Face Off Domino vs Exchange On PremisesFace Off Domino vs Exchange On Premises
Face Off Domino vs Exchange On PremisesGabriella Davis
 
Adminlicious - A Guide To TCO Features In Domino v10
Adminlicious - A Guide To TCO Features In Domino v10Adminlicious - A Guide To TCO Features In Domino v10
Adminlicious - A Guide To TCO Features In Domino v10Gabriella Davis
 
An Introduction to Configuring Domino for Docker
An Introduction to Configuring Domino for DockerAn Introduction to Configuring Domino for Docker
An Introduction to Configuring Domino for DockerGabriella Davis
 
An Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsAn Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsGabriella Davis
 
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...Gabriella Davis
 
An introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerAn introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerGabriella Davis
 
A Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration SolutionsA Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration SolutionsGabriella Davis
 
What's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesWhat's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesGabriella Davis
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To DockerGabriella Davis
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To DockerGabriella Davis
 
Setting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudSetting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudGabriella Davis
 
Embracing iot in the enterprise
Embracing iot in the enterpriseEmbracing iot in the enterprise
Embracing iot in the enterpriseGabriella Davis
 

Mehr von Gabriella Davis (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Engage2022 - Domino Admin Tips
Engage2022 - Domino Admin TipsEngage2022 - Domino Admin Tips
Engage2022 - Domino Admin Tips
 
. Design Decisions: Developing for Mobile - The Template Experience Project
. Design Decisions: Developing for Mobile - The Template Experience Project. Design Decisions: Developing for Mobile - The Template Experience Project
. Design Decisions: Developing for Mobile - The Template Experience Project
 
Domino Server Health - Monitoring and Managing
Domino Server Health - Monitoring and Managing Domino Server Health - Monitoring and Managing
Domino Server Health - Monitoring and Managing
 
Face Off Domino vs Exchange On Premises
Face Off Domino vs Exchange On PremisesFace Off Domino vs Exchange On Premises
Face Off Domino vs Exchange On Premises
 
60 Admin Tips
60 Admin Tips60 Admin Tips
60 Admin Tips
 
Adminlicious - A Guide To TCO Features In Domino v10
Adminlicious - A Guide To TCO Features In Domino v10Adminlicious - A Guide To TCO Features In Domino v10
Adminlicious - A Guide To TCO Features In Domino v10
 
An Introduction to Configuring Domino for Docker
An Introduction to Configuring Domino for DockerAn Introduction to Configuring Domino for Docker
An Introduction to Configuring Domino for Docker
 
An Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation RequirementsAn Introduction To The DMARC SMTP Validation Requirements
An Introduction To The DMARC SMTP Validation Requirements
 
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...
 
An introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerAn introduction to configuring Domino for Docker
An introduction to configuring Domino for Docker
 
Brand Yourself
Brand YourselfBrand Yourself
Brand Yourself
 
Home Working
Home WorkingHome Working
Home Working
 
A Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration SolutionsA Guide To Single Sign-On for IBM Collaboration Solutions
A Guide To Single Sign-On for IBM Collaboration Solutions
 
The Imposter Syndrome
The Imposter SyndromeThe Imposter Syndrome
The Imposter Syndrome
 
What's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-PremisesWhat's New in Notes, Sametime and Verse On-Premises
What's New in Notes, Sametime and Verse On-Premises
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To Docker
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To Docker
 
Setting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudSetting Up a Hybrid Domino Environment to Ease your Way to the Cloud
Setting Up a Hybrid Domino Environment to Ease your Way to the Cloud
 
Embracing iot in the enterprise
Embracing iot in the enterpriseEmbracing iot in the enterprise
Embracing iot in the enterprise
 

Kürzlich hochgeladen

Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with CultureSeta Wicaksana
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfAdmir Softic
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756dollysharma2066
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfAmzadHosen3
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 

Kürzlich hochgeladen (20)

Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
John Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdfJohn Halpern sued for sexual assault.pdf
John Halpern sued for sexual assault.pdf
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 

How To Approach GDPR Preparation & Discovery

  • 1. Philadelphia, April 26-27 2018 13 The Looming GDPR & You Gabriella Davis Technical Director, The Turtle Partnership IBM Lifetime Champion for Social Business gabriella@turtlepartnership.com
  • 2. Gab Davis • Admin of all things and especially quite complicated things where the fun is • Working with the design, deployment and security of IBM technologies within global infrastructures • working with the real world security and privacy aspects of expanding data ecosystems • Stubborn and relentless problem solver • http://turtleblog.infohttps:// www.turtlepartnership.com • IBM Lifetime Champion
  • 4. Social Connections 13 Philadelphia, April 26-27 2018 13 Gab is not a lawyer You will want to speak to one to get advice on your legal exposure
  • 5. Social Connections 13 Philadelphia, April 26-27 2018 • General Data Protection Regulation (GDPR) is a new EU directive that comes into effect May 2018 regulating the processing of personal data • Personal data is defined as any data that directly or indirectly identifies a data subject • Processing consists of any operation or set of operations that are performed on personal data
  • 6. Social Connections 13 Philadelphia, April 26-27 2018 • Individuals have more ownership of information • Corporations bear more responsibility • This is a process challenge first and a technical one last • Yet lots of companies are offering technical GDPR solutions!
  • 7. Social Connections 13 Philadelphia, April 26-27 2018 • Where Do You Start?
  • 8. Social Connections 13 Philadelphia, April 26-27 2018 • I Know - It’s EXHAUSTING To Even Think About • But There Are No Shortcuts • You Can’t Just Hope You Are Too Small To Matter • A Possible Fine Of €20m or 4% of Your Global Turnover Is At Stake • Per Instance
  • 9. Social Connections 13 Philadelphia, April 26-27 2018 Controllers and Processors • Data responsibility differs depending on whether you are considered a Controller or a Processor • Controllers determine the purpose and means of processing personal data • Processors actually perform the data processing • Your company may act in both guises but cannot avoid GDPR responsibility by offloading the processing to another entity • - you would still be considered the Controller
  • 10. Social Connections 13 Philadelphia, April 26-27 2018 Controller Responsibilities • Article 5 applies responsibility for compliance with the principles of processing personal data including • lawfulness • fairness and transparency • data minimisation • storage limitation • Article 24 makes you responsibility for implementing technical and organisational processes to protect the information • Data breach notification
  • 11. Social Connections 13 Philadelphia, April 26-27 2018 Processors Responsibilities • Article 28 makes the Controller responsible for ensuring the chosen processor abides by the requirements of GDPR • This includes ensuring organisational and technical processes are in place to protect the data
  • 12. Social Connections 13 Philadelphia, April 26-27 2018 But Hey I’m In The US! • A company with a location in the EU must comply with GDPR if they are processing any data for EU citizens or within the EU regardless of where that processing occurs • If goods or services are marketed / sold to any part of the EU regardless of where the company is based, there is a requirement for GDPR • Any company gathering data on EU citizen behaviour • this includes both physical tracking and online tracking
  • 13. Social Connections 13 Philadelphia, April 26-27 2018 ADMINISTRATIVE • Who is assigned the role of data protection officer and where do they sit in the organisation. • Who is the point of contact for the data protection authority • Privacy and consent agreements need to be reviewed and updated
  • 14. Social Connections 13 Philadelphia, April 26-27 2018 Assigning A Data Protection Officer • Responsible for overall understanding and enforcing of GDPR alignment • Formal senior role within the organisational hierarchy • Contact point and decision maker for both internal policies and data requests
  • 15. Social Connections 13 Philadelphia, April 26-27 2018 Data Protection Authority Contact • GDPR escalations are directed to the declared Data Protection Authority contact • Any suspected breaches must be reported along with a remediation plan • In theory within 72hrs of the breach but more likely within 72hrs of finding out about the breach
  • 16. Social Connections 13 Philadelphia, April 26-27 2018 Review Existing Consent Agreements • For customers • For suppliers • For employees • For anyone whose data you process, consume or retain • Consent going forward is easier than permission to retain historical data • How to convey to people the services that can be lost if data isn’t maintained
  • 17. Social Connections 13 Philadelphia, April 26-27 2018 PROCESSES • for notifying authorities and affected customers in the case of a breach • for approving new data storage and handling
  • 18. Social Connections 13 Philadelphia, April 26-27 2018 Process For User Requests • Right to be forgotten • Right to have incorrect data updated / changed • Right to have visibility of data • Finding and cleaning all the information 
 • What needs to be kept for internal reasons
  • 19. Social Connections 13 Philadelphia, April 26-27 2018 Process For Accessing Information • Auditable and traceable • Who can access what to complete their work • Granting and removing access
  • 20. Social Connections 13 Philadelphia, April 26-27 2018 Process For Requesting Consent Going Forward • Gathering and retaining information is acceptable if it’s necessary to provide the service / product / relationship with the user • However the user must agree to that happening • It can be as simple as asking
  • 21. Social Connections 13 Philadelphia, April 26-27 2018 DATA • What data is held , where and why • How is it secured • For how long • Who can access it • What is its purpose
  • 22. Social Connections 13 Philadelphia, April 26-27 2018 • No-one knows how this will work • for that reason there’s huge potential for exposure • no technology will fix everything for you • putting some processes in place and having a plan shows understanding & positive intent
  • 23. Social Connections 13 Philadelphia, April 26-27 2018 Questions • Remember once more: Gab is not a lawyer