SlideShare a Scribd company logo

#Privacy Matters - Come il regolamento privacy europeo da un problema può diventare un vantaggio competitivo

Giulio Coraggio
Giulio Coraggio

Il regolamento privacy europeo comporterà un cambiamento di prospettiva da parte delle aziende. Ma questo cambiamento di prospettiva potrebbe fornire benefici competitivi in quanto i clienti (sia società che consumatori) incominceranno a considerare la conformità alla normativa privacy nelle loro scelte.

Law
1 of 30
1 #PrivacyMatters e come la privacy può diventare da un problema un vantaggio competitivo Giulio Coraggio Partner - DLA Piper Studio Legale Head of Technology Sector and Global Internet of Things Group Giulio.Coraggio@dlapiper.com Gianluigi Marino Lawyer - DLA Piper Studio Legale Gianluigi.Marino@dlapiper.com Rosy Cinefra Senior Counsel - CA Technologies Rosy.Cinefra@ca.com privacymatterstoday@gmail.com
Financial Services Technology
la grande “onda” del regolamento privacy sta arrivando…
Ma quando si applica?
periodo di conservazione diritto di reclamo base giuridica del trattamento diritto alla portabilità dei dati Registro dei trattamenti la mappatura dei dati deve essere costante
bisogna controllare chi tratta i dati per voi? agenti
l’intera organizzazione aziendale deve cambiare… #PrivacyMatters
e siamo nel bel mezzo della sfida della digitalizzazione
clienti clienti la parola magica è “profilazione” dipendenti fornitori dipendenti
dovete crearvi una difesa
il data protection officer non può essere il solo garante interno della privacy
ma il regolamento aiuta i vostri concorrenti
profilo clienti autorizzati a “rubare” i dati dei vostri clienti?
Right to be forgotten come massimizzarne i benefici?
la protezione dei dati può essere complessa
e siete obbligati a proteggere i dati con misure di sicurezza “appropriate”
e in caso di “data breach”
Privacy by design e by default Security by design Privacy impact assessment Policy interne privacy e cyber risk Data protection officer Polizza assicurativa cyber risk ci sono gli strumenti per proteggersi
#PrivacyMatters prepariamoci al regolamento privacy europeo
1. Mappatura
2. Valutazione Report section Department / team Issue Inherent risk score Action 1.04 Entire business Data sharing takes place around the Group but there is no evidence that this is undertaken on particular terms or that related information is logged or recorded in any way. 20 Ensure all data sharing is clearly tracked through a central privacy clearing team, and regulated under an intra-group data transfer agreement which sets out clear rules and restrictions for onward use and secure processing. If there are processes or agreements in place, refresh these to ensure that all entities, locations, systems and data types are covered. 1.05 Entire business Data sharing with third parties routinely occurs, but disclosures do not appear to be logged or recorded. 20 Develop a data sharing protocol to regulate transfer / receipt of data with third parties. This should be supported by guidance on the contractual safeguards that you expect to be in place to provide assurance that third parties receiving data will only use it for limited purposes prescribed, with the information returned or destroyed at the end of the engagement or when it is no longer needed (whichever is the sooner) and that they understand the3.03 E-commerce Insurance information is stored on separate servers that appear to be more widely accessible by wider business teams. 12 Ensure means of transfer are secure when transferring data within the business or to a third party and that the data is then handled appropriately once received. Gap Analisys report Action plan A. Employee data: recruitment and selection of staff No. Issue What you should be doing to meet baseline GDPR position What you are doing / recommended actions Risk / Impact A1 Fair processing notice You should limit the personal data you collect from application forms etc to the fields necessary to allow you to select staff, carry out any necessary vetting (see below), populating initial e m p l o y m e n t r e c o r d s , registering with relevant tax authorities and checking their immigration status where necessary (or holding this on record for checks to [ Yo u r o u t i n e l y c o l l e c t personal data from potential recruits to support the selection process but you do not present recruits with a standard form privacy policy in the application process] ACTION : [e.g. Prepare standard privacy policy for new r e c r u i t s . I n c o r p o r a t e reference to the policy into Impact - significant Likelihood - likely
3.Cancellazione
Privacy by design e by default Security by design Privacy impact assessment Policy interne privacy e cyber risk Data protection officer Polizza assicurativa cyber risk 4.Attuazione
5.Monitoraggio è un continuo “work in progress”
29 #PrivacyMatters Giulio Coraggio Partner - DLA Piper Studio Legale Head of Technology Sector and Global Internet of Things Group Giulio.Coraggio@dlapiper.com Gianluigi Marino Lawyer - DLA Piper Studio Legale Gianluigi.Marino@dlapiper.com Rosy Cinefra Senior Counsel - CA Technologies Rosy.Cinefra@ca.com privacymatterstoday@gmail.com
30 #PrivacyMatters Giulio Coraggio Partner - DLA Piper Studio Legale Head of Technology Sector and Global Internet of Things Group Giulio.Coraggio@dlapiper.com Gianluigi Marino Lawyer - DLA Piper Studio Legale Gianluigi.Marino@dlapiper.com privacymatterstoday@gmail.com Rosy Cinefra Senior Counsel CA Technologies Giovanni Cerutti Senior VP, General Counsel, Compliance & Risk NTT Data EMEA Giuseppe Bellazzi Manager Legal and Litigation Department Intesa Sanpaolo Fabio Fiumanò Legal Manager and Local Compliance Officer Intesa Sanpaolo Giuseppe Catalano Company Secretary, Head of Corporate Affairs Assicurazioni Generali Responsabile Territoriale Lombardia e Liguria AIGI

Recommended

How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...
Giulio Coraggio
 
Wearable technologies, privacy and intellectual property rights
Wearable technologies, privacy and intellectual property rightsWearable technologies, privacy and intellectual property rights
Wearable technologies, privacy and intellectual property rights
Giulio Coraggio
 
What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...
Giulio Coraggio
 
Wearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemWearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring system
Giulio Coraggio
 
Legal issues on social media
Legal issues on social mediaLegal issues on social media
Legal issues on social media
Giulio Coraggio
 
Legal issues of the Internet of Things
Legal issues of the Internet of ThingsLegal issues of the Internet of Things
Legal issues of the Internet of Things
Giulio Coraggio
 
What changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesWhat changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling Companies
Giulio Coraggio
 
Come cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeoCome cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeo
Giulio Coraggio
 

Recommended

How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...
Giulio Coraggio
 
Wearable technologies, privacy and intellectual property rights
Wearable technologies, privacy and intellectual property rightsWearable technologies, privacy and intellectual property rights
Wearable technologies, privacy and intellectual property rights
Giulio Coraggio
 
What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...What changes for Internet of Things technologies with the EU Data Protection ...
What changes for Internet of Things technologies with the EU Data Protection ...
Giulio Coraggio
 
Wearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemWearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring system
Giulio Coraggio
 
Legal issues on social media
Legal issues on social mediaLegal issues on social media
Legal issues on social media
Giulio Coraggio
 
Legal issues of the Internet of Things
Legal issues of the Internet of ThingsLegal issues of the Internet of Things
Legal issues of the Internet of Things
Giulio Coraggio
 
What changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling CompaniesWhat changes with the EU Data Protection Regulation for Gambling Companies
What changes with the EU Data Protection Regulation for Gambling Companies
Giulio Coraggio
 
Come cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeoCome cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeo
Giulio Coraggio
 
GDPR Jan 2018 1
GDPR Jan 2018 1GDPR Jan 2018 1
GDPR Jan 2018 1
Jason Chapman
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019
Sagara Gunathunga
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
Michelangelo van Dam
 
Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17
Trish McGinity, CCSK
 
CWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trust
Capgemini
 
Are you preparing for GDPR?
Are you preparing for GDPR?Are you preparing for GDPR?
Are you preparing for GDPR?
Chris Bullock
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Grid
bradley_g
 
EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know
Sarah Crabb
 
Driving Digital Transformation
Driving Digital TransformationDriving Digital Transformation
Driving Digital Transformation
Iron Mountain
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White Papaer
Kristyn Greenwood
 
Safeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset DispositionSafeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset Disposition
Iron Mountain
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethics
AT Internet
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
Ulf Mattsson
 
Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory Service
Iron Mountain
 
GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality
Susan Moran
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
TrustArc
 
GDPR and Privacy Data AI Miner - Solve your complex privacy data challenges!
GDPR and Privacy Data AI Miner - Solve your complex privacy data challenges!GDPR and Privacy Data AI Miner - Solve your complex privacy data challenges!
GDPR and Privacy Data AI Miner - Solve your complex privacy data challenges!
Elinar
 
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
Abdullahi Arabo Jr (MEng, MBCS, PhD)
 
Scommesse sportive online in Italia, come invertire il declino
Scommesse sportive online in Italia, come invertire il declinoScommesse sportive online in Italia, come invertire il declino
Scommesse sportive online in Italia, come invertire il declino
Giulio Coraggio
 
Intellectual property models in the electronic gaming industry
Intellectual property models in the electronic gaming industryIntellectual property models in the electronic gaming industry
Intellectual property models in the electronic gaming industry
Giulio Coraggio
 

More Related Content

What's hot

Privacy by design
Privacy by designPrivacy by design
Privacy by design
Michelangelo van Dam
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
TrustArc
 

What's hot (20)

GDPR Jan 2018 1
GDPR Jan 2018 1GDPR Jan 2018 1
GDPR Jan 2018 1
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17
 
CWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trustCWIN17 New-York / earning the currency of trust
CWIN17 New-York / earning the currency of trust
 
Are you preparing for GDPR?
Are you preparing for GDPR?Are you preparing for GDPR?
Are you preparing for GDPR?
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Grid
 
EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know
 
Driving Digital Transformation
Driving Digital TransformationDriving Digital Transformation
Driving Digital Transformation
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White Papaer
 
Safeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset DispositionSafeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset Disposition
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethics
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
 
Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory Service
 
GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality GDPR – The Practicalities of a New Reality
GDPR – The Practicalities of a New Reality
 
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
Mastering Article 30 Compliance: Conducting, Maintaining & Reporting on your ...
 
GDPR and Privacy Data AI Miner - Solve your complex privacy data challenges!
GDPR and Privacy Data AI Miner - Solve your complex privacy data challenges!GDPR and Privacy Data AI Miner - Solve your complex privacy data challenges!
GDPR and Privacy Data AI Miner - Solve your complex privacy data challenges!
 
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
ITCamp 2018 - Cristiana Fernbach - GDPR compliance in the industry 4.0
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
 

Viewers also liked

Intellectual Property Rights
Intellectual Property RightsIntellectual Property Rights
Intellectual Property Rights
Shwet Kamal
 

Viewers also liked (18)

Scommesse sportive online in Italia, come invertire il declino
Scommesse sportive online in Italia, come invertire il declinoScommesse sportive online in Italia, come invertire il declino
Scommesse sportive online in Italia, come invertire il declino
 
Intellectual property models in the electronic gaming industry
Intellectual property models in the electronic gaming industryIntellectual property models in the electronic gaming industry
Intellectual property models in the electronic gaming industry
 
Webinar italy remote gaming regulations
Webinar italy remote gaming regulationsWebinar italy remote gaming regulations
Webinar italy remote gaming regulations
 
Cyber risk e assicurazioni
Cyber risk e assicurazioniCyber risk e assicurazioni
Cyber risk e assicurazioni
 
Legal requirements for operating in a videolottery market
Legal requirements for operating in a videolottery marketLegal requirements for operating in a videolottery market
Legal requirements for operating in a videolottery market
 
Smart home e problematiche legali - L'interoperabilità tra piattaforme come u...
Smart home e problematiche legali - L'interoperabilità tra piattaforme come u...Smart home e problematiche legali - L'interoperabilità tra piattaforme come u...
Smart home e problematiche legali - L'interoperabilità tra piattaforme come u...
 
Drones and logistics - What legal issues and how to handle them
Drones and logistics - What legal issues and how to handle themDrones and logistics - What legal issues and how to handle them
Drones and logistics - What legal issues and how to handle them
 
Open API e problematiche legali al tempo del PSD2
Open API e problematiche legali al tempo del PSD2Open API e problematiche legali al tempo del PSD2
Open API e problematiche legali al tempo del PSD2
 
Intellectual Property Rights
Intellectual Property RightsIntellectual Property Rights
Intellectual Property Rights
 
Data Privacy as a Competitive Advantage
Data Privacy as a Competitive AdvantageData Privacy as a Competitive Advantage
Data Privacy as a Competitive Advantage
 
Privacy - semplificazioni e adempimenti. Un'opportunità per le aziende - Inte...
Privacy - semplificazioni e adempimenti. Un'opportunità per le aziende - Inte...Privacy - semplificazioni e adempimenti. Un'opportunità per le aziende - Inte...
Privacy - semplificazioni e adempimenti. Un'opportunità per le aziende - Inte...
 
Privacy - semplificazioni e adempimenti. Un'opportunità per le aziende - slid...
Privacy - semplificazioni e adempimenti. Un'opportunità per le aziende - slid...Privacy - semplificazioni e adempimenti. Un'opportunità per le aziende - slid...
Privacy - semplificazioni e adempimenti. Un'opportunità per le aziende - slid...
 
Smau Torino 2015 - Guglielmo Troiano
Smau Torino 2015 - Guglielmo TroianoSmau Torino 2015 - Guglielmo Troiano
Smau Torino 2015 - Guglielmo Troiano
 
Declínio em religião
Declínio em religiãoDeclínio em religião
Declínio em religião
 
nader
nadernader
nader
 
Natural disaster
Natural disasterNatural disaster
Natural disaster
 
Evaluation factual writing
Evaluation factual writingEvaluation factual writing
Evaluation factual writing
 
Presentacion Manaure, La Guajira
Presentacion Manaure, La GuajiraPresentacion Manaure, La Guajira
Presentacion Manaure, La Guajira
 

Similar to #Privacy Matters - Come il regolamento privacy europeo da un problema può diventare un vantaggio competitivo

Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
RishalHalid1
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
Sirius
 
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental ownersGDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
Spain-Holiday.com
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Sirius
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
Priyanka Aash
 

Similar to #Privacy Matters - Come il regolamento privacy europeo da un problema può diventare un vantaggio competitivo (20)

Article - 10 best data compliance practices .pdf
Article - 10 best data compliance practices .pdfArticle - 10 best data compliance practices .pdf
Article - 10 best data compliance practices .pdf
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
 
GDPR: Time to Act
GDPR: Time to ActGDPR: Time to Act
GDPR: Time to Act
 
Data Privacy and Security in UAE.pptx
Data Privacy and Security in UAE.pptxData Privacy and Security in UAE.pptx
Data Privacy and Security in UAE.pptx
 
Keep Calm and GDPR
Keep Calm and GDPRKeep Calm and GDPR
Keep Calm and GDPR
 
Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR compliance
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental ownersGDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
 
Symantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR Compliance
 
The Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t knowThe Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t know
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
 
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPRDigital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To Consider
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
 
What is CT- DPO.pdf
What is CT- DPO.pdfWhat is CT- DPO.pdf
What is CT- DPO.pdf
 
Privacy as a Career
Privacy as a CareerPrivacy as a Career
Privacy as a Career
 
Data Privacy: The Hidden Beast within Mergers & Acquisitions
Data Privacy: The Hidden Beast within Mergers & AcquisitionsData Privacy: The Hidden Beast within Mergers & Acquisitions
Data Privacy: The Hidden Beast within Mergers & Acquisitions
 
Setting the right GDPR priorities
Setting the right GDPR prioritiesSetting the right GDPR priorities
Setting the right GDPR priorities
 

More from Giulio Coraggio

Direttiva NIS2 - Nuovi obblighi legali di cybersecurity
Direttiva NIS2 - Nuovi obblighi legali di cybersecurityDirettiva NIS2 - Nuovi obblighi legali di cybersecurity
Direttiva NIS2 - Nuovi obblighi legali di cybersecurity
Giulio Coraggio
 
Decreti di adeguamento ai regolamenti MDR e IVDR
Decreti di adeguamento ai regolamenti MDR e IVDRDecreti di adeguamento ai regolamenti MDR e IVDR
Decreti di adeguamento ai regolamenti MDR e IVDR
Giulio Coraggio
 
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Giulio Coraggio
 
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenzeDOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
Giulio Coraggio
 
Good practices and common pitfalls on advertising of cosmetics in Italy
Good practices and common pitfalls on advertising of cosmetics in ItalyGood practices and common pitfalls on advertising of cosmetics in Italy
Good practices and common pitfalls on advertising of cosmetics in Italy
Giulio Coraggio
 
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Giulio Coraggio
 

More from Giulio Coraggio (20)

Come conformarsi al Regolamento DORA sulla cybersecurity
Come conformarsi al Regolamento DORA sulla cybersecurityCome conformarsi al Regolamento DORA sulla cybersecurity
Come conformarsi al Regolamento DORA sulla cybersecurity
 
Infografica sulle 5 regole privacy per i programmi di fidelizzazione
Infografica sulle 5 regole privacy per i programmi di fidelizzazioneInfografica sulle 5 regole privacy per i programmi di fidelizzazione
Infografica sulle 5 regole privacy per i programmi di fidelizzazione
 
Direttiva NIS2 - Nuovi obblighi legali di cybersecurity
Direttiva NIS2 - Nuovi obblighi legali di cybersecurityDirettiva NIS2 - Nuovi obblighi legali di cybersecurity
Direttiva NIS2 - Nuovi obblighi legali di cybersecurity
 
Decreti di adeguamento ai regolamenti MDR e IVDR
Decreti di adeguamento ai regolamenti MDR e IVDRDecreti di adeguamento ai regolamenti MDR e IVDR
Decreti di adeguamento ai regolamenti MDR e IVDR
 
Nuove normativa sulla accessibilità applicabili a qualsiasi sito web
Nuove normativa sulla accessibilità applicabili a qualsiasi sito webNuove normativa sulla accessibilità applicabili a qualsiasi sito web
Nuove normativa sulla accessibilità applicabili a qualsiasi sito web
 
New Italian rules on accessibility of websites
New Italian rules on accessibility of websitesNew Italian rules on accessibility of websites
New Italian rules on accessibility of websites
 
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
 
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenzeDOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
 
Good practices and common pitfalls on advertising of medical devices in Italy
Good practices and common pitfalls on advertising of medical devices in ItalyGood practices and common pitfalls on advertising of medical devices in Italy
Good practices and common pitfalls on advertising of medical devices in Italy
 
Le modifiche del Codice del Consumo, come impattano sulle aziende
Le modifiche del Codice del Consumo, come impattano sulle aziendeLe modifiche del Codice del Consumo, come impattano sulle aziende
Le modifiche del Codice del Consumo, come impattano sulle aziende
 
Good practices and common pitfalls on advertising of tobacco products in Italy
Good practices and common pitfalls on advertising of tobacco products in ItalyGood practices and common pitfalls on advertising of tobacco products in Italy
Good practices and common pitfalls on advertising of tobacco products in Italy
 
Good practices and common pitfalls on advertising of alcoholic products in Italy
Good practices and common pitfalls on advertising of alcoholic products in ItalyGood practices and common pitfalls on advertising of alcoholic products in Italy
Good practices and common pitfalls on advertising of alcoholic products in Italy
 
Good practices and common pitfalls on advertising of medicines in Italy
Good practices and common pitfalls on advertising of medicines in ItalyGood practices and common pitfalls on advertising of medicines in Italy
Good practices and common pitfalls on advertising of medicines in Italy
 
Good practices and common pitfalls on advertising of cosmetics in Italy
Good practices and common pitfalls on advertising of cosmetics in ItalyGood practices and common pitfalls on advertising of cosmetics in Italy
Good practices and common pitfalls on advertising of cosmetics in Italy
 
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
 
Italian Gambling Advertising Ban – Don'ts and Do's
Italian Gambling Advertising Ban – Don'ts and Do'sItalian Gambling Advertising Ban – Don'ts and Do's
Italian Gambling Advertising Ban – Don'ts and Do's
 
Good practices and common pitfalls on ESG advertising in Italy
Good practices and common pitfalls on ESG advertising in ItalyGood practices and common pitfalls on ESG advertising in Italy
Good practices and common pitfalls on ESG advertising in Italy
 
Come gestire gli obblighi privacy di un attacco ransomware
Come gestire gli obblighi privacy di un attacco ransomwareCome gestire gli obblighi privacy di un attacco ransomware
Come gestire gli obblighi privacy di un attacco ransomware
 
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...
 
Come gestire un data breach da attacco ransomware
Come gestire un data breach da attacco ransomwareCome gestire un data breach da attacco ransomware
Come gestire un data breach da attacco ransomware
 

Recently uploaded

一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
bd2c5966a56d
 
一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理
Airst S
 
3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
seri bangash
 
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
F La
 
Corporate Governance (Indian Scenario, Legal frame work in India ) - PPT.ppt
Corporate Governance (Indian Scenario, Legal frame work in India ) - PPT.pptCorporate Governance (Indian Scenario, Legal frame work in India ) - PPT.ppt
Corporate Governance (Indian Scenario, Legal frame work in India ) - PPT.ppt
RRR Chambers
 
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
Delhi Call girls
 
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
A AA
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
Airst S
 
一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理
Airst S
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
SUHANI PANDEY
 
Code_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptCode_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.ppt
JosephCanama
 

Recently uploaded (20)

Hely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd .pdfHely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd .pdf
 
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
 
一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理一比一原版悉尼大学毕业证如何办理
一比一原版悉尼大学毕业证如何办理
 
3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
 
The Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in SpainThe Main Steps on Starting a Business in Spain
The Main Steps on Starting a Business in Spain
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
 
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
一比一原版(Cranfield毕业证书)克兰菲尔德大学毕业证如何办理
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
 
Understanding the Role of Labor Unions and Collective Bargaining
Understanding the Role of Labor Unions and Collective BargainingUnderstanding the Role of Labor Unions and Collective Bargaining
Understanding the Role of Labor Unions and Collective Bargaining
 
Police Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. SteeringPolice Misconduct Lawyers - Law Office of Jerry L. Steering
Police Misconduct Lawyers - Law Office of Jerry L. Steering
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
 
Corporate Governance (Indian Scenario, Legal frame work in India ) - PPT.ppt
Corporate Governance (Indian Scenario, Legal frame work in India ) - PPT.pptCorporate Governance (Indian Scenario, Legal frame work in India ) - PPT.ppt
Corporate Governance (Indian Scenario, Legal frame work in India ) - PPT.ppt
 
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Nangli Wazidpur Sector 135 ( Noida)
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in Law
 
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
 
Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptx
 
一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理一比一原版曼彻斯特城市大学毕业证如何办理
一比一原版曼彻斯特城市大学毕业证如何办理
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
 
Code_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptCode_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.ppt
 

#Privacy Matters - Come il regolamento privacy europeo da un problema può diventare un vantaggio competitivo

  • 1. 1 #PrivacyMatters e come la privacy può diventare da un problema un vantaggio competitivo Giulio Coraggio Partner - DLA Piper Studio Legale Head of Technology Sector and Global Internet of Things Group Giulio.Coraggio@dlapiper.com Gianluigi Marino Lawyer - DLA Piper Studio Legale Gianluigi.Marino@dlapiper.com Rosy Cinefra Senior Counsel - CA Technologies Rosy.Cinefra@ca.com privacymatterstoday@gmail.com
  • 3. la grande “onda” del regolamento privacy sta arrivando…
  • 4.
  • 5.
  • 6. Ma quando si applica?
  • 7. periodo di conservazione diritto di reclamo base giuridica del trattamento diritto alla portabilità dei dati Registro dei trattamenti la mappatura dei dati deve essere costante
  • 8. bisogna controllare chi tratta i dati per voi? agenti
  • 9. l’intera organizzazione aziendale deve cambiare… #PrivacyMatters
  • 10. e siamo nel bel mezzo della sfida della digitalizzazione
  • 11. clienti clienti la parola magica è “profilazione” dipendenti fornitori dipendenti
  • 13. il data protection officer non può essere il solo garante interno della privacy
  • 14. ma il regolamento aiuta i vostri concorrenti
  • 15. profilo clienti autorizzati a “rubare” i dati dei vostri clienti?
  • 17. la protezione dei dati può essere complessa
  • 18. e siete obbligati a proteggere i dati con misure di sicurezza “appropriate”
  • 19.
  • 20.
  • 21. e in caso di “data breach”
  • 22. Privacy by design e by default Security by design Privacy impact assessment Policy interne privacy e cyber risk Data protection officer Polizza assicurativa cyber risk ci sono gli strumenti per proteggersi
  • 25. 2. Valutazione Report section Department / team Issue Inherent risk score Action 1.04 Entire business Data sharing takes place around the Group but there is no evidence that this is undertaken on particular terms or that related information is logged or recorded in any way. 20 Ensure all data sharing is clearly tracked through a central privacy clearing team, and regulated under an intra-group data transfer agreement which sets out clear rules and restrictions for onward use and secure processing. If there are processes or agreements in place, refresh these to ensure that all entities, locations, systems and data types are covered. 1.05 Entire business Data sharing with third parties routinely occurs, but disclosures do not appear to be logged or recorded. 20 Develop a data sharing protocol to regulate transfer / receipt of data with third parties. This should be supported by guidance on the contractual safeguards that you expect to be in place to provide assurance that third parties receiving data will only use it for limited purposes prescribed, with the information returned or destroyed at the end of the engagement or when it is no longer needed (whichever is the sooner) and that they understand the3.03 E-commerce Insurance information is stored on separate servers that appear to be more widely accessible by wider business teams. 12 Ensure means of transfer are secure when transferring data within the business or to a third party and that the data is then handled appropriately once received. Gap Analisys report Action plan A. Employee data: recruitment and selection of staff No. Issue What you should be doing to meet baseline GDPR position What you are doing / recommended actions Risk / Impact A1 Fair processing notice You should limit the personal data you collect from application forms etc to the fields necessary to allow you to select staff, carry out any necessary vetting (see below), populating initial e m p l o y m e n t r e c o r d s , registering with relevant tax authorities and checking their immigration status where necessary (or holding this on record for checks to [ Yo u r o u t i n e l y c o l l e c t personal data from potential recruits to support the selection process but you do not present recruits with a standard form privacy policy in the application process] ACTION : [e.g. Prepare standard privacy policy for new r e c r u i t s . I n c o r p o r a t e reference to the policy into Impact - significant Likelihood - likely
  • 27. Privacy by design e by default Security by design Privacy impact assessment Policy interne privacy e cyber risk Data protection officer Polizza assicurativa cyber risk 4.Attuazione
  • 28. 5.Monitoraggio è un continuo “work in progress”
  • 29. 29 #PrivacyMatters Giulio Coraggio Partner - DLA Piper Studio Legale Head of Technology Sector and Global Internet of Things Group Giulio.Coraggio@dlapiper.com Gianluigi Marino Lawyer - DLA Piper Studio Legale Gianluigi.Marino@dlapiper.com Rosy Cinefra Senior Counsel - CA Technologies Rosy.Cinefra@ca.com privacymatterstoday@gmail.com
  • 30. 30 #PrivacyMatters Giulio Coraggio Partner - DLA Piper Studio Legale Head of Technology Sector and Global Internet of Things Group Giulio.Coraggio@dlapiper.com Gianluigi Marino Lawyer - DLA Piper Studio Legale Gianluigi.Marino@dlapiper.com privacymatterstoday@gmail.com Rosy Cinefra Senior Counsel CA Technologies Giovanni Cerutti Senior VP, General Counsel, Compliance & Risk NTT Data EMEA Giuseppe Bellazzi Manager Legal and Litigation Department Intesa Sanpaolo Fabio Fiumanò Legal Manager and Local Compliance Officer Intesa Sanpaolo Giuseppe Catalano Company Secretary, Head of Corporate Affairs Assicurazioni Generali Responsabile Territoriale Lombardia e Liguria AIGI