SlideShare ist ein Scribd-Unternehmen logo

Are You GDPR Ready?

Als PPTX, PDF herunterladen
NICSA
NICSA

General Data Protection Regulation comes into force across the EU on May 25, 2018. Investment fund complexes, distributors, fund administrators and depositaries with global reach will need to consider their controls and processes as they relate to personal data. Our experts offer invaluable insight on: - Main features of the regulation - Obligations for the fund industry - Practical guidance on “operationalizing” GDPR principles

Wirtschaft & Finanzen
1 von 10
www.nicsa.org | #WebinarWednesdays GENERAL DATA PROTECTION REGULATION Are You GDPR Ready? May 16, 2018
www.nicsa.org | #WebinarWednesdays NITIN PANDEY - Moderator Senior Manager, Risk and Financial Advisory Deloitte & Touche LLP OLIVIER REISCH Partner DLA Piper Luxembourg JENNIFER SCHACK Senior Vice President, Global Head of Privacy Northern Trust Company MARIA TERESA FULCI DE ROSÉE Head of Legal and Compliance Crestbridge Luxembourg
www.nicsa.org | #WebinarWednesdays How the Luxembourg fund industry prepared ALFI was among the first industry bodies in Luxembourg to set up an active GDPR working group • GDPR working group kick off meeting in September 2017, with over 60 people attending • 3 sub groups were created with good mix of ManCo, TA and Custody functions, but also lawyers and consultants represented — Business impact analysis (mainly looked at controller/processor roles) — KYC/AML, FATCA/CRS aspects — General aspects (looked at DPOs, DPIA's, Transparency and legal basis) • Regular 2-3 hour meetings over the next few months with typically 15-20 people attending each session • Meeting with the Luxembourg regulator in February 2018, chairs were able to get excellent feedback • Issue 1 of the ALFI GDPR Q&A published to members on 27 April 2018 • Issue 2 in the works
www.nicsa.org | #WebinarWednesdays Crestbridge GDPR project GDPR Roadmap Readiness Assessment Test Risk Assessment Workshop Data Scoping Findings Risk Based Approach Governance and DPO, Procedures, CRM and Marketing, Training, Privacy Notices, Agreements review, HR, IT…
www.nicsa.org | #WebinarWednesdays Data Mapping / Records of Processing (article 30) Data Privacy Impact Assessments (article 35) Storage Limitations (article 5, 25, 47) Data Minimization (article 5, 25, 47) Individual Rights Requests (article 15-22) Privacy by Design (article 25) Data Breach Response (article 33-34) Vendor/Third Party Due Diligence (article 28) GDPR Considerations Compliance Management Governance Training&Awareness IndependentReview
Q&AQUESTIONS & ANSWERS SESSION www.nicsa.org | #WebinarWednesdays
www.nicsa.org | #WebinarWednesdays Main obligations of the controller Main obligations of the processor 1. Implement technical and organizational measures to ensure and demonstrate that processing is performed in accordance with GDPR – data Protection policies and procedures (DP by design) 2. Implement measures by which only data that are necessary to be processed are actually processed (DP by default) 3. Only use Processors that provide sufficient guarantees that it is able to implement technical and organizational measures to ensure and demonstrate that processing is performed in accordance with GDPR and ensure protection of the rights of the Data Subject 4. If Joint Controllers, determine each controller responsibilities 5. Maintain record of processing 6. Provide information to data subject: a. On the Controller: the identity and contact details of the controller and, where applicable, their representative, the contact details for the data protection officer, if any b. On the Personal Data: Categories of personal data concerned and the Recipients (or categories of recipients) of the personal data 1. Provide sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the GDPR and ensure the protection of the rights of the data subject; 2. Request prior authorisation if it wants to delegate the processing to another processor or, if it has been already granted with a generic authorisation to delegate, inform the controller in advance and give it the opportunity to object; 3. Impose the same data protection obligations to another processor by way of a contract while remaining fully liable to the controller for the performance of that other processor's obligations; 4. Maintain records of the categories of processing; 5. Enter into a contract or other legal act with the controller which sets out:  the subject-matter and duration of the processing,  the nature and purpose of the processing,  the type of personal data and categories of data subjects, and  the obligations and rights of the controller.
www.nicsa.org | #WebinarWednesdays a. On the processing: The purposes and legal basis for the processing: i. Consent ii. performance of a contract iii. legal obligation, iv. legitimate interest, if it is not overridden by the interests or fundamental rights and freedom of the Data Subject, or v. (to protect a vital interest and public interest). b. The storage period (or if not possible, criteria used to determine that period) c. The existence of automated decision-making including profiling and, if applicable, meaningful information about the logic used and the significance and envisaged consequences of such processing for the data subject d. Details of transfers to third countries, the fact of same and the details of the relevant safeguards (including the existence or absence of a Commission adequacy decision) and the means to obtain a copy of them or where they have been made available In addition, the contract or other legal act shall stipulate that the processor:  processes the personal data only on documented instructions from the controller, including with regard to transfers of personal data to a third country, or before the processing the processor informs the controller if a legal requirement obliges it to do so,  ensures that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality,  takes all measures required to ensure security of processing, which may include: o the pseudonymisation and encryption of personal data, o the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, o the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident, o a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. Main obligations of the controller Main obligations of the processor
www.nicsa.org | #WebinarWednesdays a. On the rights of the data subject i.e. to: i. be informed, have access , rectification, erasure , restriction on processing, objection to processing and data portability, object to automated decision making and profiling, the right to lodge a complaint with a supervisory authority, claim for indemnification. b. Where processing is based on consent (or explicit consent), the right to withdraw consent at any time c. Where legitimate interests is the legal basis for the processing, the legitimate interests pursued by the data controller or a third party d. Whether there is a statutory or contractual requirement to provide the information or whether it is necessary to enter into a contract or whether there is an obligation to provide the information and the possible consequences of failure. e. If data are received from a third party, the source from which the personal data originate, and if applicable, whether it came from a publicly accessible source 7. Facilitate the exercise of data subject rights 8. Notify the CNDP on data breach (72 hours) and communicate to Data Subject if there is a high risk to the Data Subject rights and freedom 9. In certain circumstances, appoint a DPO (core activity consists on processing data on a large scale) and perform a DP Impact Assessment (large scale of data processing, systematic monitoring, etc.), and 10. Respond to the CNDP inquires.  assists the controller by appropriate technical and organisational measures for the fulfilment of the controller's obligation to respond to requests for exercising the data subject's rights;  assists the controller in drafting the DPIA, ensure security of processing, notify data breaches, assist when prior consultation of the supervisory authority in charge is required;  upon request deletes or returns all the personal data to the controller after the end of the provision of services relating to the processing, and deletes existing copies;  makes available to the controller all information necessary to demonstrate compliance with the obligations laid down in the GDPR, and allows for and contributes to audits, including inspections, conducted by the controller or another auditor mandated by the controller. 1. Notify the controller without undue delay after becoming aware of a personal data breach; 2. In certain circumstances, appoint a DPO (core activity consists on processing data on a large scale) and perform a DPIA (large scale of data processing, systematic monitoring, etc.); and 3. Respond to the possible inquiries from supervisory authorities. Note: If a processor infringes the GDPR by determining the purposes and means of processing, the processor shall be considered to be a controller in respect of that processing. Main obligations of the controller Main obligations of the processor
www.nicsa.org | #WebinarWednesdays WEBINAR SPONSOR

Empfohlen

DPIA template
DPIA templateDPIA template
DPIA templateTommy Vandepitte
 
20180619 Controller-to-Processor agreements
20180619 Controller-to-Processor agreements20180619 Controller-to-Processor agreements
20180619 Controller-to-Processor agreementsBrussels Legal Hackers
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
Data Protection Seminar_GDPR_ISOLAS_26-06-17
Data Protection Seminar_GDPR_ISOLAS_26-06-17Data Protection Seminar_GDPR_ISOLAS_26-06-17
Data Protection Seminar_GDPR_ISOLAS_26-06-17Michael Adamberry
 
Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson LLP
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
 
GDPR and Hadoop
GDPR and HadoopGDPR and Hadoop
GDPR and HadoopJanosch Woschitz
 
Prep your app for gdpr compliance
Prep your app for gdpr compliancePrep your app for gdpr compliance
Prep your app for gdpr complianceAsanka Nissanka
 

Empfohlen

DPIA template
DPIA templateDPIA template
DPIA templateTommy Vandepitte
 
20180619 Controller-to-Processor agreements
20180619 Controller-to-Processor agreements20180619 Controller-to-Processor agreements
20180619 Controller-to-Processor agreementsBrussels Legal Hackers
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
Data Protection Seminar_GDPR_ISOLAS_26-06-17
Data Protection Seminar_GDPR_ISOLAS_26-06-17Data Protection Seminar_GDPR_ISOLAS_26-06-17
Data Protection Seminar_GDPR_ISOLAS_26-06-17Michael Adamberry
 
Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson - Administrative and public law - October 2017
Browne Jacobson - Administrative and public law - October 2017Browne Jacobson LLP
 
Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Evolving international privacy regulations and cross border data transfer - g...
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
 
GDPR and Hadoop
GDPR and HadoopGDPR and Hadoop
GDPR and HadoopJanosch Woschitz
 
Prep your app for gdpr compliance
Prep your app for gdpr compliancePrep your app for gdpr compliance
Prep your app for gdpr complianceAsanka Nissanka
 
The principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - ukThe principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - uk- Mark - Fullbright
 
Public sector breakfast club, October 2016, Exeter
Public sector breakfast club, October 2016, ExeterPublic sector breakfast club, October 2016, Exeter
Public sector breakfast club, October 2016, ExeterBrowne Jacobson LLP
 
What does GDPR mean for your business?
What does GDPR mean for your business?What does GDPR mean for your business?
What does GDPR mean for your business?BrightPay Payroll and Auto Enrolment Software
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Werksmans Attorneys
 
Administrative and public law seminar
Administrative and public law seminarAdministrative and public law seminar
Administrative and public law seminarBrowne Jacobson LLP
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSAUlf Mattsson
 
Prepare Your Firm for GDPR
Prepare Your Firm for GDPRPrepare Your Firm for GDPR
Prepare Your Firm for GDPRMyComplianceOffice
 
GDPR: What does it mean for your business?
GDPR: What does it mean for your business?GDPR: What does it mean for your business?
GDPR: What does it mean for your business?BrightPay Payroll and Auto Enrolment Software
 
GDPR: What does it mean for your business?
GDPR: What does it mean for your business?GDPR: What does it mean for your business?
GDPR: What does it mean for your business?BrightPay Payroll and Auto Enrolment Software
 
250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentationDennisHillemann
 
3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICE3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICECFG
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsHarrison Clark Rickerbys
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR DemystifiedSPIN Chennai
 
Documents, documents and more documents - is it time to spring clean? - Ahmor...
Documents, documents and more documents - is it time to spring clean? - Ahmor...Documents, documents and more documents - is it time to spring clean? - Ahmor...
Documents, documents and more documents - is it time to spring clean? - Ahmor...Werksmans Attorneys
 
Webinar: An EU regulation affecting companies worldwide - GDPR
Webinar: An EU regulation affecting companies worldwide - GDPRWebinar: An EU regulation affecting companies worldwide - GDPR
Webinar: An EU regulation affecting companies worldwide - GDPRpanagenda
 
DATA PRIVACY, CLOUD & PURCHASING DEPARTMENT
DATA PRIVACY, CLOUD & PURCHASING DEPARTMENTDATA PRIVACY, CLOUD & PURCHASING DEPARTMENT
DATA PRIVACY, CLOUD & PURCHASING DEPARTMENTProf. Jacques Folon (Ph.D)
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
GDPR: Protecting Your Data
GDPR: Protecting Your DataGDPR: Protecting Your Data
GDPR: Protecting Your DataUlf Mattsson
 
GDPR, Data Privacy.
GDPR, Data Privacy.GDPR, Data Privacy.
GDPR, Data Privacy.Liviu Claudiu Cismaru
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
GDPR 11/1/2017
GDPR 11/1/2017GDPR 11/1/2017
GDPR 11/1/2017isc2-hellenic
 

Weitere ähnliche Inhalte

Was ist angesagt?

The principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - ukThe principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - uk- Mark - Fullbright
 
Public sector breakfast club, October 2016, Exeter
Public sector breakfast club, October 2016, ExeterPublic sector breakfast club, October 2016, Exeter
Public sector breakfast club, October 2016, ExeterBrowne Jacobson LLP
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Werksmans Attorneys
 
Administrative and public law seminar
Administrative and public law seminarAdministrative and public law seminar
Administrative and public law seminarBrowne Jacobson LLP
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSAUlf Mattsson
 
250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentationDennisHillemann
 
3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICE3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICECFG
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsHarrison Clark Rickerbys
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
 
Documents, documents and more documents - is it time to spring clean? - Ahmor...
Documents, documents and more documents - is it time to spring clean? - Ahmor...Documents, documents and more documents - is it time to spring clean? - Ahmor...
Documents, documents and more documents - is it time to spring clean? - Ahmor...Werksmans Attorneys
 
Webinar: An EU regulation affecting companies worldwide - GDPR
Webinar: An EU regulation affecting companies worldwide - GDPRWebinar: An EU regulation affecting companies worldwide - GDPR
Webinar: An EU regulation affecting companies worldwide - GDPRpanagenda
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 

Was ist angesagt? (18)

The principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - ukThe principles of the Data Protection Act in detail - uk
The principles of the Data Protection Act in detail - uk
 
Public sector breakfast club, October 2016, Exeter
Public sector breakfast club, October 2016, ExeterPublic sector breakfast club, October 2016, Exeter
Public sector breakfast club, October 2016, Exeter
 
What does GDPR mean for your business?
What does GDPR mean for your business?What does GDPR mean for your business?
What does GDPR mean for your business?
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...
 
Administrative and public law seminar
Administrative and public law seminarAdministrative and public law seminar
Administrative and public law seminar
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSA
 
Prepare Your Firm for GDPR
Prepare Your Firm for GDPRPrepare Your Firm for GDPR
Prepare Your Firm for GDPR
 
GDPR: What does it mean for your business?
GDPR: What does it mean for your business?GDPR: What does it mean for your business?
GDPR: What does it mean for your business?
 
GDPR: What does it mean for your business?
GDPR: What does it mean for your business?GDPR: What does it mean for your business?
GDPR: What does it mean for your business?
 
250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation
 
3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICE3A – DATA PROTECTION: ADVICE
3A – DATA PROTECTION: ADVICE
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 
Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...Introduction to EU General Data Protection Regulation: Planning, Implementati...
Introduction to EU General Data Protection Regulation: Planning, Implementati...
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR Demystified
 
Documents, documents and more documents - is it time to spring clean? - Ahmor...
Documents, documents and more documents - is it time to spring clean? - Ahmor...Documents, documents and more documents - is it time to spring clean? - Ahmor...
Documents, documents and more documents - is it time to spring clean? - Ahmor...
 
Webinar: An EU regulation affecting companies worldwide - GDPR
Webinar: An EU regulation affecting companies worldwide - GDPRWebinar: An EU regulation affecting companies worldwide - GDPR
Webinar: An EU regulation affecting companies worldwide - GDPR
 
DATA PRIVACY, CLOUD & PURCHASING DEPARTMENT
DATA PRIVACY, CLOUD & PURCHASING DEPARTMENTDATA PRIVACY, CLOUD & PURCHASING DEPARTMENT
DATA PRIVACY, CLOUD & PURCHASING DEPARTMENT
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016
 

Ähnlich wie Are You GDPR Ready?

GDPR: Protecting Your Data
GDPR: Protecting Your DataGDPR: Protecting Your Data
GDPR: Protecting Your DataUlf Mattsson
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysQualsys Ltd
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!Fintan Swanton
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
 
Understanding GDPR: A Comprehensive Guide to Data Protection
Understanding GDPR: A Comprehensive Guide to Data ProtectionUnderstanding GDPR: A Comprehensive Guide to Data Protection
Understanding GDPR: A Comprehensive Guide to Data ProtectionShyamMishra72
 
Compliance poster
Compliance posterCompliance poster
Compliance posterRui Gomes
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? SecurityScorecard
 
GDPR Are you ready for auditing privacy ?
GDPR Are you ready for auditing privacy ?GDPR Are you ready for auditing privacy ?
GDPR Are you ready for auditing privacy ?Patrick Soenen
 
Contracting for Better Cybersecurity
Contracting for Better CybersecurityContracting for Better Cybersecurity
Contracting for Better CybersecurityShawn Tuma
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...Harrison Clark Rickerbys
 
EU data protection and security update COCIR annual meeting 2016
EU data protection and security update COCIR annual meeting 2016EU data protection and security update COCIR annual meeting 2016
EU data protection and security update COCIR annual meeting 2016Erik Vollebregt
 
The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")Parsons Behle & Latimer
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsHarrison Clark Rickerbys
 

Ähnlich wie Are You GDPR Ready? (20)

GDPR: Protecting Your Data
GDPR: Protecting Your DataGDPR: Protecting Your Data
GDPR: Protecting Your Data
 
GDPR, Data Privacy.
GDPR, Data Privacy.GDPR, Data Privacy.
GDPR, Data Privacy.
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
 
GDPR 11/1/2017
GDPR 11/1/2017GDPR 11/1/2017
GDPR 11/1/2017
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
Privacy by Design: legal perspective
Privacy by Design: legal perspectivePrivacy by Design: legal perspective
Privacy by Design: legal perspective
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by Qualsys
 
GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!GDPR - Fail to Prepare, Prepare to Fail!
GDPR - Fail to Prepare, Prepare to Fail!
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law
 
Understanding GDPR: A Comprehensive Guide to Data Protection
Understanding GDPR: A Comprehensive Guide to Data ProtectionUnderstanding GDPR: A Comprehensive Guide to Data Protection
Understanding GDPR: A Comprehensive Guide to Data Protection
 
Compliance poster
Compliance posterCompliance poster
Compliance poster
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
 
EU GDPR (training)
EU GDPR (training) EU GDPR (training)
EU GDPR (training)
 
GDPR Are you ready for auditing privacy ?
GDPR Are you ready for auditing privacy ?GDPR Are you ready for auditing privacy ?
GDPR Are you ready for auditing privacy ?
 
Contracting for Better Cybersecurity
Contracting for Better CybersecurityContracting for Better Cybersecurity
Contracting for Better Cybersecurity
 
GDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
GDPR: 3 Months On | Guest Speaker: Data Protection CommissionersGDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
GDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
 
EU data protection and security update COCIR annual meeting 2016
EU data protection and security update COCIR annual meeting 2016EU data protection and security update COCIR annual meeting 2016
EU data protection and security update COCIR annual meeting 2016
 
The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")The General Data Protection Regulation ("GDPR")
The General Data Protection Regulation ("GDPR")
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 

Mehr von NICSA

Understanding ROI: The Real Impact of Data Quality
Understanding ROI: The Real Impact of Data QualityUnderstanding ROI: The Real Impact of Data Quality
Understanding ROI: The Real Impact of Data QualityNICSA
 
The Reality Behind Buzzwords Series: Blockchain
The Reality Behind Buzzwords Series: BlockchainThe Reality Behind Buzzwords Series: Blockchain
The Reality Behind Buzzwords Series: BlockchainNICSA
 
Industry Leaders Outlook: Product & Marketing Roundtable
Industry Leaders Outlook: Product & Marketing RoundtableIndustry Leaders Outlook: Product & Marketing Roundtable
Industry Leaders Outlook: Product & Marketing RoundtableNICSA
 
Understanding Regulation Best Interest
Understanding Regulation Best InterestUnderstanding Regulation Best Interest
Understanding Regulation Best InterestNICSA
 
Trends in the Advisor Market
Trends in the Advisor Market Trends in the Advisor Market
Trends in the Advisor Market NICSA
 
New Challenges on the TA Compliance Landscape
New Challenges on the TA Compliance LandscapeNew Challenges on the TA Compliance Landscape
New Challenges on the TA Compliance LandscapeNICSA
 
Navigating Turbulent Changes to the Sanctions Landscape
Navigating Turbulent Changes to the Sanctions LandscapeNavigating Turbulent Changes to the Sanctions Landscape
Navigating Turbulent Changes to the Sanctions LandscapeNICSA
 
Engaging and Empowering A Diverse Workforce
Engaging and Empowering A Diverse WorkforceEngaging and Empowering A Diverse Workforce
Engaging and Empowering A Diverse WorkforceNICSA
 
Retirement 2020: Maximize Participation,Boost Efficiency & Accelerate Outcomes
Retirement 2020: Maximize Participation,Boost Efficiency & Accelerate OutcomesRetirement 2020: Maximize Participation,Boost Efficiency & Accelerate Outcomes
Retirement 2020: Maximize Participation,Boost Efficiency & Accelerate OutcomesNICSA
 
Building Deeper Advisory Relationships with Data
Building Deeper Advisory Relationships with DataBuilding Deeper Advisory Relationships with Data
Building Deeper Advisory Relationships with DataNICSA
 
FinReg Outlook: Clouds on the Horizon
FinReg Outlook: Clouds on the HorizonFinReg Outlook: Clouds on the Horizon
FinReg Outlook: Clouds on the HorizonNICSA
 
Preparing for the Next-Gen Client Base
Preparing for the Next-Gen Client BasePreparing for the Next-Gen Client Base
Preparing for the Next-Gen Client BaseNICSA
 
Tax & Reporting Update: Avoiding Fund Reporting Traps
Tax & Reporting Update: Avoiding Fund Reporting TrapsTax & Reporting Update: Avoiding Fund Reporting Traps
Tax & Reporting Update: Avoiding Fund Reporting TrapsNICSA
 
Next Generation Proxy Voting
Next Generation Proxy VotingNext Generation Proxy Voting
Next Generation Proxy VotingNICSA
 
Best Practices in Building a Global Compliance Program
Best Practices in Building a Global Compliance ProgramBest Practices in Building a Global Compliance Program
Best Practices in Building a Global Compliance ProgramNICSA
 
AI Trends with Traction
AI Trends with TractionAI Trends with Traction
AI Trends with TractionNICSA
 
Rule 30e-3: Best Practices for Notice, Access & E-Delivery
Rule 30e-3: Best Practices for Notice, Access & E-DeliveryRule 30e-3: Best Practices for Notice, Access & E-Delivery
Rule 30e-3: Best Practices for Notice, Access & E-DeliveryNICSA
 
Rethinking Product Development
Rethinking Product DevelopmentRethinking Product Development
Rethinking Product DevelopmentNICSA
 
The Bottom Line: Exploring the Benefits of Wellness in the Workplace
The Bottom Line: Exploring the Benefits of Wellness in the WorkplaceThe Bottom Line: Exploring the Benefits of Wellness in the Workplace
The Bottom Line: Exploring the Benefits of Wellness in the WorkplaceNICSA
 
Data Analytics 301: Converting Analysis into Business Strategy
Data Analytics 301: Converting Analysis into Business StrategyData Analytics 301: Converting Analysis into Business Strategy
Data Analytics 301: Converting Analysis into Business StrategyNICSA
 

Mehr von NICSA (20)

Understanding ROI: The Real Impact of Data Quality
Understanding ROI: The Real Impact of Data QualityUnderstanding ROI: The Real Impact of Data Quality
Understanding ROI: The Real Impact of Data Quality
 
The Reality Behind Buzzwords Series: Blockchain
The Reality Behind Buzzwords Series: BlockchainThe Reality Behind Buzzwords Series: Blockchain
The Reality Behind Buzzwords Series: Blockchain
 
Industry Leaders Outlook: Product & Marketing Roundtable
Industry Leaders Outlook: Product & Marketing RoundtableIndustry Leaders Outlook: Product & Marketing Roundtable
Industry Leaders Outlook: Product & Marketing Roundtable
 
Understanding Regulation Best Interest
Understanding Regulation Best InterestUnderstanding Regulation Best Interest
Understanding Regulation Best Interest
 
Trends in the Advisor Market
Trends in the Advisor Market Trends in the Advisor Market
Trends in the Advisor Market
 
New Challenges on the TA Compliance Landscape
New Challenges on the TA Compliance LandscapeNew Challenges on the TA Compliance Landscape
New Challenges on the TA Compliance Landscape
 
Navigating Turbulent Changes to the Sanctions Landscape
Navigating Turbulent Changes to the Sanctions LandscapeNavigating Turbulent Changes to the Sanctions Landscape
Navigating Turbulent Changes to the Sanctions Landscape
 
Engaging and Empowering A Diverse Workforce
Engaging and Empowering A Diverse WorkforceEngaging and Empowering A Diverse Workforce
Engaging and Empowering A Diverse Workforce
 
Retirement 2020: Maximize Participation,Boost Efficiency & Accelerate Outcomes
Retirement 2020: Maximize Participation,Boost Efficiency & Accelerate OutcomesRetirement 2020: Maximize Participation,Boost Efficiency & Accelerate Outcomes
Retirement 2020: Maximize Participation,Boost Efficiency & Accelerate Outcomes
 
Building Deeper Advisory Relationships with Data
Building Deeper Advisory Relationships with DataBuilding Deeper Advisory Relationships with Data
Building Deeper Advisory Relationships with Data
 
FinReg Outlook: Clouds on the Horizon
FinReg Outlook: Clouds on the HorizonFinReg Outlook: Clouds on the Horizon
FinReg Outlook: Clouds on the Horizon
 
Preparing for the Next-Gen Client Base
Preparing for the Next-Gen Client BasePreparing for the Next-Gen Client Base
Preparing for the Next-Gen Client Base
 
Tax & Reporting Update: Avoiding Fund Reporting Traps
Tax & Reporting Update: Avoiding Fund Reporting TrapsTax & Reporting Update: Avoiding Fund Reporting Traps
Tax & Reporting Update: Avoiding Fund Reporting Traps
 
Next Generation Proxy Voting
Next Generation Proxy VotingNext Generation Proxy Voting
Next Generation Proxy Voting
 
Best Practices in Building a Global Compliance Program
Best Practices in Building a Global Compliance ProgramBest Practices in Building a Global Compliance Program
Best Practices in Building a Global Compliance Program
 
AI Trends with Traction
AI Trends with TractionAI Trends with Traction
AI Trends with Traction
 
Rule 30e-3: Best Practices for Notice, Access & E-Delivery
Rule 30e-3: Best Practices for Notice, Access & E-DeliveryRule 30e-3: Best Practices for Notice, Access & E-Delivery
Rule 30e-3: Best Practices for Notice, Access & E-Delivery
 
Rethinking Product Development
Rethinking Product DevelopmentRethinking Product Development
Rethinking Product Development
 
The Bottom Line: Exploring the Benefits of Wellness in the Workplace
The Bottom Line: Exploring the Benefits of Wellness in the WorkplaceThe Bottom Line: Exploring the Benefits of Wellness in the Workplace
The Bottom Line: Exploring the Benefits of Wellness in the Workplace
 
Data Analytics 301: Converting Analysis into Business Strategy
Data Analytics 301: Converting Analysis into Business StrategyData Analytics 301: Converting Analysis into Business Strategy
Data Analytics 301: Converting Analysis into Business Strategy
 

Kürzlich hochgeladen

Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...ssifa0344
 
The Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfThe Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfGale Pooley
 
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...ssifa0344
 
Vasai-Virar Fantastic Call Girls-9833754194-Call Girls MUmbai
Vasai-Virar Fantastic Call Girls-9833754194-Call Girls MUmbaiVasai-Virar Fantastic Call Girls-9833754194-Call Girls MUmbai
Vasai-Virar Fantastic Call Girls-9833754194-Call Girls MUmbaipriyasharma62062
 
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...dipikadinghjn ( Why You Choose Us? ) Escorts
 
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Call Girls in Nagpur High Profile
 
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...Delhi Call girls
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptxFinTech Belgium
 
The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfGale Pooley
 
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...priyasharma62062
 
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptxFinTech Belgium
 
00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptxFinTech Belgium
 
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...Call Girls in Nagpur High Profile
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfGale Pooley
 
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...priyasharma62062
 

Kürzlich hochgeladen (20)

Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Dighi ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
Solution Manual for Principles of Corporate Finance 14th Edition by Richard B...
 
The Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfThe Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdf
 
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
 
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
(Vedika) Low Rate Call Girls in Pune Call Now 8250077686 Pune Escorts 24x7
 
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
TEST BANK For Corporate Finance, 13th Edition By Stephen Ross, Randolph Weste...
 
Vasai-Virar Fantastic Call Girls-9833754194-Call Girls MUmbai
Vasai-Virar Fantastic Call Girls-9833754194-Call Girls MUmbaiVasai-Virar Fantastic Call Girls-9833754194-Call Girls MUmbai
Vasai-Virar Fantastic Call Girls-9833754194-Call Girls MUmbai
 
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
VIP Independent Call Girls in Mira Bhayandar 🌹 9920725232 ( Call Me ) Mumbai ...
 
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
 
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
Call Girls in New Friends Colony Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escort...
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdf
 
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
Mira Road Memorable Call Grls Number-9833754194-Bhayandar Speciallty Call Gir...
 
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
 
00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx00_Main ppt_MeetupDORA&CyberSecurity.pptx
00_Main ppt_MeetupDORA&CyberSecurity.pptx
 
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
Call Girls in New Ashok Nagar, (delhi) call me [9953056974] escort service 24X7
 
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
(INDIRA) Call Girl Mumbai Call Now 8250077686 Mumbai Escorts 24x7
 
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
Booking open Available Pune Call Girls Talegaon Dabhade 6297143586 Call Hot ...
 
The Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdfThe Economic History of the U.S. Lecture 20.pdf
The Economic History of the U.S. Lecture 20.pdf
 
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
Mira Road Awesome 100% Independent Call Girls NUmber-9833754194-Dahisar Inter...
 

Are You GDPR Ready?

  • 1. www.nicsa.org | #WebinarWednesdays GENERAL DATA PROTECTION REGULATION Are You GDPR Ready? May 16, 2018
  • 2. www.nicsa.org | #WebinarWednesdays NITIN PANDEY - Moderator Senior Manager, Risk and Financial Advisory Deloitte & Touche LLP OLIVIER REISCH Partner DLA Piper Luxembourg JENNIFER SCHACK Senior Vice President, Global Head of Privacy Northern Trust Company MARIA TERESA FULCI DE ROSÉE Head of Legal and Compliance Crestbridge Luxembourg
  • 3. www.nicsa.org | #WebinarWednesdays How the Luxembourg fund industry prepared ALFI was among the first industry bodies in Luxembourg to set up an active GDPR working group • GDPR working group kick off meeting in September 2017, with over 60 people attending • 3 sub groups were created with good mix of ManCo, TA and Custody functions, but also lawyers and consultants represented — Business impact analysis (mainly looked at controller/processor roles) — KYC/AML, FATCA/CRS aspects — General aspects (looked at DPOs, DPIA's, Transparency and legal basis) • Regular 2-3 hour meetings over the next few months with typically 15-20 people attending each session • Meeting with the Luxembourg regulator in February 2018, chairs were able to get excellent feedback • Issue 1 of the ALFI GDPR Q&A published to members on 27 April 2018 • Issue 2 in the works
  • 4. www.nicsa.org | #WebinarWednesdays Crestbridge GDPR project GDPR Roadmap Readiness Assessment Test Risk Assessment Workshop Data Scoping Findings Risk Based Approach Governance and DPO, Procedures, CRM and Marketing, Training, Privacy Notices, Agreements review, HR, IT…
  • 5. www.nicsa.org | #WebinarWednesdays Data Mapping / Records of Processing (article 30) Data Privacy Impact Assessments (article 35) Storage Limitations (article 5, 25, 47) Data Minimization (article 5, 25, 47) Individual Rights Requests (article 15-22) Privacy by Design (article 25) Data Breach Response (article 33-34) Vendor/Third Party Due Diligence (article 28) GDPR Considerations Compliance Management Governance Training&Awareness IndependentReview
  • 6. Q&AQUESTIONS & ANSWERS SESSION www.nicsa.org | #WebinarWednesdays
  • 7. www.nicsa.org | #WebinarWednesdays Main obligations of the controller Main obligations of the processor 1. Implement technical and organizational measures to ensure and demonstrate that processing is performed in accordance with GDPR – data Protection policies and procedures (DP by design) 2. Implement measures by which only data that are necessary to be processed are actually processed (DP by default) 3. Only use Processors that provide sufficient guarantees that it is able to implement technical and organizational measures to ensure and demonstrate that processing is performed in accordance with GDPR and ensure protection of the rights of the Data Subject 4. If Joint Controllers, determine each controller responsibilities 5. Maintain record of processing 6. Provide information to data subject: a. On the Controller: the identity and contact details of the controller and, where applicable, their representative, the contact details for the data protection officer, if any b. On the Personal Data: Categories of personal data concerned and the Recipients (or categories of recipients) of the personal data 1. Provide sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the GDPR and ensure the protection of the rights of the data subject; 2. Request prior authorisation if it wants to delegate the processing to another processor or, if it has been already granted with a generic authorisation to delegate, inform the controller in advance and give it the opportunity to object; 3. Impose the same data protection obligations to another processor by way of a contract while remaining fully liable to the controller for the performance of that other processor's obligations; 4. Maintain records of the categories of processing; 5. Enter into a contract or other legal act with the controller which sets out:  the subject-matter and duration of the processing,  the nature and purpose of the processing,  the type of personal data and categories of data subjects, and  the obligations and rights of the controller.
  • 8. www.nicsa.org | #WebinarWednesdays a. On the processing: The purposes and legal basis for the processing: i. Consent ii. performance of a contract iii. legal obligation, iv. legitimate interest, if it is not overridden by the interests or fundamental rights and freedom of the Data Subject, or v. (to protect a vital interest and public interest). b. The storage period (or if not possible, criteria used to determine that period) c. The existence of automated decision-making including profiling and, if applicable, meaningful information about the logic used and the significance and envisaged consequences of such processing for the data subject d. Details of transfers to third countries, the fact of same and the details of the relevant safeguards (including the existence or absence of a Commission adequacy decision) and the means to obtain a copy of them or where they have been made available In addition, the contract or other legal act shall stipulate that the processor:  processes the personal data only on documented instructions from the controller, including with regard to transfers of personal data to a third country, or before the processing the processor informs the controller if a legal requirement obliges it to do so,  ensures that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality,  takes all measures required to ensure security of processing, which may include: o the pseudonymisation and encryption of personal data, o the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services, o the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident, o a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. Main obligations of the controller Main obligations of the processor
  • 9. www.nicsa.org | #WebinarWednesdays a. On the rights of the data subject i.e. to: i. be informed, have access , rectification, erasure , restriction on processing, objection to processing and data portability, object to automated decision making and profiling, the right to lodge a complaint with a supervisory authority, claim for indemnification. b. Where processing is based on consent (or explicit consent), the right to withdraw consent at any time c. Where legitimate interests is the legal basis for the processing, the legitimate interests pursued by the data controller or a third party d. Whether there is a statutory or contractual requirement to provide the information or whether it is necessary to enter into a contract or whether there is an obligation to provide the information and the possible consequences of failure. e. If data are received from a third party, the source from which the personal data originate, and if applicable, whether it came from a publicly accessible source 7. Facilitate the exercise of data subject rights 8. Notify the CNDP on data breach (72 hours) and communicate to Data Subject if there is a high risk to the Data Subject rights and freedom 9. In certain circumstances, appoint a DPO (core activity consists on processing data on a large scale) and perform a DP Impact Assessment (large scale of data processing, systematic monitoring, etc.), and 10. Respond to the CNDP inquires.  assists the controller by appropriate technical and organisational measures for the fulfilment of the controller's obligation to respond to requests for exercising the data subject's rights;  assists the controller in drafting the DPIA, ensure security of processing, notify data breaches, assist when prior consultation of the supervisory authority in charge is required;  upon request deletes or returns all the personal data to the controller after the end of the provision of services relating to the processing, and deletes existing copies;  makes available to the controller all information necessary to demonstrate compliance with the obligations laid down in the GDPR, and allows for and contributes to audits, including inspections, conducted by the controller or another auditor mandated by the controller. 1. Notify the controller without undue delay after becoming aware of a personal data breach; 2. In certain circumstances, appoint a DPO (core activity consists on processing data on a large scale) and perform a DPIA (large scale of data processing, systematic monitoring, etc.); and 3. Respond to the possible inquiries from supervisory authorities. Note: If a processor infringes the GDPR by determining the purposes and means of processing, the processor shall be considered to be a controller in respect of that processing. Main obligations of the controller Main obligations of the processor