gdpr what is it
play

GDPR what is it? A new data protection framework which puts - PowerPoint PPT Presentation

Mar 21, 2024 •242 likes •540 views

GDPR what is it? A new data protection framework which puts individuals back in control of their personal data ICO 12 steps to GDPR compliance 7. Consent 1. Awareness 2. Document the personal data you hold 8. Children 3. Communicating

  1. GDPR – what is it? A new data protection framework which puts individuals back in control of their personal data

  2. ICO 12 steps to GDPR compliance 7. Consent 1. Awareness 2. Document the personal data you hold 8. Children 3. Communicating privacy information 9. Data breaches 4. Individuals rights 10. Data protection by design and default 5. Subject access requests 11. Data Protection Officer 6. Lawful process for processing personal data 12. International Watch the video here… www.moneyinfo.com/Videos/GDPR12Steps

  3. Step 1: Awareness Make sure key people in your organisation are aware that the law is changing. Get a team together involving compliance, HR and key decision makers and look at what needs to be done for May 2018.

  4. Step 2: Document the personal data you hold • What information do you hold? • What is it’s purpose? • Where is it stored? • Where is it shared?

  5. Information Asset Register Who is responsible for this information asset? Owner A way to identify the information asset. Name A description of what the information asset is and what It records. Specifically note if your Description information asset contains personal or sensitive information. e.g. SQL Database, Excel Spreadsheet Format Why do you hold this information and what it is used for. Purpose Where is the information stored? Location How is the information secured? E.g. password protected, encryption etc. Security Who has access to this information asset? Users How long is the data kept for and why? Retention Period What would be the impact of losing the information asset? Consider loss of confidentiality i.e. a Risks/Impacts data breach, loss of availability and loss of integrity. What would be the cost of replacing the information? Is this information shared externally with any third parties? External Sharing What is your basis for processing this information? e.g. consent, legitimate interest Legal basis

  6. Step 3: Communicating privacy information “a concise, transparent, intelligible and easily accessible form, using clear and plain language…” ARTICLE 12

  7. Step 4: Individuals’ rights • the right to be informed • the right of access • the right to be forgotten • the right to restrict processing • the right to data portability • the right to object • The right not to be subject to automated decision-making including profiling

  8. Step 5: Subject access requests “Where possible, the controller should be able to provide remote access to a secure system which would provide the data subject with direct access to his or her personal data.” RECITAL 63

  9. Step 6: Lawful basis for processing personal data • consent • necessary for the performance of a contract • compliance with a legal obligation • to protect the vital interest of a data subject • for tasks in the public interest • legitimate interests DETERMINE WHAT IT IS AND DOCUMENT IT

  10. Step 7: Consent When capturing consent “…include: • the name of your organisation; • the name of any third party controllers who will rely on the consent; • why you want the data; • what you will do with it; and • that individuals can withdraw consent at any time.” INFORMATION COMMISSIONERS OFFICE

  11. Step 8: Children Gain consent from someone with parental responsibility Apply consent rules when capturing and recording consent

  12. Step 9: Data breaches • lost? • destroyed? • corrupted? • disclosed?

  13. Step 9: Data breaches RECOGNISE INVESTIGATE NOTIFY MITIGATE

  14. Step 10: Data Protection by Design and Data Protection Impact Assessments “In order to be able to demonstrate compliance with this regulation, the controller should adopt internal policies and implement measures which meet in particular the principles of data protection by design and data protection by default.” RECITAL 78

  15. Step 10: Data Protection by Design and Data Protection Impact Assessments “… description of the envisaged processing operations… …assessment of the necessity… … assessment of the risks to the rights and freedoms of subjects… …measures envisaged to address the risks…” ARTICLE 35

  16. Step 11: Data Protection Officer You need to appoint someone in your organisation, or an external adviser, who has the knowledge, support and authority to take responsibility for your data protection compliance.

  17. Step 12: International Determine your lead supervisory authority .

  18. The do’s and don’ts for keeping data safe

  19. How can technology help? Data Access Data Quality Data Privacy by Design Secure communications Subject Access Requests . Data Portability

  20. How can technology help? .

  21. How can technology help? .

  22. How can technology help? .

  23. How can technology help? .

  24. How can technology help? .

  25. How can technology help? .

  26. How can technology help? .

  27. How can technology help? .

  28. How can technology help? . @moneyinfotech www.moneyinfo.com

Recommend

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

garjoh_canuck Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett Johnson (Boston U) Scott Shriver (U Colorado Boulder) GDPR Impact GDPR General Data Protection Regulation EU EEA Brexit GDPR

834 views • 27 slides
Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Presentation by Michalis Mantzaris, PhD Introduction to General Data Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does it apply? Consisting elements and Guideline provision Key changes and

605 views • 23 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

GENERAL DATA PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles of of GDPR How does it effect school How are school preparing How does it effect individual staff How can

475 views • 12 slides
Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require? How does an Australian business comply? Action Plan Section 1: GDPR is here Privacy in the digital age Historically, privacy was almost

513 views • 40 slides
Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Almost one year after the GDPR, where are we now? Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The first year of the GDPR can best be described as "quiet test run. What are the most striking

405 views • 8 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont be scared 60% of people welcome the rights under GDPR 48% of UK adults plan to activate their rights 56% welcome the right to object to marketing

1.32k views • 37 slides
GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

1 GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the recruitment industry 2 Introduction The rules which underpin the storage of personal data have changed dramatically. The new EU-US Privacy Shield

998 views • 35 slides
GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0 Advising, Monitoring, Enforcing European Data Protection Board Art. 68 - 73 (replacing the Art. 29 Working Party) advise Supervisory

626 views • 8 slides
GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you

617 views • 38 slides
GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you have specific

495 views • 35 slides
GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB GDPR TIMELINE Definitions GDPR is a set of EU laws that come into affect on May 25th 2018. GDPR rules are designed to give more control over

587 views • 30 slides
GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get Compliant Agenda GDPR at a glance What does GDPR mean for IT departments Microsoft and GDPR M365 O365 Azure Dynamics

349 views • 18 slides
GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR

GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR

GDPR INFORMATION SEMINAR Dun Laoghaire / Rathdown Sports Partnership March 2018 WHY ? 1. GDPR applies to you because you hold data it does not discriminate on size / profit 2. Deadline to comply 3. Fines 4. Book stops with you ? 5. Piece

1.05k views • 37 slides
REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General

REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General

GENERAL DATA PROTECTION REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General Data Protection Regulation (EU) 2016/679, commonly known as GDPR, applies from 25 May 2018 and regulates the processing by a

318 views • 12 slides
EU GDPR PRACTICAL IMPLEMENTATION GUIDE - OPPORTUNITIES AND THREATS bd@gemserv.com Agenda

EU GDPR PRACTICAL IMPLEMENTATION GUIDE - OPPORTUNITIES AND THREATS bd@gemserv.com Agenda

Reaz Khedarun and Ian Davis EU GDPR PRACTICAL IMPLEMENTATION GUIDE - OPPORTUNITIES AND THREATS bd@gemserv.com Agenda Implications and opportunities of GDPR New obligations and liabilities for suppliers How GDPR compliance can

437 views • 24 slides
Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data

Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data

Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data Protection ECCB 2018 / Athens 11. September 2018 GDPR is catching up with us GDPR: General Data Protection Regulation GDPR Became

439 views • 26 slides
The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and

The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and

The pseudo-GDPR on digital marketplaces challenge a general testbed for normative reasoning and GDPR-related applications 11 December 2019, Madrid, GDPR@Jurix workshop Giovanni Sileno (g.sileno@uva.nl), Thomas van Binsbergen

527 views • 23 slides
Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin

Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin

Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin Aslan Legal Counsel - Sinequa Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR takes effect on May 25, 2018 with no further

285 views • 26 slides
Raising Awareness of the General Data Protection Regulations (GDPR) Workshop aims are to:

Raising Awareness of the General Data Protection Regulations (GDPR) Workshop aims are to:

Raising Awareness of the General Data Protection Regulations (GDPR) Workshop aims are to: Provide an introduction to the GDPR Explore how the GDPR will impact on Early Years settings Highlight resources available to support Early

477 views • 45 slides
GDPR Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief

GDPR Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief

GDPR Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief Pharmacist and Director of Pharmacy General Data Protec<on Regula<on (GDPR)

576 views • 36 slides
GDPR Practical Start where can you begin rolling out? GDPR Practical Start where can you begin

GDPR Practical Start where can you begin rolling out? GDPR Practical Start where can you begin

Holdingbay GDPR Practical Start where can you begin rolling out? GDPR Practical Start where can you begin rolling out? Holdingbay Tristan Bailey Working with marketing and sales data for over 15 years Develop applications Brighton, UK

404 views • 15 slides

More recommend