Consulting Champions
|
|
- Derek Blankenship
- 6 years ago
- Views:
Transcription
1 Consulting Champions Get GDPR Ready with SOLA Consulting A bespoke GDPR compliance offering covering people, process, technology and data SOLA Consulting is part of SOLA Group Ltd
2 Contents What does GDPR really mean to your business? What is GDPR? Where does the responsibility lie? SOLA Consulting GDPR Readiness Assessment GDPR Readiness Assessment Outputs GDPR Readiness Assessment Sample Report Why SOLA Consulting? Page 3 Page 4 Page 5 Page 6 Page 7 Page 7 Page 8 Get GDPR Ready with SOLA Consulting - Page 2
3 SOLA Consulting GDPR Readiness Assessments can be delivered in as little as 2-4 weeks GDPR comes into force on 25 th May From the post room to the board room, the regulation will have an impact on every vital part of your organisation; your people, your processes, your technology, your systems and your data. Getting GDPR wrong can cost your organisation 4% of global turnover. With our in-house GDPR experts and extensive network of technology partners SOLA Consulting will identify all of your organisation s specific GDPR requirements, in just 2-4 weeks. The major shift, with the implementation of GDPR, will be in protecting customer and employee Personal Data and Personal Sensitive Data. The cybersecurity landscape is rapidly changing due to the explosion in digital and the ever changing ways in which we all share information. GDPR strives to protect ours and our customers sensitive information in this new digital age. Good news for your customers, but challenging for your organisation. Through our workshops and seminars we have found that organisations are at varying stages of their GDPR journeys. Certainly some larger organisations are well on their way to being compliant. SOLA Consulting are here to support smaller to mid-sized organisations who need hands-on expertise and support to tackle the significant adjustments GDPR will bring to their businesses. So what does the new EU GDPR really mean for your business? In short, from the post room to the board room, GDPR will have an impact on every department in your organisation; your people, your processes, your technology, your systems and your data. Fines of up to 4% of global turnover or 20M EUR, whichever is higher Get GDPR Ready with SOLA Consulting - Page 3
4 What is GDPR? Those of you in the know can skip this section, but for those of you who need a little education here s our GDPR Snapshot. GDPR comes into effect on the 25 th May 2018 GDPR supersedes the Data Protection Act of 1998 GDPR provides increased privacy protection for all UK & EU citizens GDPR is a regulation, now legally enforceable with agreed penalties of up to 4% of your annual turnover GDPR harmonises data protection laws across the European Union s 28 Member States, which will make the complex data protection landscape easier to navigate for multinational organisations Non-compliant organisations now face fines of up to 4% of their global revenue or 20M EUR whichever is higher Brexit will not negate the regulation here in the UK. In or out of Europe, the regulation is the new data protection standard The UK ICO have already stated they will continue to adhere to the EU adequacy laws post Brexit When enforced, the GDPR stipulates that data breaches must be reported to the relevant authorities within 72 hours of discovery if they re likely to jeopardise the rights and freedoms of individuals affected, and records must be kept of all such incidents GDPR enhances the requirements for obtaining consent, mandating affirmative consent for data processing and requires explicit consent for special categories of data All organisations hold personal information (an IP address or a business that can be linked to an individual is classed as personally identifiable) GDPR extends new rights to individuals such as the right to be forgotten and the right to data portability GDPR requires that organisations in specific circumstances appoint a Data Protection Officer (DPO) GDPR will impact virtually every department within your organisation; from IT, Finance and Marketing to Legal, HR and Customer Service For more information visit the ICO website here Get GDPR Ready with SOLA Consulting - Page 4
5 GDPR compliance is not just about the technology and security systems you have in place; people, processes and data play an equal part. Where does the responsibility for GDPR lie in your business? All company employees produce and manipulate data using technology and according to your organisation s policy and processes. Therefore the responsibility lies with everyone within your organisation including all your departmental heads of business. But where do you start? With your systems? Your employee education and awareness? Your data? Your policies? Who should lead this process in your organisation? Your legal department? IT? Your CEO? Marketing? Something of this scale needs structure. Therefore, CEO s and MD s require an action plan. With less than a year to go until GDPR comes into force organisations seriously need to start creating an action plan to move towards compliance. This is where SOLA Consulting s Readiness Assessment comes in. Roles, responsibility, and accountability will be established. A critical path will be delivered as part of the outputs, so that the action plan can be agreed at the top and filtered down throughout the organisation. SOLA Consulting GDPR Readiness Assessment Comprehensive & invaluable insight into your organisation s current GDPR compliance status. Our GDPR Readiness Assessment is a crucial first step on your journey to GDPR compliance. The assessment will give you a comprehensive insight into your organisation s current GDPR compliance posture and make priority recommendations for the areas you most urgently need to address to meet the regulations come May The assessment uniquely examines 4 key business areas: People Data Technology Policy and Processes GDPR compliance is not just about the technology and security systems you have in place; people, processes and data play an equal part. Potentially every individual within your organisation has access to personal data. Organisations need to make sure that they are adhering to the same protection and data processing standards across their entire business. And then there is the question of where the responsibility for data protection lies. Clearly business leaders need to drive the need for compliance and adherence to the regulation but equally all employees across your business will need to be aware of the implications of a data breach, therefore data protection education programmes will become increasingly necessary. GDPR requires that you know exactly what data you hold on an individual, where that data is stored, how old it is, how you process it and who has access to it. The ICO stipulates that you should audit the personal data you hold, where it came from, who you share it with and maintain records of your processing actions. Which is why data also forms a crucial part of our GDPR Readiness Assessment. Get GDPR Ready with SOLA Consulting - Page 5
6 SOLA Consulting GDPR Readiness Assessment. What s covered? 1 GDPR Definition Workshop A crucial first step. A facilitated session with the key GDPR business stakeholders across your business to clearly define the scope of the project, set expectations and parameters and define and agree outputs. Business Analysis & Due Diligence Consists of sessions with your business leaders; examining your company and operational policies and scrutinising your current technology stack; including analysing everything from & web usage to security solutions and storage. 2 3 Customer 3rd Party Analysis Analysis of 3rd party supplier relationships and legal contracts to determine a strategy for inclusion of GDPR articles into operational policy and standards. This will ensure all 3rd party legal contracts also reach the required compliancy levels. Customer Data Analysis Data analysis is critical to GDPR compliance. Through a combination of business analysis and due diligence on your technology stack, we will track Personal Data and Personal Sensitive Data from customer input channels through to your endpoints, applications and networks and their storage locations. 4 5 GDPR Mandatory Requirements Identification of the mandatory requirements of the regulation and how they apply to your business. This includes the need to appoint a Data Protection Officer (DPO), your customer consent mechanisms, data portability and deletion, privacy management and technical data security. Technical Assessments Technical control of customer data is key to GDPR compliance. Some of the crucial areas that will be analysed for readiness include (but are not restricted to) structured and unstructured customer data applications, databases and accounting systems, your data centre, firewall system, data storage, cloud service, services and security systems. 6 7 Non-Technical Assessment Non-technical assessments will be conducted on or off site and include (but are not limited to) your company s contractual obligations with 3rd parties, operation policy, data policy, security policy, risk management, project methodology and change process. Education and Awareness Via the definition workshop departmental heads of business, technical leads and key members of your organisation will receive education and awareness on how GDPR is relevant to their specific area of control. 8 Get GDPR Ready with SOLA Consulting - Page 6
7 GDPR Readiness Assessment Outputs The outputs of the GDPR readiness consultancy period will provide solid insight into your current GDPR compliancy posture. It will list the four quadrants (People, Data, Process, Technology) and break them down into circa 30 subsections with associated heat maps and diagnostics. This will be presented through: Full GDPR Report Multiple Quick Wins SOLA Privacy Impact Assessment (PIA) ISO27001/2 Risk Assessment tutorial and template ISO27001/2 Asset Register tutorial and template coaching for key GDPR staff Unstructured data and application mapping Automated unstructured Data discovery Data Classification scheme Security Policy review Active Directory review HR review Legal review 3rd Party Contract review Operational Policy review Full RACI (responsibility) matrix PMAs referencing the specific GDPR articles GDPR compliance Dashboard report As part of this service offering we will offer as many quick-wins as possible to assist your efforts to reach compliance, with a recommended roadmap taking you through to May 25 th Timescales will vary from organisation to organisation but we expect to deliver readiness assessments within 2 4 weeks. ACME Plc GDPR Readiness Assessment V1.0 Readiness Assessment Summary: ACME Plc provided 82.5% of assessment collateral, achieving an overall GDPR Compliance rating of 61.5%. The remaining 17.5% assessment will either need to be completed at a later date, or the Risk accepted by ACME Plc. Full details are given in the full ACME Plc GDPR Report, People: 82% completed Compliance Rating: 32% Technology: 95% completed Compliance Rating: 54% Data: 90% completed Compliance Rating: 89% Process: 64% completed Compliance Rating: 71% Key Observations: - ACME Plc has shown commitment across the entire organisation to achieve GDPR compaince. - ACME Plc has a mature Data Management model, observing the compliance of both the 1998 Data Protection Act and the 2012 PCI regulations. Only small process changes will be required to reach GDPR compliancy. - ACME Plc recently upgraded their Firewall solution, bringing a solid layer of Data Loss Prevention to the Security Operations Suite. - ACME Plc employees have expressed an interest in an Education and Awareness training session on the practicalities of GDPR. - ACME Plc Security Operations are monitoring and controlling all egress points for the internet, however traffic is uncontrolled and poses a hihg risk to Data Breaches. - ACME Plc endpoints (Laptops, Tablets, Smartphones are unenctypted, which is a direct GDPR breach of regulation. - ACME Plc primary control system (Active Directory) has not been controlled over the 10 year growth of the AD domain. There is a high impact quick win available with an AD review and account consolidation. - ACME Plc Antivirus, Antispam and Malware software is not of a recommended version for todays cyber attacks, it is recommended that the versions are upgraded. Key Issues: 1. Operational Policy incomplete 2. Data dispersion 3. Data ownership / DPO 4. No control over Shadow IT 5. traffic unmonitored 6. Social Media unrestricted 7. Insufficient Endpoint Encryption 8. HTTPS protocol security Key Risks: 1. No current in-house GDPR Initiative 2. Resources for recommendations 3. Timescales 4. 3rd Party Legal supplier Quadrant Summary Issue Breakdown Critical Path: To reach a safe level of GDPR Compliance, an in-house GDPR initiative will need to be established and controlled, with approved Milestones, Deliverables, and acceptance criteria. It is essential that Legal and HR own the initiative, and drive it to completion before 25 th May Recommendations: It is recommended that the full GDPR report is analysed, and an internal Risk Assessment is undertaken. Once the risk appetite has been established, it is recommended that a GDPR Project is initiated, addressing the Key Issues and Risks listed above, and all Red and Amber recommendations listed in the full ACME Plc GDPR Report, Get GDPR Ready with SOLA Consulting - Page 7
8 Why SOLA Consulting? SOLA Consulting is a bespoke GDPR compliance offering covering people, process, technology and data. Our network of premium consultants and partners will get you on the right track with every aspect of the GDPR process to get your business ready; ranging from our GDPR readiness assessment right through to on-going support and training. We understand that every business is unique and our consultants are experts at identifying how GDPR will impact your business & what steps need to be implemented so you stay ahead of the game. Supporting you every step of the way and ensuring all bases are covered by providing advisory and practical delivery of the following services: readiness assessment, network scanning, seminars, resources, training and data loss prevention. Register for a consultation e: GDPR@solagroup.com t: +44 (0) Copyright - SOLA Group All Rights Reserved SOLA Consulting is part of SOLA Group Ltd
Data protection in light of the GDPR
Data protection in light of the GDPR How to protect your organization s most sensitive data Why is data protection important? Your data is one of your most prized assets. Your clients entrust you with
More informationGDPR factsheet Key provisions and steps for compliance
GDPR factsheet Key provisions and steps for compliance Organisations hold vast amounts of personal data relating to customers, employees, and suppliers as well as within marketing databases. Compliance
More informationThe General Data Protection Regulation: What does it mean for you?
The General Data Protection Regulation: What does it mean for you? We are here to help The changes being introduced in the EU General Data Protection Regulation 2016 (GDPR) will be the biggest shake-up
More informationThe General Data Protection Regulation (GDPR): Getting in good shape for the deadline Copenhagen, 19 September 2017 Janus Friis Bindslev Partner,
The General Data Protection Regulation (GDPR): Getting in good shape for the deadline Copenhagen, 19 September 2017 Janus Friis Bindslev Partner, Deloitte, Cyber Advisory Table of Contents Introduction
More informationPERSPECTIVE. GDPR - An industry and geography agnostic regulation. Abstract
PERSPECTIVE GDPR - An industry and geography agnostic regulation Abstract As the deadline to comply with the General Data Protection Regulation (GDPR) draws near, many organizations are unaware of what
More informationGDPR Factsheet - Key Provisions and steps for Compliance
GDPR Factsheet - Key Provisions and steps for Compliance Organisations in the Leisure & Hospitality industry hold vast amounts of personal data relating to customers, employees, and suppliers as well as
More informationThe Sage quick start guide for businesses
General Data Protection Regulation (GDPR): The Sage quick start guide for businesses Contents Introduction 3 Infographic: GDPR at a Glance 4 The basics 5 The GDPR in summary 5 Individual rights and informing
More information5-Step Guide For GDPR Compliance
5-Step Guide For GDPR Compliance A Guide For Constructing Your Planning Timeline www.avr.co.uk This document provides a framework for all companies that have customers in Europe, as they have to prepare
More informationGDPR and Canadian organizations: Addressing key challenges GDPR and Canadian organizations: Addressing key challenges
GDPR and Canadian organizations: Addressing key challenges GDPR and Canadian organizations: Addressing key challenges Cyber Risk 1 GDPR and Canadian organizations: Addressing key challenges The regulation
More informationHow employers should comply with GDPR
02 Mind your business Prepare for GDPR How employers should comply with GDPR Recommendations for employer compliance with GDPR The scope of the impact of the GDPR cannot be overstated. The GDPR will impact
More informationEU-GDPR and the cloud. Heike Fiedler-Phelps January 13, 2018
. EU-GDPR and the cloud Heike Fiedler-Phelps January 13, 2018 Disclaimer SAP does not provide legal advice The following presentation is only about a high level discussion about GDPR. 2 EU-GDPR Summary
More informationWHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION
WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION REGULATION (GDPR) WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION REGULATION (GDPR) Published by: The
More informationTWELVE STEP PLAN TO BECOME COMPLIANT WITH THE GENERAL DATA PROTECTION REGULATION
TWELVE STEP PLAN TO BECOME COMPLIANT WITH THE GENERAL DATA PROTECTION REGULATION Awareness Data Stream Map Communication Rights of the subject Legal basis Consent Data Breaches Privacy by design and PIA
More informationGDPR. Legalities, Policies and Process Part 3 of our series on GDPR and its impact on the recruitment industry
GDPR Legalities, Policies and Process Part 3 of our series on GDPR and its impact on the recruitment industry Who are we? Dillistone Group Plc, a public company listed on the AIM market of the London stock
More informationFind out about the General Data Protection Regulation (GDPR) and what your club will need to do to comply with the Law.
Find out about the General Data Protection Regulation (GDPR) and what your club will need to do to comply with the Law. This short guide will give you an introduction to the General Data Protection Regulation
More informationWhat you need to know. about GDPR. as a Financial Broker. Sponsored by
What you need to know about GDPR as a Financial Broker Dear Partner The regulatory and compliance environment is ever changing and the burden and requirements on financial services professionals continues
More informationPreparing for the General Data Protection Regulation (GDPR)
Preparing for the General Data Protection Regulation (GDPR) 10 Steps For Schools... Introduction The new EU General Data Protection Regulation (GDPR) comes into force in the UK on 25th May 2018. This regulation
More informationPREPARING YOUR ORGANISATION FOR THE GENERAL DATA PROTECTION REGULATION YOUR READINESS CHECKLIST DATA PROTECTION COMMISSIONER
PREPARING YOUR ORGANISATION FOR THE GENERAL DATA PROTECTION REGULATION YOUR READINESS CHECKLIST DATA PROTECTION COMMISSIONER 1 What will the GDPR mean for your business/organisation? On the 25 th May 2018,
More informationEU GENERAL DATA PROTECTION REGULATION (GDPR) COMPLIANCE ARE YOU PREPARED? What You Need to Know to Make Your Data Transfers Compliant
EU GENERAL DATA PROTECTION REGULATION (GDPR) COMPLIANCE ARE YOU PREPARED? What You Need to Know to Make Your Data Transfers Compliant MAY 25 SAVE THE DATE May 25, 2018 The General Data Protection Regulation
More informationMind the Gap: GDPR Ahead. Rakesh Sancheti. Author. July Vice President and Business Head - Analytics, Europe and Nordic
Author Rakesh Sancheti Vice President and Business Head - Analytics, Europe and Nordic July 2017 The regulatory environment has become increasingly complex, with new regulations being introduced across
More informationGuidance on the General Data Protection Regulation: (1) Getting started
Guidance on the General Data Protection Regulation: (1) Getting started Guidance Note IR03/16 20 th February 2017 Gibraltar Regulatory Authority Information Rights Division 2 nd Floor, Eurotowers 4, 1
More informationA questionnaire for senior management
Getting ready for GDPR Part 2: Accountability - A questionnaire for senior management Accountability is more than simple compliance with the rules - it implies a culture change organisations and not Data
More informationEU General Data Protection Regulation, a new era in data protection
EU General Data Protection Regulation, a new era in data protection The European Union data privacy landscape is about to undergo dramatic change, with lasting enterprise wide implications for the way
More informationGeneral Data Protection Regulation. The changes in data protection law and what this means for your church.
General Data Protection Regulation The changes in data protection law and what this means for your church. 1 Contents Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 18 Page 20 Page 23
More informationCustomer Data Protection. Temenos module for the General Data Protection Regulation (GDPR)
Customer Data Protection Temenos module for the General Data Protection Regulation (GDPR) Contents Glossary 03 GDPR Geographical Scope 03 GDPR implementation status 03 Overview of GDPR 03 Financial Institutions
More informationGeneral Data Protection Regulation (GDPR) Frequently Asked Questions
General Data Protection Regulation (GDPR) Frequently Asked Questions 26 March 2018 0 Contents Introduction... 3 What is GDPR?... 3 Who does the GDPR apply to?... 3 Are tax advisers data controllers or
More informationEU General Data Protection Regulation (GDPR)
A Brief Overview of the EU General Data Protection Regulation (GDPR) November 2017 What is the GDPR? After several years in the making, on 8 April 2016 the European Council finally adopted Regulation
More informationGDPR Service Information Sheet
GDPR Service Information Sheet What is GDPR? General Data Protection Regulation (GDPR) - is a policy that comes into effect from the 25th May 2018. Any business that processes the personal data of EU individuals,
More informationGeneral Data Protection Regulation and Episerver Learn how to leverage your organization s data to support GDPR compliance.
General Data Protection Regulation and Episerver Learn how to leverage your organization s data to support GDPR compliance. Page 2 What is General Data Protection Regulation? What The general data protection
More informationGDPR and Microsoft 365: Streamline your path to compliance
Streamline your path to compliance GDPR: an overview The General Data Protection Regulation (GDPR) is a new European Union (EU) privacy law that takes effect on May 25,. It is designed to give individuals
More informationTHE GENERAL DATA PROTECTION REGULATION: A BRIEF OVERVIEW (*)
THE GENERAL DATA PROTECTION REGULATION: A BRIEF OVERVIEW (*) The first IBM Personal Computer was introduced just over 35 years ago, on August 12, 1981. The first-generation iphone was introduced in the
More informationThe EU General Data Protection Regulation (GDPR) A briefing for the digital advertising industry
The EU General Data Protection Regulation (GDPR) A briefing for the digital advertising industry 1 Contents Introduction 5 Brexit: GDPR or New UK Law? 8 The eprivacy Directive 10 The GDPR: 10 Key Areas
More informationEU data protection reform
EU data protection reform Background and insight A Whitepaper Executive summary The Irish Data Protection Acts 1988 and 2003 gave effect to the European Data Protection Directive 95/46/EC. The existing
More informationGDPR A Catalyst to Drive Real Action around Privacy and Security
2013 Corix Partners 1 GDPR A Catalyst to Drive Real Action around Privacy and Security Key factors for Boards and Executive Management to consider Firms should not focus simply on deadlines, but on creating
More informationWhat is GDPR and Should You Care?
What is GDPR and Should You Care? Ingram Micro Inc. 1 Overview of Privacy Climate & Concerns 2 2 Today We Live In A World Where Advertisers read key words in your Facebook posts and emails and decide what
More informationRexel Shredding. Why a paper security policy is integral to GDPR compliance.
Rexel Shredding Why a paper security policy is integral to GDPR compliance. Disclaimer Nothing contained herein should be construed as legal advice. Organisations should consult legal counsel with regard
More informationAVEPOINT RISK INTELLIGENCE SYSTEM
Technical Overview AVEPOINT RISK INTELLIGENCE SYSTEM Keeping your data privacy protection practices on the right track. INVENTORY MANAGER Inventory Records To understand how the data is collected, maintained,
More informationWorking toward GDPR compliance. Insights from a SAS survey and an end-to-end approach
Working toward GDPR compliance Insights from a SAS survey and an end-to-end approach Compliance doesn t have to be a scary word even when facing the multifaceted challenges of meeting the European Union
More informationEU General Data Protection Regulation (GDPR) Point of View for ERP and HRMS Operations. For private circulation only.
EU General Data Protection Regulation (GDPR) Point of View for ERP and HRMS Operations For private circulation only Risk Advisory Preface Does the EU GDPR impact organisations in India? Yes! This new law
More informationGeneral Data Protection Regulation (GDPR) A brief guide
General Data Protection Regulation (GDPR) A brief guide Document compiled by: Terence Clark & Dr. Nathan Matthews June 2017 Acknowledgements This document contains material from the Information Commissioner
More informationGeneral Data Protection Regulation (GDPR) Strategy
General Data Protection Regulation (GDPR) Strategy NHS Digital s Approach to Compliance Published October 2017 Copyright 2017 Health and Social Care Information Centre. The Health and Social Care Information
More informationDealing with the EU Data Protection Regulation in Practice. William Long, Partner Sidley Austin LLP February 11, 2016
Dealing with the EU Data Protection Regulation in Practice William Long, Partner Sidley Austin LLP February 11, 2016 Do you need to comply? The Regulation will apply to a business processing personal data:
More informationEU General Data Protection Regulation (GDPR) A Point of View for Technology Sector Organisations. For private circulation only.
EU General Data Protection Regulation (GDPR) A Point of View for Technology Sector Organisations For private circulation only Risk Advisory Preface Does the EU GDPR impact organisations in India? Yes!
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationPrepare for GDPR today with Microsoft 365
Prepare for GDPR today with Microsoft 365 2 Table of contents 01. 02. 03. 04. 05. Executive Sumary Landscape Assess and manage your compliance risk Protect your most sensitive data Closing 3 01. Executive
More informationFIVE STEPS TO COMPLIANCE ... GDPR: KEY CONSIDERATIONS FOR CUSTOMER SERVICE TEAMS.
FIVE STEPS TO COMPLIANCE... GDPR: KEY CONSIDERATIONS FOR CUSTOMER SERVICE TEAMS www.parkersoftware.com 2 www.parkersoftware.com Unless you ve been living a life of blissful regulatory-ignorance, you will
More informationPrivacy governance survey. The state of privacy management in Belgian organisations
Privacy governance survey The state of privacy management in Belgian organisations January 2017 Welcome How are Belgian organisations performing when it comes to the protection of personal data? In November
More informationGuide to the GDPR. Contents. dbsdata.co.uk
Guide to the GDPR Guide to the GDPR Contents 03 What does the new GDPR say? 04 The GDPR Principles 04 Organisational & Technical Measures 05 GDPR at a glance 06 From May 2018 each of us have some new awesome
More informationAccelerate Your Response to the EU General Data Protection Regulation (GDPR) with Oracle Cloud Applications
Accelerate Your Response to the EU General Data Protection Regulation (GDPR) with Oracle Cloud Applications O R A C L E W H I T E P A P E R D E C E M B E R 2 0 1 7 Disclaimer The purpose of this document
More informationWhat Does GDPR Mean for B2B Organizations?
What Does GDPR Mean for B2B Organizations? Almost every B2B organization, regardless of location, will be affected by new EU legislation that brings the protection of personal data into the digital age.
More informationPERSONAL DATA SECURITY GUIDANCE FOR MICROENTERPRISES UNDER THE GDPR
PERSONAL DATA SECURITY GUIDANCE FOR MICROENTERPRISES UNDER THE GDPR The General Data Protection Regulation ( the GDPR ) significantly increases the obligations and responsibilities of organisations and
More informationWORLD MEDIA GROUP THE IMPLICATIONS OF GDPR FOR THE ADVERTISING INDUSTRY
WORLD MEDIA GROUP THE IMPLICATIONS OF GDPR FOR THE ADVERTISING INDUSTRY This month s World Media Group Breakfast Briefing Everything You Need to Know about GDPR - was one of our best-ever attended sessions.
More informationEU General Data Protection Regulation (GDPR) A Point of View. For private circulation only. Risk Advisory
EU General Data Protection Regulation (GDPR) A Point of View For private circulation only Risk Advisory Preface Does the EU GDPR impact organisations in India? Yes! This new law will have a profound impact
More informationAchieving GDPR Compliance with Avature
Achieving GDPR Compliance with Avature What You Need to Know About GDPR The General Data Protection Regulation, or GDPR, is a regulation that was passed by the European Union in 2016 to update and replace
More informationEU General Data Protection Regulation (GDPR) Tieto s approach and implementation
EU General Data Protection Regulation (GDPR) Tieto s approach and implementation GDPR roles and positions Data subjects Information on processing Consent or other basis for processing Right requests High
More informationSchedule of services.
Sitemorse (UK Sales) Ltd. 48 Charlotte St. London, W1T 2NS www.sitemorse.com NAME NAME +44 20 7183 5588 sales@sitemorse.com Schedule of services. Person Name ROLE Department Organisation name in here Version
More informationGDPR Compliance Checklist
GDPR Compliance Checklist GDPR Compliance Checklist This GDPR Compliance Checklist sets out the key requirements that the General Data Protection Regulation will introduce into EU Privacy law on 25 May
More informationGeneral Personal Data Protection Policy
General Personal Data Protection Policy Contents 1. Scope, Purpose and Users...4 2. Reference Documents...4 3. Definitions...5 4. Basic Principles Regarding Personal Data Processing...6 4.1 Lawfulness,
More information2017 IBM Corporation. IBM s Journey to GDPR Readiness
IBM s Journey to GDPR Readiness IBM s Journey to GDPR Readiness At IBM, we have a deep rooted understanding that privacy is foundational to trust. We are approaching the GDPR in the same spirit, both internally
More informationData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPR Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 29 September 2016 www.itgovernance.co.uk Introduction Adrian Ross GRC Consultant Infrastructure services Business
More informationGDPR. The General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council 27 April
www.thalesgroup.com/uk SECURE COMMUNICATIONS AND INFORMATION SYSTEMS The General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council 27 April 2016 Contents What is the
More informationHumber Information Sharing Charter
External Ref: HIG 01 Review date November 2016 Version No. V07 Internal Ref: NELC 16.60.01 Humber Information Sharing Charter This Charter may be an uncontrolled copy, please check the source of this document
More informationVendor Agreements and the New EU GDPR Steps to Take Now
Presenting a live 90-minute webinar with interactive Q&A Vendor Agreements and the New EU GDPR Steps to Take Now Complying With the EU General Data Protection and Privacy Regulation TUESDAY, JANUARY 30,
More informationICT and introduction to GDPR
ICT and introduction to GDPR Presented by Anthony Murray Dalata Hotel Group plc Seán Graham PREM Group/Trinity Hospitality ICT-Building for the future a bottom up approach. Planning for the IT future is
More informationForeword... 3 Executive Summary... 4 Survey Results and Key Findings GDPR Impact, Organisational Readiness & Resources...
Table of Contents Foreword... 3 Executive Summary... 4 Survey Results and Key Findings... 7 1. GDPR Impact, Organisational Readiness & Resources... 7 1.1 Key Areas of Impact... 7 1.2 Top Areas of Senior
More informationTHE EU GENERAL DATA PROTECTION REGULATION AND INTERNATIONAL AIRLINES SPECIAL UPDATE
OCTOBER 2017 EU, COMPETITION, TRADE AND REGULATORY THE EU GENERAL DATA PROTECTION REGULATION AND INTERNATIONAL AIRLINES SPECIAL UPDATE The EU General Data Protection Regulation (GDPR) becomes effective
More information12 STEPS TO PREPARE FOR THE GDPR
12 STEPS TO PREPARE FOR THE GDPR Presented by Henshalls Insurance Brokers On 25 May 2018, the General Data Protection Regulation (GDPR) comes into effect in the EU and across the United Kingdom. The GDPR
More informationPreparing for GDPR 27th September, Reykjavik
Preparing for GDPR 27th September, Reykjavik Introduction Who I am? Solicitor fromlondon Worked in digital industry for the last 7years Specialized in Privacy for the last 7 years and did some consulting
More informationTECH ESSENTIALS IT FACULTY. The essential guide to GDPR
TECH ESSENTIALS IT FACULTY The essential guide to GDPR Getting to grips with the General Data Protection Regulation The rules governing data protection and personal privacy are changing. Despite the step
More informationWHITE PAPER. Payments organizations can leverage APIs to monetize their data and services. Abstract
WHITE PAPER Payments organizations can leverage APIs to monetize their data and services Abstract Open banking initiatives such as the revised directive on payment services (PSD2), emergence of fintechs,
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR), which takes effect in 2018, will bring changes
More informationGeneral Data Privacy Regulation: It s Coming Are You Ready?
General Data Privacy Regulation: It s Coming Are You Ready? Presenters Tristan North Worldwide ERC Government Affairs Adviser, Moderator William R. Tehan General Counsel, Graebel Companies, Inc. Hank A.
More informationTHE GENERAL DATA PROTECTION REGULATION: GUIDANCE ON THE ROLE OF THE DATA PROTECTION OFFICER
THE GENERAL DATA PROTECTION REGULATION: GUIDANCE ON THE ROLE OF THE DATA PROTECTION OFFICER Contents 1 Introduction 2 2 Key messages 3 3 The requirement to appoint a Data Protection Officer 4 3.1 Public
More informationFoundation trust membership and GDPR
05 April 2018 Foundation trust membership and GDPR In the last few weeks, we have received a number of enquiries from foundation trusts concerned about the implications of the new General Data Protection
More informationGDPR readiness for start-ups, technology businesses and professional practices Martin Cassey
www.nascenta.com GDPR readiness for start-ups, technology businesses and professional practices Martin Cassey Introduction GDPR Key Points GDPR/DPA Differences Start Up, Tech Business Professional Practice?
More informationGetting ready for the new UK data protection law Eight practical steps for micro business owners and sole traders
Getting ready for the new UK data protection law Eight practical steps for micro business owners and sole traders 1 Know the law is changing which you now do, so that s one thing you ve done already! 5
More informationSOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER
EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER ARRIVAL OF GDPR IN 2018 The European Union (EU) General Data Protection Regulation (GDPR) that takes effect in 2018 will bring changes for
More informationTourettes Action Data Protection Policy
Tourettes Action Data Protection Policy Effective date: 01/01/2018 Review date: 01/01/2020 Approved: Suzanne Dobson, CEO Tourettes Action Author: Pippa McClounan, Office Manager Tourettes Action Version
More informationThe new EU data protection Regulation: The business opportunity beyond legal compliance. Kalliopi Spyridaki Chief Privacy Strategist, Europe
The new EU data protection Regulation: The business opportunity beyond legal compliance Kalliopi Spyridaki Chief Privacy Strategist, Europe Content The GDPR: background, content & principles What does
More informationGDPR: Is it just another strict regulation or a great opportunity for operational excellence?
GDPR: Is it just another strict regulation or a great opportunity for operational excellence? Xenofon Liapakis General manager CIO & Services of Interamerican group Chairman of Hellenic CIO forum November
More informationThe New EU General Data Protection Regulation 1
The New EU General Data Protection Regulation 1 Dear clients and friends, On 14 April 2016 the EU Parliament formally approved the General Data Protection Regulation ( the Regulation ). The Regulation
More informationPreparing for the GDPR: Attaining and Demonstrating Compliance
Preparing for the GDPR: Attaining and Demonstrating Compliance IAPP Privacy. Security. Risk. September 16, 2016. San Jose (CA) Copyright 2016 by Nymity Inc. All rights reserved. This document is provided
More informationEU General Data Protection Regulation
Steve Norledge, UKI GDPR Leader Sol Barron, Information Governance Specialist February 2017 EU General Data Protection Regulation Getting Started with GDPR GDPR significantly extends EU member-state data
More informationEU GENERAL DATA PROTECTION REGULATION
EU GENERAL DATA PROTECTION REGULATION GENERAL INFORMATION DOCUMENT This resource aims to provide a general factsheet to Asia Pacific Privacy Authorities (APPA) members, in order to understand the basic
More informationDigitalising the General Data Protection Regulation with Dynamic Condition Response Graphs
Digitalising the General Data Protection Regulation with Dynamic Condition Response Graphs Emil Heuck 1, Thomas T. Hildebrandt 1, Rasmus Kiærulff Lerche 2, Morten Marquard 2, Håkon Normann 1, Rasmus Iven
More informationMind your business: Prepare for GDPR
Mind your business: Prepare for GDPR Practical tips for small businesses www.sfa.ie/advice Contents Foreword 1 Section 1: Setting the scene 2 Section 2: How to implement GDPR 4 Step 1: Plan and resource
More informationNew EU-GDPR: Challenges for Universities and Research Organisations
New EU-GDPR: Challenges for Universities and Research Organisations Prof. Dr. Ing. Ramin Yahyapour CIO Georg-August-Universität Göttingen and University Medical Centre Director GWDG EUNIS workshop for
More informationCompliance digitalization The impact on the Compliance function. Deloitte Risk Services April 2016
Compliance digitalization The impact on the Compliance function Deloitte Risk Services April 2016 2 Contents Preface 5 Management summary 6 Effects of digitalization 7 Using data in the compliance function
More informationGDPR Webinar : Overview & practical compliance steps. 23 October 2017
GDPR Webinar : Overview & practical compliance steps 23 October 2017 1 Dr Michelle Goddard Director Policy & Communication, EFAMRO Mattias Strandberg Skribent, dagensanalys.se copyright efamro 2010 2 About
More informationSecuring Intel s External Online Presence
IT@Intel White Paper Intel IT IT Best Practices Information Security May 2011 Securing Intel s External Online Presence Executive Overview Overall, the Intel Secure External Presence program has effectively
More informationwith Xavier Darmstaedter Managing Partner GEDAPRE DACOTA Consulting
with Xavier Darmstaedter Managing Partner GEDAPRE DACOTA Consulting xada@gedapre.eu tel 0475-41.03.22 xavier.darmstaedter@dacota.eu Gent, 3 October 2017 4 facts 1. We are not really in control of our personal
More informationGeneral Data Protection Regulation (GDPR) Meeting the new requirements
General Data Protection Regulation (GDPR) Meeting the new requirements Data protection rules are changing In a nutshell Predating social media, cloud computing and geolocation services, the law needs to
More informationGDPR: Centralize Unstructured Data Governance Across On-premises and Cloud
GDPR: Centralize Unstructured Data Governance Across On-premises and Cloud YOU HAVE UNTIL MAY 2018 i TO CENTRALISE UNSTRUCTURED DATA GOVERNANCE ACROSS ON-PREMISES AND CLOUD The EU s General Data Protection
More informationBUSINESS CONTINUITY AS A SERVICE
BUSINESS CONTINUITY AS A SERVICE CONFIDENCE IN CONTINUITY From the launch of the UK s first managed online backup services over 15 years ago, to our leading Disaster Recovery as a Service (featured in
More informationPreparing for GDPR. Frequently Asked Questions & Answers. July July Clearswift 2016
Preparing for GDPR Frequently Asked Questions & Answers July 2016 July 2016 Clearswift 2016 www.clearswift.com Contents Background 3 Questions & Answers 3 1. Why is the GDPR being put in place now? 3 2.
More informationSeamless engagement for midsize companies
Seamless engagement for midsize companies How wellconnected are you? That s the challenge in today s mobile, virtual business landscape as companies strive for consistent communications between employees,
More informationQUANTUM GDPR POINT OF VIEW ARTICLE WILL STRICT NEW EU DATA LAWS CREATE ISSUES OR OPPORTUNITIES FOR TODAY S MARKETERS? OPT-IN?
WILL STRICT NEW EU DATA LAWS CREATE ISSUES OR OPPORTUNITIES FOR TODAY S MARKETERS? OPT-IN? Quantum Marketing Group Point of View Paper Spring 2016 1 Issues or opportunities? 2 What is the B2B challenge?
More informationTHE DIGIDAY GUIDE TO GDPR
THE DIGIDAY GUIDE TO GDPR The European Union s new General Data Protection Regulation is a horribly complex maze of information. It s fair to say that plowing through unspeakably dry legal documents for
More informationSt Mark s Church of England Academy Data Protection Policy
St Mark s Church of England Academy Data Protection Policy 1 Contents Purpose:... Error! Bookmark not defined. Scope:... Error! Bookmark not defined. Procedure:... Error! Bookmark not defined. Definitions:...
More information