EU General Data Protection Regulation

Similar documents
Customer Data Protection. Temenos module for the General Data Protection Regulation (GDPR)

What is GDPR and Should You Care?

THE GENERAL DATA PROTECTION REGULATION: A BRIEF OVERVIEW (*)

The General Data Protection Regulation (GDPR): Getting in good shape for the deadline Copenhagen, 19 September 2017 Janus Friis Bindslev Partner,

What Does GDPR Mean for B2B Organizations?

GDPR: Centralize Unstructured Data Governance Across On-premises and Cloud

An Automated Cornerstone to Privacy & Industry Regulations; End-to-End: Researched Legal Requirements to Defensible Disposition

Information Is Your Most Important Asset. #AIIM Learn the Skills to Manage It.

EU General Data Protection Regulation (GDPR)

Information Server: 11.x Information Governance Catalog. Marc Haber Senior Offering Manager, Governance Catalog & Tools

with Xavier Darmstaedter Managing Partner GEDAPRE DACOTA Consulting

EU-GDPR and the cloud. Heike Fiedler-Phelps January 13, 2018

Accelerate Your Response to the EU General Data Protection Regulation (GDPR) with Oracle Cloud Applications

EU General Data Protection Regulation (GDPR) Point of View for ERP and HRMS Operations. For private circulation only.

Information Economics

EU General Data Protection Regulation (GDPR) A Point of View for Technology Sector Organisations. For private circulation only.

TWELVE STEP PLAN TO BECOME COMPLIANT WITH THE GENERAL DATA PROTECTION REGULATION

The (Scheme) Actuary as a Data Controller

The new EU data protection Regulation: The business opportunity beyond legal compliance. Kalliopi Spyridaki Chief Privacy Strategist, Europe

EU data protection reform

GDPR: Is it just another strict regulation or a great opportunity for operational excellence?

Data protection in light of the GDPR

EU General Data Protection Regulation (GDPR) Tieto s approach and implementation

GDPR and Canadian organizations: Addressing key challenges GDPR and Canadian organizations: Addressing key challenges

Mind the Gap: GDPR Ahead. Rakesh Sancheti. Author. July Vice President and Business Head - Analytics, Europe and Nordic

WHAT PAYROLL PROFESSIONALS NEED TO KNOW ABOUT THE GENERAL DATA PROTECTION

Prepare for GDPR today with Microsoft 365

GDPR. Guidance on Employee Personal Data

How employers should comply with GDPR

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

GDPR Webinar : Overview & practical compliance steps. 23 October 2017

The New EU General Data Protection Regulation and its Consequences for IT Operations and Governance

2017 IBM Corporation. IBM s Journey to GDPR Readiness

General Data Privacy Regulation: It s Coming Are You Ready?

Guidance on the General Data Protection Regulation: (1) Getting started

Data Flow Mapping and the EU GDPR

The EU General Data Protection Regulation

General Data Protection Regulation. The changes in data protection law and what this means for your church.

The Sage quick start guide for businesses

GDPR - HOW IS INDUSTRY ADDRESSING THE LEGISLATION

EU GENERAL DATA PROTECTION REGULATION

Working toward GDPR compliance. Insights from a SAS survey and an end-to-end approach

Guidelines on the protection of personal data in IT governance and IT management of EU institutions

INFORMATION GOVERNANCE, PRIVACY & SECURITY SERVICES REDUCING COST AND RISK

New General Data Protection Regulation - an introduction

The General Data Protection Regulation: What does it mean for you?

WSGR Getting Ready for the GDPR Series

GDPR Compliance Checklist

5-Step Guide For GDPR Compliance

Getting Ready for the GDPR

PERSONAL DATA SECURITY GUIDANCE FOR MICROENTERPRISES UNDER THE GDPR

IBM Software White Paper. Information lifecycle governance in a big data environment

GDPR in 7 steps. Examples from client. implementations

The EU General Data Protection Regulation (GDPR) A briefing for the digital advertising industry

SOLUTION BRIEF RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT

Committee on Civil Liberties, Justice and Home Affairs WORKING DOCUMENT. Committee on Civil Liberties, Justice and Home Affairs

IBM Enterprise Content Management. Why IBM ECM Unique value propositions and differentiators from IBM Enterprise Content Management

PERSONAL DATA PROTECTION POLICY

What's Shaping the Future of Enterprise Content. Management? JOHN O MELIA

Make smart business decisions when they matter most September IBM Active Content: Linking ECM and BPM to enable the adaptive enterprise

Enterprise Information Governance, Archiving & Records management

The General Data Protection Regulation An Overview

DLT AnalyticsStack. Powering big data, analytics and data science strategies for government agencies

General Data Protection Regulation (GDPR) Meeting the new requirements

GET MORE VALUE OUT OF BIG DATA

General Personal Data Protection Policy

Breaking the myth How your marketing activities can benefit from the GDPR December 2017

ECDPO 1: Preparing for the EU General Data Protection Regulation

ActualTests.C Q&A C Foundations of IBM Big Data & Analytics Architecture V1

GDPR. Legalities, Policies and Process Part 3 of our series on GDPR and its impact on the recruitment industry

Preparing for GDPR. Frequently Asked Questions & Answers. July July Clearswift 2016

InfoSphere Warehouse. Flexible. Reliable. Simple. IBM Software Group

IBM Software IBM InfoSphere BigInsights

General Data Protection Regulation and Episerver Learn how to leverage your organization s data to support GDPR compliance.

Managing a Single View: Master Data Management

4/26. Analytics Strategy

Silicon Valley SharePoint Users Group 8/15/2013. Records Management and ediscovery For Business Users and IT. Rajesh Agadi Principal Consultant

THE EU GENERAL DATA PROTECTION REGULATION AND INTERNATIONAL AIRLINES SPECIAL UPDATE

Harnessing the Power of Big Data to Transform Your Business Anjul Bhambhri VP, Big Data, Information Management, IBM

GDPR A Catalyst to Drive Real Action around Privacy and Security

Creating Business Value with ECM at the Region of Niagara

From Information to Insight: The Big Value of Big Data. Faire Ann Co Marketing Manager, Information Management Software, ASEAN

Managing Data Warehouse Growth in the New Era of Big Data

Preparing for GDPR 27th September, Reykjavik

Content management in the cloud

ICT and introduction to GDPR

Rexel Shredding. Why a paper security policy is integral to GDPR compliance.

Lisbon, 17 May Agustín Puente Escobar State Counsel Head of the Legal Cabinet. Agencia Española de Protección de Datos

GDPR: keeping data processing records

Release & Deployment Management PinkVERIFY

Preparing for the General Data Protection Regulation (GDPR)

How Cisco IT Manages IT Service Costs

The IBM Reference Architecture for Healthcare and Life Sciences

Cloud Based Analytics for SAP

Growing and retaining your customer base with customer analytics

Mastering the GDPR with Enterprise Architecture

Achieving customer intimacy with IBM SPSS products

Policy Document for: Data Protection (GDPR) Approved by Directors: September Due for Review: September Statement of intent

What is the Modern Workplace?

Embracing SaaS: A Blueprint for IT Success

Transcription:

Steve Norledge, UKI GDPR Leader Sol Barron, Information Governance Specialist February 2017 EU General Data Protection Regulation Getting Started with GDPR

GDPR significantly extends EU member-state data privacy regulation EU Citizen Rights enhanced, harmonised and extended globally Inform / access / rectify / erase / object Give or withdraw specific data usage consent Insight in automatic decision making Transfer personal data to another provider (portability) Broadened scope Personal Data All direct and indirect identifiers Behavioural-, derived- and self-identified data Unstructured data Format and technology agnostic Organisational Impact Data controller and data processors liable for breaches Data controllers legally bound to validate data processor s compliance Data Protection Officer obligatory Stringent data security & breach management Conditions for cross-border data transfer altered Increased cost of non-compliance Fines up to 4% of annual turnover or 20 million Data Privacy Authorities empowered Increased activist and court activity Increased risk and cost of reputational damage 2

Focused on the citizen... Make it easy for me to manage how I consent to share different types of personal data with you Consent Management Erasure I want to be forgotten by you What information do you hold on me and what do you use it for? Subject Access Request Rectification & Data Portability I want you to correct my data and then I want to take my data to a new provider I want to develop a new process using personal data. Am I allowed to gather, augment and analyse all this personal data? Privacy Impact Assessment Breach Notification Tell me if my personal data has been breached. Was it encrypted? Access Management Data Transfer Do I have the right data access privileges to allow access to the data I need to I want to transfer or process run my new process? this data in a different country 3

...IBM s five layer model for GDPR Governance GDPR governance, covering amongst others legal assessment, third party management and risk and compliance; DPO role Communications & People People and Communications, covering employee awareness and training, and internal and external communication Process Processes, covering the GDPR readiness of HR, CRM and other business processes Data Data, covering personal data life cycle management and citizen interaction Security Security, covering cyber security technologies to protect critical personal data and capabilities that enable timely breach notification 4

IBM supports your GDPR timeline until 2018 and beyond GDPR Timeline Now 2H 2016 2017 1H 2018 May 2018 Diagnose Define, Design and build Deliver and Demonstrate Legal review Identify gaps Impact analysis Governance People & Communications Process Data Security Test & Assure Deploy to production Demonstrate compliance (ongoing) Many firms are currently working through the legal interpretation. IBM can support the gap- and impact analysis. IBM can speed up your deployment programme at a reduced cost by bringing GDPR solutions, tools and accelerators across the full spectrum of your needs. IBM can provide the capabilities to help you deliver and demonstrate your GDPR capability. 5

So What Do You Do? PREPARE 6

What Does GDPR Ask of You? The GDPR is all about acting responsibly with personal information, in its widest sense Therefore, in broad terms compliance with GDPR will require you to Understand Your Data, in order to Protect Your Data and Govern Your Data Wherever it is (databases, file shares, email systems, storage boxes) In whatever format it is (structured, unstructured, audio, etc.) 7

IBM Solution Framework Rights of EU Data Subjects Security of Personal Data Lawfulness and Consent Accountability Lawfulness of and Compliance Consent Design and Default Dynamic Policy Management: Define what, why, how long Implementation Services: Distribute policies to data sources Data Infrastructure: Control use, align cost to value P o l i c i e s R u l e s A u d i t P r o c e s s e s A n a l y s e s IBM Atlas Databases & Data Warehouse ECM & Collaboration IBM Case Manager Data Management Archive Platform Hadoop Platform Master Data Email Servers InfoSphere User Devices & File Shares Optim Cloud & Social Security & Compliance Monitoring 8

StoredIQ Understanding Your Unstructured Data Fast discovery of unstructured data across the enterprise scaling to 00s Terabytes and Petabytes o Where the data is o What the data is o How big the data is o What the data is called o Who created the data o Deep knowledge of the data, many layers of attributes 9

StoredIQ Deeper Analysis Open each text file Index its content: Words, Phrases, Names Patterns National Insurance numbers, credit cards, IDs, etc. Auto-Classification Classifies content based on user-definable taxonomy No coding required, uses Natural Language Processing Provides additional overlay/filter analysis capability 10

Atlas Policy Suite provides broad support for regulatory and legal compliance The IBM Atlas Policy Management Suite is a pivotal component of the IBM Information Lifecycle Governance (ILG) solution portfolio Helps organizations improve information economics and reduce risk by enabling defensible disposal of data debris. Aligns information cost to value through value-based archiving and tiering Reduces information risk by instrumenting privacy, electronic discovery (ediscovery), and regulatory policy across the data environment Primary features include: Incorporates a citation database of relevant legislation, regulation and policy Maintains an organizational, multi-jurisdictional retention file plan for all information types with cross-reference back to the corresponding citation Provides a catalogue of data sources (processes, data repositories, applications, etc.) Maps all information types to the data sources which utilize them as well as the business units and individuals who own the information 11

Let s take a look 12

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback