SlideShare a Scribd company logo

European Corporate Counsel Summit 2015 - Joao Barreiro News Release

E
Emilie Rønn
1 of 2
Download to read offline
Interview with: Joao Torres Barreiro, Associate VP & Chief Data Protection Officer, HCL Technolo- gies Joao is a keynote speaker at the marcus evans European Corporate Counsel Summit 2015 taking place at Cascais, Portugal, 23 - 24 November. What do organisations need to know about the changes the EU General Data Protection Regulation will bring? This regulation will change the power dynamics between companies, data protection authorities and data subjects, which are the customers. It will also radically transform the way organisa- tions process personal data and use this data to do their business. ‘Privacy by design’ and ‘privacy by default’ will become the standard. Instead of looking at those changes as a challenge, I prefer to face them as an opportunity. For example until now, companies had to deal with twenty- eight European data protection laws. In the future, they will only deal with one data protection law in the European Union. We cannot dismiss what this data protection reform will do for economic growth. In one of the European Commission’s press releases it was stated that the benefit of having one data protection law in the EU, instead of an inconsistent patchwork of twenty- eight national laws, is estimated at 2.3 billion Euros per year. Also, strengthen- ing Europe’s standards of data protection can be a business opportu- nity. What are the key elements for designing a privacy and data protection programme? The key and most important element for designing a successful privacy and data protection programme is to first define the scope of the program. To do that, companies need to identify what legal and regulatory data protection requirements are applicable to their organisation. This is particularly difficult for multinational companies, since they are present in different geographies across the globe and need to take into consideration multiple data protection laws. As well, multinational organisa- tions need to consider that different countries may have different views on the concept of privacy. For instance, the way an American perceives privacy is completely different from the way a European does. Companies should develop a global privacy strategy that speaks to all markets. They can only do this by adopting a holistic approach with very high privacy standards that should be customised only when strictly required. Why do all departments need to be engaged when designing a programme? There are many functions that do not have a seat on the privacy office but are necessary to implement a privacy and data protection program. For example, how can the privacy office draft a procedure that defines how personal data of employees is processed without the involvement of the human resources department? Or how can the privacy office implement procedures that address data protection breaches without the participation of the chief information security officer and the cyber security officer? Also, by engaging several departments within an organisation, you ensure a buy-in and a sense of ownership concerning privacy. What advice do you have for organisations that process personal data? The first step is to map the risks associated with the company data processing activities. Only by doing that, companies can adequately design and prioritise the privacy deliverables that should be implemented first. Otherwise, they will have a privacy program that is not going to solve the daily privacy problems of the organisation. Just like in any compliance program, to build a successful privacy program, companies must first know what their real weaknesses are. Companies should develop a global privacy strategy that speaks to all markets How to Design a Solid Privacy and Data Protection Programme
The Legal Network - marcus evans Summits group delivers peer-to-peer information on strategic matters, professional t r e n d s a n d b r e a k t h r o u g h innovations. Please note that the Summit is a closed business event and the number of participants strictly limited. About the European Corporate Counsel Summit 2015 The European Corporate Counsel Summit is the premium forum bringing together leading in-house counsel with specialist international law firms and legal services providers. As an invitation-only event taking place behind closed doors, the summit offers Global/European GCs an intimate environment for a focused discussion of key new drivers shaping the legal profession. The Summit will take place at the Grande Real Villa Itália, Cascais, Portugal, 23 - 24 November, 2015. www.eccsummit.com Contact Luzdary Hammad, Press Manager, marcus evans, Summits Division Tel: + 357 22 849 385 Email: press@marcusevanscy.com All rights reserved. The above content may be republished or reproduced. Kindly inform us by sending an email to press@marcusevanscy.com About marcus evans Summits marcus evans Summits are high level business forums for the world’s leading decision-makers to meet, learn and discuss strategies and solutions. Held at exclusive locations around the world, these events provide attendees with a unique opportunity to individually tailor their schedules of keynote presentations, case studies, roundtables and one-to-one business meetings. For more information, please visit: www.marcusevans.com Upcoming Events Chief Litigation Officer Summit (North America) - www.chieflitigationofficersummit.com IP Law European Summit - www.iplawsummiteurope.com IP Law Summit (North America) - www.iplawsummit.com To view the web version of this interview, please click here: www.eccsummit.com/JoaoTorresBarreiro

Recommended

EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
TrustArc
 
Trends in Technology and Taxation
Trends in Technology and TaxationTrends in Technology and Taxation
Trends in Technology and Taxation
Taxlinked net
 
scce-cep-2015-06-Dhont-1-04
scce-cep-2015-06-Dhont-1-04scce-cep-2015-06-Dhont-1-04
scce-cep-2015-06-Dhont-1-04
Jan Dhont
 
data protection training
data protection trainingdata protection training
data protection training
alicesmith11
 
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
TrustArc
 
LEADELL BOOKLET
LEADELL BOOKLETLEADELL BOOKLET
LEADELL BOOKLET
leadellpilv
 
Sirius Legal - IgnitionOne Lunch & Learn
Sirius Legal - IgnitionOne Lunch & LearnSirius Legal - IgnitionOne Lunch & Learn
Sirius Legal - IgnitionOne Lunch & Learn
IgnitionOne
 
Dai Davies - GDPR Presentation
Dai Davies - GDPR PresentationDai Davies - GDPR Presentation
Dai Davies - GDPR Presentation
Sagittarius
 

Recommended

EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
TrustArc
 
Trends in Technology and Taxation
Trends in Technology and TaxationTrends in Technology and Taxation
Trends in Technology and Taxation
Taxlinked net
 
scce-cep-2015-06-Dhont-1-04
scce-cep-2015-06-Dhont-1-04scce-cep-2015-06-Dhont-1-04
scce-cep-2015-06-Dhont-1-04
Jan Dhont
 
data protection training
data protection trainingdata protection training
data protection training
alicesmith11
 
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
TrustArc
 
LEADELL BOOKLET
LEADELL BOOKLETLEADELL BOOKLET
LEADELL BOOKLET
leadellpilv
 
Sirius Legal - IgnitionOne Lunch & Learn
Sirius Legal - IgnitionOne Lunch & LearnSirius Legal - IgnitionOne Lunch & Learn
Sirius Legal - IgnitionOne Lunch & Learn
IgnitionOne
 
Dai Davies - GDPR Presentation
Dai Davies - GDPR PresentationDai Davies - GDPR Presentation
Dai Davies - GDPR Presentation
Sagittarius
 
Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
Marek Pietrzyk
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
Lumension
 
INFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL securityINFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL security
Samo Zavašnik
 
GDPR in a nutshell
GDPR in a nutshellGDPR in a nutshell
GDPR in a nutshell
Data Traction
 
GDPR: A Threat or Opportunity? www.normanbroadbent.
GDPR: A Threat or Opportunity? www.normanbroadbent.GDPR: A Threat or Opportunity? www.normanbroadbent.
GDPR: A Threat or Opportunity? www.normanbroadbent.
Steven Salter
 
GDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your businessGDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your business
Mark Baker
 
EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know
Sarah Crabb
 
Gdpr workshop module_1
Gdpr workshop module_1Gdpr workshop module_1
Gdpr workshop module_1
S Sid Ahmed
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-masking
Jes Breslaw
 
Poročilo o obisku kongresa 2010 luksemburg 22062010
Poročilo o obisku kongresa 2010 luksemburg 22062010Poročilo o obisku kongresa 2010 luksemburg 22062010
Poročilo o obisku kongresa 2010 luksemburg 22062010
Zeleno d.o.o.
 
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationGDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementation
FERMA
 
What will be the Impact of GDPR Compliance in EU & UK?
What will be the Impact of GDPR Compliance in EU & UK?What will be the Impact of GDPR Compliance in EU & UK?
What will be the Impact of GDPR Compliance in EU & UK?
Cigniti Technologies Ltd
 
2018 Client Briefing GDPR
2018 Client Briefing GDPR2018 Client Briefing GDPR
2018 Client Briefing GDPR
Carsted Rosenberg Advokatfirma
 
Impact of GDPR on the pre dominant business model for digital economies
Impact of GDPR on the pre dominant business model for digital economiesImpact of GDPR on the pre dominant business model for digital economies
Impact of GDPR on the pre dominant business model for digital economies
EquiGov Institute
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next steps
The Economist Media Businesses
 
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisersThe Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
Galit Gonen-Cohen
 
GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal Trouble
Mickey Mellen
 
Managing Consumer Data Privacy
Managing Consumer Data PrivacyManaging Consumer Data Privacy
Managing Consumer Data Privacy
Gigya
 
Cyber_Risk_in_Switzerland_May_2022.pdf
Cyber_Risk_in_Switzerland_May_2022.pdfCyber_Risk_in_Switzerland_May_2022.pdf
Cyber_Risk_in_Switzerland_May_2022.pdf
GeorgeLekatis2
 
Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)
Kwanko
 

More Related Content

Similar to European Corporate Counsel Summit 2015 - Joao Barreiro News Release

Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
Marek Pietrzyk
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
Lumension
 
GDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your businessGDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your business
Mark Baker
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-masking
Jes Breslaw
 
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationGDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementation
FERMA
 
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisersThe Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
Galit Gonen-Cohen
 
Managing Consumer Data Privacy
Managing Consumer Data PrivacyManaging Consumer Data Privacy
Managing Consumer Data Privacy
Gigya
 

Similar to European Corporate Counsel Summit 2015 - Joao Barreiro News Release (20)

Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
Marek Pietrzyk - CISO Summit Zurich - Next generation Information Rights Mana...
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 
INFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL securityINFOMAGAZINE 8 by REAL security
INFOMAGAZINE 8 by REAL security
 
GDPR in a nutshell
GDPR in a nutshellGDPR in a nutshell
GDPR in a nutshell
 
GDPR: A Threat or Opportunity? www.normanbroadbent.
GDPR: A Threat or Opportunity? www.normanbroadbent.GDPR: A Threat or Opportunity? www.normanbroadbent.
GDPR: A Threat or Opportunity? www.normanbroadbent.
 
GDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your businessGDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your business
 
EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know
 
Gdpr workshop module_1
Gdpr workshop module_1Gdpr workshop module_1
Gdpr workshop module_1
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-masking
 
Poročilo o obisku kongresa 2010 luksemburg 22062010
Poročilo o obisku kongresa 2010 luksemburg 22062010Poročilo o obisku kongresa 2010 luksemburg 22062010
Poročilo o obisku kongresa 2010 luksemburg 22062010
 
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationGDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementation
 
What will be the Impact of GDPR Compliance in EU & UK?
What will be the Impact of GDPR Compliance in EU & UK?What will be the Impact of GDPR Compliance in EU & UK?
What will be the Impact of GDPR Compliance in EU & UK?
 
2018 Client Briefing GDPR
2018 Client Briefing GDPR2018 Client Briefing GDPR
2018 Client Briefing GDPR
 
Impact of GDPR on the pre dominant business model for digital economies
Impact of GDPR on the pre dominant business model for digital economiesImpact of GDPR on the pre dominant business model for digital economies
Impact of GDPR on the pre dominant business model for digital economies
 
Companies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next stepsCompanies, digital transformation and information privacy: the next steps
Companies, digital transformation and information privacy: the next steps
 
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisersThe Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
The Times 26-11-2015 Raconteur p10 - Now lawyers are strategic advisers
 
GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal Trouble
 
Managing Consumer Data Privacy
Managing Consumer Data PrivacyManaging Consumer Data Privacy
Managing Consumer Data Privacy
 
Cyber_Risk_in_Switzerland_May_2022.pdf
Cyber_Risk_in_Switzerland_May_2022.pdfCyber_Risk_in_Switzerland_May_2022.pdf
Cyber_Risk_in_Switzerland_May_2022.pdf
 
Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)
 

European Corporate Counsel Summit 2015 - Joao Barreiro News Release

  • 1. Interview with: Joao Torres Barreiro, Associate VP & Chief Data Protection Officer, HCL Technolo- gies Joao is a keynote speaker at the marcus evans European Corporate Counsel Summit 2015 taking place at Cascais, Portugal, 23 - 24 November. What do organisations need to know about the changes the EU General Data Protection Regulation will bring? This regulation will change the power dynamics between companies, data protection authorities and data subjects, which are the customers. It will also radically transform the way organisa- tions process personal data and use this data to do their business. ‘Privacy by design’ and ‘privacy by default’ will become the standard. Instead of looking at those changes as a challenge, I prefer to face them as an opportunity. For example until now, companies had to deal with twenty- eight European data protection laws. In the future, they will only deal with one data protection law in the European Union. We cannot dismiss what this data protection reform will do for economic growth. In one of the European Commission’s press releases it was stated that the benefit of having one data protection law in the EU, instead of an inconsistent patchwork of twenty- eight national laws, is estimated at 2.3 billion Euros per year. Also, strengthen- ing Europe’s standards of data protection can be a business opportu- nity. What are the key elements for designing a privacy and data protection programme? The key and most important element for designing a successful privacy and data protection programme is to first define the scope of the program. To do that, companies need to identify what legal and regulatory data protection requirements are applicable to their organisation. This is particularly difficult for multinational companies, since they are present in different geographies across the globe and need to take into consideration multiple data protection laws. As well, multinational organisa- tions need to consider that different countries may have different views on the concept of privacy. For instance, the way an American perceives privacy is completely different from the way a European does. Companies should develop a global privacy strategy that speaks to all markets. They can only do this by adopting a holistic approach with very high privacy standards that should be customised only when strictly required. Why do all departments need to be engaged when designing a programme? There are many functions that do not have a seat on the privacy office but are necessary to implement a privacy and data protection program. For example, how can the privacy office draft a procedure that defines how personal data of employees is processed without the involvement of the human resources department? Or how can the privacy office implement procedures that address data protection breaches without the participation of the chief information security officer and the cyber security officer? Also, by engaging several departments within an organisation, you ensure a buy-in and a sense of ownership concerning privacy. What advice do you have for organisations that process personal data? The first step is to map the risks associated with the company data processing activities. Only by doing that, companies can adequately design and prioritise the privacy deliverables that should be implemented first. Otherwise, they will have a privacy program that is not going to solve the daily privacy problems of the organisation. Just like in any compliance program, to build a successful privacy program, companies must first know what their real weaknesses are. Companies should develop a global privacy strategy that speaks to all markets How to Design a Solid Privacy and Data Protection Programme
  • 2. The Legal Network - marcus evans Summits group delivers peer-to-peer information on strategic matters, professional t r e n d s a n d b r e a k t h r o u g h innovations. Please note that the Summit is a closed business event and the number of participants strictly limited. About the European Corporate Counsel Summit 2015 The European Corporate Counsel Summit is the premium forum bringing together leading in-house counsel with specialist international law firms and legal services providers. As an invitation-only event taking place behind closed doors, the summit offers Global/European GCs an intimate environment for a focused discussion of key new drivers shaping the legal profession. The Summit will take place at the Grande Real Villa Itália, Cascais, Portugal, 23 - 24 November, 2015. www.eccsummit.com Contact Luzdary Hammad, Press Manager, marcus evans, Summits Division Tel: + 357 22 849 385 Email: press@marcusevanscy.com All rights reserved. The above content may be republished or reproduced. Kindly inform us by sending an email to press@marcusevanscy.com About marcus evans Summits marcus evans Summits are high level business forums for the world’s leading decision-makers to meet, learn and discuss strategies and solutions. Held at exclusive locations around the world, these events provide attendees with a unique opportunity to individually tailor their schedules of keynote presentations, case studies, roundtables and one-to-one business meetings. For more information, please visit: www.marcusevans.com Upcoming Events Chief Litigation Officer Summit (North America) - www.chieflitigationofficersummit.com IP Law European Summit - www.iplawsummiteurope.com IP Law Summit (North America) - www.iplawsummit.com To view the web version of this interview, please click here: www.eccsummit.com/JoaoTorresBarreiro