2. DATA PROTECTION IS ON AGENDA NOWWHY
Oh,myGod!
Youareinsecure,
because
yourdatais
unsecured
?
3. DATA PROTECTION IS ON AGENDA NOWWHY
BUSINESS
PUBLIC
LAW
?
PIE:valueofdataofEuropeancitizensincreaseby1trillionEURbyyear
corporatereputation
employerbranding
overallgovernance
PrivacyShield
BCR
NEW!EU GENERALDATA
PROTECTION REGULATION
Austrianstudentattacked
Facebook
>ECJnullifiedEU-US privacy
regime
Yahoodatabreach
TODAY
TOMORROW
4. THE SCALE ASTRONOMIC
Sun Earth TODAY
200k EUR *
TOMORROW
200m EUR **
* RECENTMAXIMUM FINE (averageEU)
** NEW MAXIMUM:4% OFGLOBALTURNOVER
(takingaglobalcompanyasexample)
5. THE NAME OFTHE GAME GDPR
EU REGULATION
regulation
single,
unifiedregime
effectiveoutsideofEurope
May25,2018
multipleenforcement
significantlyhigher
consequencesof
non-compliance
extended& enlarged
obligations
EU GeneralDataProtectionRegulation
6. KEY NEW FEATURESOFGDPR
ACCOUNTABILITY
DATA PROTECTION
BY DESIGN
& BY DEFAULT
PIA
INDIVIDUALS’RIGHTS
righttobeinformed
recipientsof
personaldata
DataProtection
Officer
Privacy
Impact
Assessment
BREACHNOTIFICATION DPO
processes& policies
documentation
fosteringto
livetherights
7. CORPORATE RESPONDS&ACTIONS
GROUP DATA PROTECTION FRAMEWORK
SINGLE
UNIFIED
CENTRALIZED
SCALECHANGE BOARDROOM ISSUE
SPECIALPROFESSIONAL
TIMELY SOLUTION
IMPLEMENTATION
CHALLENGES
NEW DIMENSION
PRIVACY FUNCTION
MULTIPLEDEPARTMENTS
CONCERNED
12. BRIEFINGS,WORKSHOPS,TRAININGS
AWARENESS
APPROACH
ATTRIBUTEOFPERSONALDATA PROTECTION
AS CORPORATE FUNCTION
ConstitutionalRight
“CONSUMER TRUSTIS ESSENTIAL
TO ACHIEVING GROWTH.”
CodeofConduct
„WHATEVER DIRECTION YOU’RE TAKING WITH
PEOPLE’S INFORMATION;YOU’RE TAKING THOSE
PEOPLE WITH YOU.”
Accessory
„YOU NEED TO BUILD THE CONSIDERATIONS FOR
PRIVACY INTO YOUR PROJECTS RIGHTFROM
THE BEGINNING TO MAKE ITWORK.”
13. DATA PROTECTION WILLBE ON AGENDAWHY?
INTERNALLY EXTERNALLY OTHERS
PRIVACY BY DESIGN /PRIVACY
RISK ASESSMENT
OUTSOURCING (TRANSFER)
EDUCATION AND TRAINING
REVIEW /CONTROL
INCIDENTMANGEMENT
SARs
DOCUMENTING AND
REPORTING COMPLIANCE
DPA AUDITS
BREXIT
PRIVACY SHIELD
DUE DILIGENCE
14. TAKEAWAYS
PERSONALDATA PROTECTION VERY MUCH IN FOCUS
TOUGHER REGULATIONS ATTHE DOORSTEP
RISKS EVOLVE
NON-COMPLIANCE MAY BRING SEVERE IMPLICATIONS
NEW STAKE OFINTERNAL ACTIVITY NEEDED
DEDICATED CORPORATE FUNCTION TO SETUP
375,374,373,372,371,370,369...BUSINESS DAYS