SlideShare a Scribd company logo

Learn ImpactQA's Approach to GDPR compliance

ImpactQA
ImpactQA

Data breaching has become prevalent in this digitized world. Here, in this PPT you will an overview of ImpactQA's approach to GDPR compliance.

Data & Analytics
1 of 8
Download to read offline
www.impactqa.com | services@impactqa.com COMPLIANCE ImpactQA’s Approach To Test GDPR Compliance
www.impactqa.com | services@impactqa.com What is GDPR? General Data Protection Regulation (GDPR) is the primary law regulating how companies protect EU citizens' personal data. What is GDPR compliance? Under the terms of GDPR, organisations have to ensure that personal data is gathered legally and under strict conditions. Who does GDPR apply to? GDPR applies to any organisation operating within the EU, as well as any organisations outside of the EU which offer goods or services to customers or businesses in the EU. What is personal data under the GDPR? Personally identifiable information, including names, addresses, date of births, social security numbers Web-based data, including user location, IP address, cookies, and RFID tags Health (HIPAA) and genetic data Biometric data Racial and/or ethnic data Political opinions Sexual orientation Penalities for Non-Compliance For companies that fail to comply with certain GDPR requirements, fines may be up to 2% or 4% of total global annual turnover or €10m or €20m, whichever is greater. General Data Protection Regulation Introduction
GDPR Implementation Support Data Protection Officer (DPO) Services Privacy Impact Assessments (PIA) Data Protection Audit • Map data flows in and out of the organization • Establishing policies, procedures and lines of accountability • Maintaining a system of checks and balances to ensure compliance with GDPR • Support for appointing a DPO (onsite or virtual) • Support for training in- house Privacy Officers in accordance with GDPR • Enjoy better efficiency, risk management and productivity • PIAs are an integral part of Privacy of Design principle • Conduct periodic PIAs on your behalf and generate appropriate reports • Developing customized PIA framework and methodologies to integrate with existing workflow • Help in preparing for audits by Data Protection Commissioner through mock drills • Regular workshops, seminars and Questionnaire based audits • Onsite inspection and Gap Analysis www.impactqa.com | services@impactqa.com GDPR Compliance
www.impactqa.com | services@impactqa.com Our Approach to Test Define the Organization ● Understand Customer’s GDPR obligations ● Assess existing procedural controls against GDPR requirements ● Business Process Framework to capture scope of process control ● Determine GDPR implications for Supply chain partners Plan the Roadmap Consider Options Assess Existing Process Business Understanding ● Assess business processes against GDPR ● Assess applications & technology architecture against GDPR ● Assess 3rd Party supply chain compliance ● Identify new controls–process, technical and procedure ● Confirm budget for all remediation actions ● Create an agreed roadmap between the business & IT supported by business priorities and constraints ● Mobilise remediation team ● Confirm remediation option to address process compliance gaps ● Confirm technical remediation options to address compliance gaps ● Confirm 3rd party remediation options ● Establish a risk based assessment of all remediation actions ● Define delivery management controls to ensure on-going compliance ● Assess GDPR implications on roles & organisation design ● Introduce appropriate segregation of duties within the business & across 3rd parties
Use Anonymyzation  Utilizes many techniques such as encryption, generalization, pseudonymization, and perturbation  Available for businesses to work without breaching any live data Documentation  Document the processing of individuals’ data in all test environments  TDM Process involves profiling, subsetting, masking, provisioning and forming a repository of data in test environments  Using of Stringent data controls and centralized data access for authorized access points www.impactqa.com | services@impactqa.com Test Data Audit w.r.t. GDPR Guidelines Adopting Synthetic Data  Data masking, synthetic data eliminates the risk of exposing personal information  Data Masking is a process of hiding specific fields such as first name, last name, and address  The synthetic data framework creates data based on the design, testing rules, & environments created by an organization Audit  Audits help to restrict the external users  By creating robust test Data management and processes, it helps to control & protect the security and privacy of the data  Regular audits will help to keep your test data secured, preventing inappropriate use of personal test data
Website & Mobile Vulnerability Assessment & Penetration Testing GDPR Compliance Governance, Risk and Certifications People Cyber Security Training Analysis & Policy Log Analysis ,PII Access Policies Anti-Ransomware Protect Company from Ransomware Attack www.impactqa.com | services@impactqa.com Our Offerings for GDPR & Security Testing
Contact Us: • Dr. Arvind Sharma Arvind@impactqa.com +41 152 5340 6359 • Marijike Michielsen marijke@impactqa.com +31 653 461 750 Our Offices: GERMANY Tannestrasse 16, 82049, Pullach, Germany NEW DELHI 68 AD, Noida Special Economic Zone, Noida-Dadri Rd, Phase-2, Noida, Uttar Pradesh – 201305 NEW YORK 597 5th Avenue, 12th Floor New York, NY 10017 Visit Us at www.impactqa.com www.impactqa.com | services@impactqa.com
“ Team ImpactQA is one of the finest and most diligent professionals I have had the opportunity of working with. The team displays high level of technical competency and professional conduct. They pointed out some really critical vulnerabilities in our equipments and suggested practical remediations. They patiently discussed every aspect of security with our biomedical and network teams. It was a remarkable experience. “ Technical group Challenges ● Assess vulnerabilities present in the application of the company ● Protecting the user data from being misused and made public ● Safeguarding the application from being abused to distribute malware ● GDPR compliance Test ________________________________ Solution • Detailed Planning for GDPR compliance testing was prepared with right set of inputs from Customer. The Data set created were fully compliant to the GDPR • In order to deal with the issue of parameter tampering, we suggested the organization that parameters should be verified at the server and the response of the server should be matched with the request sent by the application • We suggested critical changes in the application’s architecture and authentication mechanism • We suggested them to modify their application flows to prevent data loss and hijacking of privileges • Detailed documentation of the vulnerabilities discovered in the application was provided, explaining the problem, its cause and remediation Case Study : Security Testing of a German based Real Estate Platform www.impactqa.com | services@impactqa.com

Recommended

Accessibility Testing - ImpactQA
Accessibility Testing - ImpactQAAccessibility Testing - ImpactQA
Accessibility Testing - ImpactQAImpactQA
 
Sukraa corporate presentation 2021 v1
Sukraa corporate presentation 2021 v1Sukraa corporate presentation 2021 v1
Sukraa corporate presentation 2021 v1AnanthanKSC
 
OTS Solutions LLC Corporate presentation
OTS Solutions LLC Corporate presentationOTS Solutions LLC Corporate presentation
OTS Solutions LLC Corporate presentationDeepika Chaudhary
 
brochure_-_medical_devices
brochure_-_medical_devicesbrochure_-_medical_devices
brochure_-_medical_devicesVijayakannan Sermakani, PMP®
 
eCare Presentation ORL Alex2
eCare Presentation ORL Alex2eCare Presentation ORL Alex2
eCare Presentation ORL Alex2Ehab Ahmed Ellawendy
 
Med strategist profile ver 6
Med strategist profile ver 6Med strategist profile ver 6
Med strategist profile ver 6sriramsl
 
Sukraa i pacs 2020- v1
Sukraa i pacs 2020- v1Sukraa i pacs 2020- v1
Sukraa i pacs 2020- v1AnanthanKSC
 
Effective testing for a critical component of Government of India's unique id...
Effective testing for a critical component of Government of India's unique id...Effective testing for a critical component of Government of India's unique id...
Effective testing for a critical component of Government of India's unique id...Mindtree Ltd.
 

Recommended

Accessibility Testing - ImpactQA
Accessibility Testing - ImpactQAAccessibility Testing - ImpactQA
Accessibility Testing - ImpactQAImpactQA
 
Sukraa corporate presentation 2021 v1
Sukraa corporate presentation 2021 v1Sukraa corporate presentation 2021 v1
Sukraa corporate presentation 2021 v1AnanthanKSC
 
OTS Solutions LLC Corporate presentation
OTS Solutions LLC Corporate presentationOTS Solutions LLC Corporate presentation
OTS Solutions LLC Corporate presentationDeepika Chaudhary
 
brochure_-_medical_devices
brochure_-_medical_devicesbrochure_-_medical_devices
brochure_-_medical_devicesVijayakannan Sermakani, PMP®
 
eCare Presentation ORL Alex2
eCare Presentation ORL Alex2eCare Presentation ORL Alex2
eCare Presentation ORL Alex2Ehab Ahmed Ellawendy
 
Med strategist profile ver 6
Med strategist profile ver 6Med strategist profile ver 6
Med strategist profile ver 6sriramsl
 
Sukraa i pacs 2020- v1
Sukraa i pacs 2020- v1Sukraa i pacs 2020- v1
Sukraa i pacs 2020- v1AnanthanKSC
 
Effective testing for a critical component of Government of India's unique id...
Effective testing for a critical component of Government of India's unique id...Effective testing for a critical component of Government of India's unique id...
Effective testing for a critical component of Government of India's unique id...Mindtree Ltd.
 
Mobile Audits and Their Importance
Mobile Audits and Their ImportanceMobile Audits and Their Importance
Mobile Audits and Their ImportanceScalisi Enterprises
 
Sukraa corporate presentation
Sukraa corporate presentationSukraa corporate presentation
Sukraa corporate presentationAnanthanKSC
 
It’s Time for a QMS Revolution with Quality 4.0
It’s Time for a QMS Revolution with Quality 4.0It’s Time for a QMS Revolution with Quality 4.0
It’s Time for a QMS Revolution with Quality 4.0PECB
 
Authenticon20110920
Authenticon20110920Authenticon20110920
Authenticon20110920TelecomGuru
 
BYOD is Happening. Here's How to Make the Most of It
BYOD is Happening. Here's How to Make the Most of ItBYOD is Happening. Here's How to Make the Most of It
BYOD is Happening. Here's How to Make the Most of ItArlette Measures
 
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...Graematter Inc
 
Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRAApoorva Kabra
 
Best practices for global regulatory intelligence do's & don'ts
Best practices for global regulatory intelligence do's & don'tsBest practices for global regulatory intelligence do's & don'ts
Best practices for global regulatory intelligence do's & don'tsOnlineCompliance Panel
 
Application Security and PA DSS Certification
Application Security and PA DSS CertificationApplication Security and PA DSS Certification
Application Security and PA DSS CertificationDigital Security
 
ICD-10 Testing
ICD-10 TestingICD-10 Testing
ICD-10 TestingQualitest
 
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...ekyklos Κύκλος Ιδεών για τη Εθνική Ανασυγκρότηση
 
EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know Sarah Crabb
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR ComplianceGabor Farkas
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uaeRishalHalid1
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
Janrain Identity Cloud GDPR Assessment Kit
Janrain Identity Cloud GDPR Assessment Kit Janrain Identity Cloud GDPR Assessment Kit
Janrain Identity Cloud GDPR Assessment Kit Sean Bailey
 
Security, GDRP, and IT outsourcing: How to get it right
Security, GDRP, and IT outsourcing: How to get it rightSecurity, GDRP, and IT outsourcing: How to get it right
Security, GDRP, and IT outsourcing: How to get it rightN-iX
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firmsaccenture
 
What is a data protection impact assessment?
What is a data protection impact assessment?What is a data protection impact assessment?
What is a data protection impact assessment?Infinity Legal Solutions
 
What is a data protection impact assessment? what are the essential stages to...
What is a data protection impact assessment? what are the essential stages to...What is a data protection impact assessment? what are the essential stages to...
What is a data protection impact assessment? what are the essential stages to...Infinity Legal Solutions
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...ARMA International
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 

More Related Content

What's hot

Mobile Audits and Their Importance
Mobile Audits and Their ImportanceMobile Audits and Their Importance
Mobile Audits and Their ImportanceScalisi Enterprises
 
Sukraa corporate presentation
Sukraa corporate presentationSukraa corporate presentation
Sukraa corporate presentationAnanthanKSC
 
It’s Time for a QMS Revolution with Quality 4.0
It’s Time for a QMS Revolution with Quality 4.0It’s Time for a QMS Revolution with Quality 4.0
It’s Time for a QMS Revolution with Quality 4.0PECB
 
Authenticon20110920
Authenticon20110920Authenticon20110920
Authenticon20110920TelecomGuru
 
BYOD is Happening. Here's How to Make the Most of It
BYOD is Happening. Here's How to Make the Most of ItBYOD is Happening. Here's How to Make the Most of It
BYOD is Happening. Here's How to Make the Most of ItArlette Measures
 
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...Graematter Inc
 
Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRAApoorva Kabra
 
Best practices for global regulatory intelligence do's & don'ts
Best practices for global regulatory intelligence do's & don'tsBest practices for global regulatory intelligence do's & don'ts
Best practices for global regulatory intelligence do's & don'tsOnlineCompliance Panel
 
Application Security and PA DSS Certification
Application Security and PA DSS CertificationApplication Security and PA DSS Certification
Application Security and PA DSS CertificationDigital Security
 
ICD-10 Testing
ICD-10 TestingICD-10 Testing
ICD-10 TestingQualitest
 

What's hot (10)

Mobile Audits and Their Importance
Mobile Audits and Their ImportanceMobile Audits and Their Importance
Mobile Audits and Their Importance
 
Sukraa corporate presentation
Sukraa corporate presentationSukraa corporate presentation
Sukraa corporate presentation
 
It’s Time for a QMS Revolution with Quality 4.0
It’s Time for a QMS Revolution with Quality 4.0It’s Time for a QMS Revolution with Quality 4.0
It’s Time for a QMS Revolution with Quality 4.0
 
Authenticon20110920
Authenticon20110920Authenticon20110920
Authenticon20110920
 
BYOD is Happening. Here's How to Make the Most of It
BYOD is Happening. Here's How to Make the Most of ItBYOD is Happening. Here's How to Make the Most of It
BYOD is Happening. Here's How to Make the Most of It
 
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...
Regulatory Intelligence Series - How to find Predicate Devices SOFIE compared...
 
Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRA
 
Best practices for global regulatory intelligence do's & don'ts
Best practices for global regulatory intelligence do's & don'tsBest practices for global regulatory intelligence do's & don'ts
Best practices for global regulatory intelligence do's & don'ts
 
Application Security and PA DSS Certification
Application Security and PA DSS CertificationApplication Security and PA DSS Certification
Application Security and PA DSS Certification
 
ICD-10 Testing
ICD-10 TestingICD-10 Testing
ICD-10 Testing
 

Similar to Learn ImpactQA's Approach to GDPR compliance

EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know Sarah Crabb
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR ComplianceGabor Farkas
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uaeRishalHalid1
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
Janrain Identity Cloud GDPR Assessment Kit
Janrain Identity Cloud GDPR Assessment Kit Janrain Identity Cloud GDPR Assessment Kit
Janrain Identity Cloud GDPR Assessment Kit Sean Bailey
 
Security, GDRP, and IT outsourcing: How to get it right
Security, GDRP, and IT outsourcing: How to get it rightSecurity, GDRP, and IT outsourcing: How to get it right
Security, GDRP, and IT outsourcing: How to get it rightN-iX
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firmsaccenture
 
What is a data protection impact assessment?
What is a data protection impact assessment?What is a data protection impact assessment?
What is a data protection impact assessment?Infinity Legal Solutions
 
What is a data protection impact assessment? what are the essential stages to...
What is a data protection impact assessment? what are the essential stages to...What is a data protection impact assessment? what are the essential stages to...
What is a data protection impact assessment? what are the essential stages to...Infinity Legal Solutions
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...ARMA International
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
CyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRCyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRIryna Chekanava
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Complianceaccenture
 
Impact of GDPR on Third Party and M&A Security
Impact of GDPR on Third Party and M&A SecurityImpact of GDPR on Third Party and M&A Security
Impact of GDPR on Third Party and M&A SecurityEQS Group
 
CyNation - 7 things you should know about EU-GDPR
CyNation - 7 things you should know about EU-GDPRCyNation - 7 things you should know about EU-GDPR
CyNation - 7 things you should know about EU-GDPRShadi A. Razak
 
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-smIBM Sverige
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessSirius
 

Similar to Learn ImpactQA's Approach to GDPR compliance (20)

14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
 
EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know EU GDPR: What You Really Need to Know
EU GDPR: What You Really Need to Know
 
5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance5 key steps for SMBs for reaching GDPR Compliance
5 key steps for SMBs for reaching GDPR Compliance
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
 
Janrain Identity Cloud GDPR Assessment Kit
Janrain Identity Cloud GDPR Assessment Kit Janrain Identity Cloud GDPR Assessment Kit
Janrain Identity Cloud GDPR Assessment Kit
 
Security, GDRP, and IT outsourcing: How to get it right
Security, GDRP, and IT outsourcing: How to get it rightSecurity, GDRP, and IT outsourcing: How to get it right
Security, GDRP, and IT outsourcing: How to get it right
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firms
 
What is a data protection impact assessment?
What is a data protection impact assessment?What is a data protection impact assessment?
What is a data protection impact assessment?
 
What is a data protection impact assessment? what are the essential stages to...
What is a data protection impact assessment? what are the essential stages to...What is a data protection impact assessment? what are the essential stages to...
What is a data protection impact assessment? what are the essential stages to...
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
CyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRCyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPR
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Compliance
 
Impact of GDPR on Third Party and M&A Security
Impact of GDPR on Third Party and M&A SecurityImpact of GDPR on Third Party and M&A Security
Impact of GDPR on Third Party and M&A Security
 
CyNation - 7 things you should know about EU-GDPR
CyNation - 7 things you should know about EU-GDPRCyNation - 7 things you should know about EU-GDPR
CyNation - 7 things you should know about EU-GDPR
 
2016 11-17-gdpr-integro-webinar
2016 11-17-gdpr-integro-webinar2016 11-17-gdpr-integro-webinar
2016 11-17-gdpr-integro-webinar
 
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
1 -2-6 kista watson summit-gdpr ibm pov hogg-sm
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 

Recently uploaded

Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night StandCall Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night Standamitlee9823
 
Call Girls Indiranagar Just Call 👗 9155563397 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 9155563397 👗 Top Class Call Girl Service B...Call Girls Indiranagar Just Call 👗 9155563397 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 9155563397 👗 Top Class Call Girl Service B...only4webmaster01
 
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
➥🔝 7737669865 🔝▻ Thrissur Call-girls in Women Seeking Men 🔝Thrissur🔝 Escor...
➥🔝 7737669865 🔝▻ Thrissur Call-girls in Women Seeking Men 🔝Thrissur🔝 Escor...➥🔝 7737669865 🔝▻ Thrissur Call-girls in Women Seeking Men 🔝Thrissur🔝 Escor...
➥🔝 7737669865 🔝▻ Thrissur Call-girls in Women Seeking Men 🔝Thrissur🔝 Escor...amitlee9823
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Researchmichael115558
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxolyaivanovalion
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysismanisha194592
 
Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...
Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...
Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...amitlee9823
 
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Valters Lauzums
 
hybrid Seed Production In Chilli & Capsicum.pptx
hybrid Seed Production In Chilli & Capsicum.pptxhybrid Seed Production In Chilli & Capsicum.pptx
hybrid Seed Production In Chilli & Capsicum.pptx9to5mart
 
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night StandCall Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Standamitlee9823
 
➥🔝 7737669865 🔝▻ Bangalore Call-girls in Women Seeking Men 🔝Bangalore🔝 Esc...
➥🔝 7737669865 🔝▻ Bangalore Call-girls in Women Seeking Men 🔝Bangalore🔝 Esc...➥🔝 7737669865 🔝▻ Bangalore Call-girls in Women Seeking Men 🔝Bangalore🔝 Esc...
➥🔝 7737669865 🔝▻ Bangalore Call-girls in Women Seeking Men 🔝Bangalore🔝 Esc...amitlee9823
 
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Standamitlee9823
 
Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night StandCall Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Standamitlee9823
 
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKDATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKTimothy Spann
 
Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...
Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...
Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...amitlee9823
 

Recently uploaded (20)

Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night StandCall Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Attibele ☎ 7737669865 🥵 Book Your One night Stand
 
Call Girls Indiranagar Just Call 👗 9155563397 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 9155563397 👗 Top Class Call Girl Service B...Call Girls Indiranagar Just Call 👗 9155563397 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 9155563397 👗 Top Class Call Girl Service B...
 
CHEAP Call Girls in Rabindra Nagar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Rabindra Nagar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Rabindra Nagar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Rabindra Nagar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Surabaya ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
➥🔝 7737669865 🔝▻ Thrissur Call-girls in Women Seeking Men 🔝Thrissur🔝 Escor...
➥🔝 7737669865 🔝▻ Thrissur Call-girls in Women Seeking Men 🔝Thrissur🔝 Escor...➥🔝 7737669865 🔝▻ Thrissur Call-girls in Women Seeking Men 🔝Thrissur🔝 Escor...
➥🔝 7737669865 🔝▻ Thrissur Call-girls in Women Seeking Men 🔝Thrissur🔝 Escor...
 
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B ResearchDiscover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
 
Midocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFxMidocean dropshipping via API with DroFx
Midocean dropshipping via API with DroFx
 
Predicting Loan Approval: A Data Science Project
Predicting Loan Approval: A Data Science ProjectPredicting Loan Approval: A Data Science Project
Predicting Loan Approval: A Data Science Project
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
 
Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...
Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...
Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...
 
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Begur Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
Digital Advertising Lecture for Advanced Digital & Social Media Strategy at U...
 
hybrid Seed Production In Chilli & Capsicum.pptx
hybrid Seed Production In Chilli & Capsicum.pptxhybrid Seed Production In Chilli & Capsicum.pptx
hybrid Seed Production In Chilli & Capsicum.pptx
 
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night StandCall Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Nandini Layout ☎ 7737669865 🥵 Book Your One night Stand
 
➥🔝 7737669865 🔝▻ Bangalore Call-girls in Women Seeking Men 🔝Bangalore🔝 Esc...
➥🔝 7737669865 🔝▻ Bangalore Call-girls in Women Seeking Men 🔝Bangalore🔝 Esc...➥🔝 7737669865 🔝▻ Bangalore Call-girls in Women Seeking Men 🔝Bangalore🔝 Esc...
➥🔝 7737669865 🔝▻ Bangalore Call-girls in Women Seeking Men 🔝Bangalore🔝 Esc...
 
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
 
Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night StandCall Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Doddaballapur Road ☎ 7737669865 🥵 Book Your One night Stand
 
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
(NEHA) Call Girls Katra Call Now 8617697112 Katra Escorts 24x7
 
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNKDATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
DATA SUMMIT 24 Building Real-Time Pipelines With FLaNK
 
Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...
Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...
Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...
 

Learn ImpactQA's Approach to GDPR compliance

  • 2. www.impactqa.com | services@impactqa.com What is GDPR? General Data Protection Regulation (GDPR) is the primary law regulating how companies protect EU citizens' personal data. What is GDPR compliance? Under the terms of GDPR, organisations have to ensure that personal data is gathered legally and under strict conditions. Who does GDPR apply to? GDPR applies to any organisation operating within the EU, as well as any organisations outside of the EU which offer goods or services to customers or businesses in the EU. What is personal data under the GDPR? Personally identifiable information, including names, addresses, date of births, social security numbers Web-based data, including user location, IP address, cookies, and RFID tags Health (HIPAA) and genetic data Biometric data Racial and/or ethnic data Political opinions Sexual orientation Penalities for Non-Compliance For companies that fail to comply with certain GDPR requirements, fines may be up to 2% or 4% of total global annual turnover or €10m or €20m, whichever is greater. General Data Protection Regulation Introduction
  • 3. GDPR Implementation Support Data Protection Officer (DPO) Services Privacy Impact Assessments (PIA) Data Protection Audit • Map data flows in and out of the organization • Establishing policies, procedures and lines of accountability • Maintaining a system of checks and balances to ensure compliance with GDPR • Support for appointing a DPO (onsite or virtual) • Support for training in- house Privacy Officers in accordance with GDPR • Enjoy better efficiency, risk management and productivity • PIAs are an integral part of Privacy of Design principle • Conduct periodic PIAs on your behalf and generate appropriate reports • Developing customized PIA framework and methodologies to integrate with existing workflow • Help in preparing for audits by Data Protection Commissioner through mock drills • Regular workshops, seminars and Questionnaire based audits • Onsite inspection and Gap Analysis www.impactqa.com | services@impactqa.com GDPR Compliance
  • 4. www.impactqa.com | services@impactqa.com Our Approach to Test Define the Organization ● Understand Customer’s GDPR obligations ● Assess existing procedural controls against GDPR requirements ● Business Process Framework to capture scope of process control ● Determine GDPR implications for Supply chain partners Plan the Roadmap Consider Options Assess Existing Process Business Understanding ● Assess business processes against GDPR ● Assess applications & technology architecture against GDPR ● Assess 3rd Party supply chain compliance ● Identify new controls–process, technical and procedure ● Confirm budget for all remediation actions ● Create an agreed roadmap between the business & IT supported by business priorities and constraints ● Mobilise remediation team ● Confirm remediation option to address process compliance gaps ● Confirm technical remediation options to address compliance gaps ● Confirm 3rd party remediation options ● Establish a risk based assessment of all remediation actions ● Define delivery management controls to ensure on-going compliance ● Assess GDPR implications on roles & organisation design ● Introduce appropriate segregation of duties within the business & across 3rd parties
  • 5. Use Anonymyzation  Utilizes many techniques such as encryption, generalization, pseudonymization, and perturbation  Available for businesses to work without breaching any live data Documentation  Document the processing of individuals’ data in all test environments  TDM Process involves profiling, subsetting, masking, provisioning and forming a repository of data in test environments  Using of Stringent data controls and centralized data access for authorized access points www.impactqa.com | services@impactqa.com Test Data Audit w.r.t. GDPR Guidelines Adopting Synthetic Data  Data masking, synthetic data eliminates the risk of exposing personal information  Data Masking is a process of hiding specific fields such as first name, last name, and address  The synthetic data framework creates data based on the design, testing rules, & environments created by an organization Audit  Audits help to restrict the external users  By creating robust test Data management and processes, it helps to control & protect the security and privacy of the data  Regular audits will help to keep your test data secured, preventing inappropriate use of personal test data
  • 6. Website & Mobile Vulnerability Assessment & Penetration Testing GDPR Compliance Governance, Risk and Certifications People Cyber Security Training Analysis & Policy Log Analysis ,PII Access Policies Anti-Ransomware Protect Company from Ransomware Attack www.impactqa.com | services@impactqa.com Our Offerings for GDPR & Security Testing
  • 7. Contact Us: • Dr. Arvind Sharma Arvind@impactqa.com +41 152 5340 6359 • Marijike Michielsen marijke@impactqa.com +31 653 461 750 Our Offices: GERMANY Tannestrasse 16, 82049, Pullach, Germany NEW DELHI 68 AD, Noida Special Economic Zone, Noida-Dadri Rd, Phase-2, Noida, Uttar Pradesh – 201305 NEW YORK 597 5th Avenue, 12th Floor New York, NY 10017 Visit Us at www.impactqa.com www.impactqa.com | services@impactqa.com
  • 8. “ Team ImpactQA is one of the finest and most diligent professionals I have had the opportunity of working with. The team displays high level of technical competency and professional conduct. They pointed out some really critical vulnerabilities in our equipments and suggested practical remediations. They patiently discussed every aspect of security with our biomedical and network teams. It was a remarkable experience. “ Technical group Challenges ● Assess vulnerabilities present in the application of the company ● Protecting the user data from being misused and made public ● Safeguarding the application from being abused to distribute malware ● GDPR compliance Test ________________________________ Solution • Detailed Planning for GDPR compliance testing was prepared with right set of inputs from Customer. The Data set created were fully compliant to the GDPR • In order to deal with the issue of parameter tampering, we suggested the organization that parameters should be verified at the server and the response of the server should be matched with the request sent by the application • We suggested critical changes in the application’s architecture and authentication mechanism • We suggested them to modify their application flows to prevent data loss and hijacking of privileges • Detailed documentation of the vulnerabilities discovered in the application was provided, explaining the problem, its cause and remediation Case Study : Security Testing of a German based Real Estate Platform www.impactqa.com | services@impactqa.com