Here is a compilation of thoughts and reference points around the effort required to become compliant with the EU General Data Protection Regulation (GDPR)
3. Significant Data Protection EU
Personal data is defined as “any information
relating to an identified or identifiable
natural person ‘data subject…:”
• Name
• Location
• Identification Number
• OnLine ID / Cookies
• Gender
• Physical
• Ethnic
• Cultural
• Social Identity
• Memberships
• Biometric
• CCTV Video
• Event photos
• Insurance
• Visas
• Religion
• Insurance Claims
Joe Orlando 3
5. NOT “Just another IT Project!”
EVERYONE “owns” the
Solution.
Data Controller (who NEEDS the
data)
Why Do You NEED the Data?
Data Processor (who uses the data
to complete tasks)
What Do You DO with the Data?
How is this Data Stored; Managed;
Secured; Shared; Refreshed; and
Processed.
Joe Orlando 5
ICT only FACILITATES
the Outcome:
Store
Move
Protect
ICT Cannot Do This
Alone.
6. If You Have Personal Information
• Find It
• Catalog It
• Map It
• Justify Why Need It
• Get Permission To Use It
• Secure It
• Document All of It
• Keep It Up or Delete It
• Data Subject Has Right
to
• See WHAT You Have
• Edit data
• Delete Data
• Deny You Permission to
Keep Data
• For Limited time Period
Joe Orlando 6
11. Joe Orlando 11
Race Against the Clock!
Law takes Effect May 25, 2018
NOT a ONE TIME THING - ONGOING
• Data Breach MUST Be Reported in 72 Hours
of Aware of Breach
• Individuals Can ask for Data and Must Be
Responsive in 30 Days
• Individuals MUST provide CLEAR Permission
to Hold Information
• 3rd Party Processors Does NOT Eliminate
YOUR Responsibility
• Data in Cloud – Cookies – Devices
• All States of Data
12. Joe Orlando 12
Race Against the Clock!
Law takes Effect May 25, 2018
NOT a ONE TIME THING - ONGOING
Failure to Comply with the
Regulation could mean
Up to 4% of GLOBAL
GROSS REVENUES
as a fine
20. It’s Not For Me - Just them!
• ANYBODY – ANYWHERE
who collects, stores,
uses, processes data on
EU citizens with more
than 250 employees
could subject to these
laws.
• Municipalities who collect
taxes on vacation homes of
EU citizens
• Utilities who bill EU citizens
• Websites who store
information on EU citizens
• Schools, Colleges,
Universities who have
students from EU
• Banks, Loan Companies,
Investment Companies with
EU clients
Joe Orlando 20
21. Joe Orlando 21
Race Against the Clock!
Law takes Effect May 25, 2018
NOT a ONE TIME THING - ONGOING
Failure to Comply with the
Regulation could mean
THE GREATER OF
€20,000,000 or
4% of GLOBAL GROSS
REVENUES
as a fine