SlideShare a Scribd company logo

TrustArc Webinar: COVID-19, Two Years Later – Still A Data Privacy Challenge

TrustArc
TrustArc

Already 2 years since the global pandemic started, and the onset of COVID-19 still is a tremendous challenge for companies. Employee safety, closures, shifts in demand – all have tested businesses. Many companies have adopted policies and remote work practices. Unfortunately, many of these new actions have raised serious questions about privacy, still relevant today. How to increase your employee trust and retention during the pandemic? What can employers do to control the spread and mitigate the effects of the virus, and what additional data can they process about their employees? In this in-depth webinar, TrustArc and Covington & Burling privacy experts will dive into the challenges created by the global COVID-19 outbreak and how your company should face them. This webinar will review: - The privacy implications of the COVID-19 pandemic - How to effectively implement remote work policies to manage privacy risk - How to ensure good data protection and governance practices for your employees working from home to increase trust and retention

Technology
1 of 8
Download to read offline
1 1 © 2022 TrustArc Inc. Proprietary and Confidential Information. COVID-19, Two Years Later – Still A Data Privacy Challenge March 8th, 2022
2 2 Speakers Lindsay Palmer Senior Privacy Research Specialist TrustArc Andy McMenamy Global Privacy Program Manager TrustArc Anna Sophia Oberschelp de Meneses Associate Covington & Burling
3 3 Agenda • The privacy trends and implications of the COVID-19 pandemic • How to effectively implement remote work policies to manage privacy risk • Addressing openness and transparency • Considerations for a healthy return to the office • Secure disposal of COVID-19-related data
4 4 Remote working - trending issues Zero-trust network and computing: • Reconsider the castle-and-moat concept • Focus on identification on an individual user and device level Technical training: • Investment in employee training of security tools Social engineering: • Employees must understand basic IT hygiene and security Managing personal vs. work-issued equipment: • Mobile device management (MDM) Employee/productivity monitoring: • URL-blocking and web-filtering to block access to certain websites • EU prohibits systematic and potentially invasive data processing in the workplace
5 5 Transparency - the ongoing challenge • Be clear, open and honest with people about what you are doing with their personal information: ○ Be specific about the purpose of collection ○ Include retention periods to allay fears about scope of processing ○ Let people know where they can go for more information • Individuals can only have a sense of control over their data if they know about the processing and can exercise their rights • Make notices and policies easily accessible: ○ Website ○ Social media ○ Posters/signage ○ Attach to emails about events • Train staff so they can answer questions in line with the privacy notice
6 6 Return to office - vaccine and testing policies Workplace mandates: • Clearly identify the verification process • Specify the information that should/should not be provided • Explain consequences for non-compliance Legitimacy: • Are mandatory policies allowed • Is there a public health requirement to implement a verification policy Necessity: • What is the goal of the policy (i.e., health and safety/prevent transmission in the workplace) Proportionality: • Is verification necessary to achieve the end goal • Are there less intrusive ways to achieve the goal • Do verification practices comply with data minimization
7 7 Clear, Purge and Destroy - What do I do with all this data? Where to start: • Look to data and device inventories, records of processing to understand where data is stored Common data destruction techniques: • Paper shredding • Degaussing: ○ Electromagnetic field must be strong enough to penetrate modern hard drives that use thicker shielding • Physical destruction: ○ Shredding hard drives and storage media into tiny pieces through mechanical shredders ○ Drilling holes in hard drives, hammering or pulverizing *doesn’t actually destroy data but makes the device inoperable to prevent data recovery • Software overwrite: ○ Writing patterns of meaningless data onto each of the hard drive’s sectors *level of security depends on the number of times the hard drive is written over • Use a combination of methods to ensure total data destruction
8 8 Thank You! See http://www.trustarc.com/insightseries for the 2021 Privacy Insight Series and past webinar recordings. If you would like to learn more about how TrustArc can support you with compliance, please reach out to sales@trustarc.com for a free demo.

Recommended

Data protection within development
Data protection within developmentData protection within development
Data protection within developmentowaspsuffolk
 
Final Presentation
Final PresentationFinal Presentation
Final Presentationchris odle
 
Privacy: The New Software Development Dilemma
Privacy: The New Software Development DilemmaPrivacy: The New Software Development Dilemma
Privacy: The New Software Development DilemmaSecurity Innovation
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Information security
Information securityInformation security
Information securityPraveen Minz
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROLshinydey
 
Group 10 - PDPA II.pptx
Group 10 - PDPA II.pptxGroup 10 - PDPA II.pptx
Group 10 - PDPA II.pptxSuthaesh Ramash
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 

Recommended

Data protection within development
Data protection within developmentData protection within development
Data protection within developmentowaspsuffolk
 
Final Presentation
Final PresentationFinal Presentation
Final Presentationchris odle
 
Privacy: The New Software Development Dilemma
Privacy: The New Software Development DilemmaPrivacy: The New Software Development Dilemma
Privacy: The New Software Development DilemmaSecurity Innovation
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Information security
Information securityInformation security
Information securityPraveen Minz
 
SECURITY AND CONTROL
SECURITY AND CONTROLSECURITY AND CONTROL
SECURITY AND CONTROLshinydey
 
Group 10 - PDPA II.pptx
Group 10 - PDPA II.pptxGroup 10 - PDPA II.pptx
Group 10 - PDPA II.pptxSuthaesh Ramash
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
CERN 5 Things you should know about Data Protection
CERN 5 Things you should know about Data ProtectionCERN 5 Things you should know about Data Protection
CERN 5 Things you should know about Data ProtectionEUDAT
 
The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber SecurityMisha Hanin
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Chapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptxChapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptxbalewayalew
 
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...acemindia
 
Access to health data and information – challenges
Access to health data and information – challengesAccess to health data and information – challenges
Access to health data and information – challengesDr Venkatesh Karthikeyan
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Gridbradley_g
 
GDPR Privacy Introduction
GDPR Privacy IntroductionGDPR Privacy Introduction
GDPR Privacy IntroductionNiclasGranqvist
 
GDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to complianceGDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to complianceIT Governance Ltd
 
8 building blocks for a high performance school IT network
8 building blocks for a high performance school IT network8 building blocks for a high performance school IT network
8 building blocks for a high performance school IT networkModrus
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Security Architecture
Security ArchitectureSecurity Architecture
Security ArchitecturePriyank Hada
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White PapaerKristyn Greenwood
 
DLP: Monitoring Legal Obligations, Managing The Challenges
DLP: Monitoring Legal Obligations, Managing The ChallengesDLP: Monitoring Legal Obligations, Managing The Challenges
DLP: Monitoring Legal Obligations, Managing The ChallengesNapier University
 
Presentation: Data Integrity – an international regulatory perspective
Presentation: Data Integrity – an international regulatory perspectivePresentation: Data Integrity – an international regulatory perspective
Presentation: Data Integrity – an international regulatory perspectiveTGA Australia
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Kabul Education University
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessNicholas Davis
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 

More Related Content

Similar to TrustArc Webinar: COVID-19, Two Years Later – Still A Data Privacy Challenge

CERN 5 Things you should know about Data Protection
CERN 5 Things you should know about Data ProtectionCERN 5 Things you should know about Data Protection
CERN 5 Things you should know about Data ProtectionEUDAT
 
The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber SecurityMisha Hanin
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceAdrian Dumitrescu
 
Chapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptxChapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptxbalewayalew
 
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...acemindia
 
Access to health data and information – challenges
Access to health data and information – challengesAccess to health data and information – challenges
Access to health data and information – challengesDr Venkatesh Karthikeyan
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Gridbradley_g
 
GDPR Privacy Introduction
GDPR Privacy IntroductionGDPR Privacy Introduction
GDPR Privacy IntroductionNiclasGranqvist
 
GDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to complianceGDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to complianceIT Governance Ltd
 
8 building blocks for a high performance school IT network
8 building blocks for a high performance school IT network8 building blocks for a high performance school IT network
8 building blocks for a high performance school IT networkModrus
 
Security Architecture
Security ArchitectureSecurity Architecture
Security ArchitecturePriyank Hada
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White PapaerKristyn Greenwood
 
DLP: Monitoring Legal Obligations, Managing The Challenges
DLP: Monitoring Legal Obligations, Managing The ChallengesDLP: Monitoring Legal Obligations, Managing The Challenges
DLP: Monitoring Legal Obligations, Managing The ChallengesNapier University
 
Presentation: Data Integrity – an international regulatory perspective
Presentation: Data Integrity – an international regulatory perspectivePresentation: Data Integrity – an international regulatory perspective
Presentation: Data Integrity – an international regulatory perspectiveTGA Australia
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessNicholas Davis
 

Similar to TrustArc Webinar: COVID-19, Two Years Later – Still A Data Privacy Challenge (20)

CERN 5 Things you should know about Data Protection
CERN 5 Things you should know about Data ProtectionCERN 5 Things you should know about Data Protection
CERN 5 Things you should know about Data Protection
 
The 5 ws of Cyber Security
The 5 ws of Cyber SecurityThe 5 ws of Cyber Security
The 5 ws of Cyber Security
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
Chapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptxChapter -6- Ethics and Professionalism of ET (2).pptx
Chapter -6- Ethics and Professionalism of ET (2).pptx
 
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...
 
Access to health data and information – challenges
Access to health data and information – challengesAccess to health data and information – challenges
Access to health data and information – challenges
 
Enlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter GridEnlightened Privacy – by Design for a Smarter Grid
Enlightened Privacy – by Design for a Smarter Grid
 
GDPR Privacy Introduction
GDPR Privacy IntroductionGDPR Privacy Introduction
GDPR Privacy Introduction
 
GDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to complianceGDPR challenges for the healthcare sector and the practical steps to compliance
GDPR challenges for the healthcare sector and the practical steps to compliance
 
8 building blocks for a high performance school IT network
8 building blocks for a high performance school IT network8 building blocks for a high performance school IT network
8 building blocks for a high performance school IT network
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 
Privacy by Design: White Papaer
Privacy by Design: White PapaerPrivacy by Design: White Papaer
Privacy by Design: White Papaer
 
DLP: Monitoring Legal Obligations, Managing The Challenges
DLP: Monitoring Legal Obligations, Managing The ChallengesDLP: Monitoring Legal Obligations, Managing The Challenges
DLP: Monitoring Legal Obligations, Managing The Challenges
 
Presentation: Data Integrity – an international regulatory perspective
Presentation: Data Integrity – an international regulatory perspectivePresentation: Data Integrity – an international regulatory perspective
Presentation: Data Integrity – an international regulatory perspective
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2Cryptography and Network Security # Lecture 2
Cryptography and Network Security # Lecture 2
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
 

More from TrustArc

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...TrustArc
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesTrustArc
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceTrustArc
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfTrustArc
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...TrustArc
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsTrustArc
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsTrustArc
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...TrustArc
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdfTrustArc
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceTrustArc
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023TrustArc
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustTrustArc
 

More from TrustArc (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI Innovations
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 States
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy Compliance
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy Certifications
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI Governance
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
 

Recently uploaded

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 

Recently uploaded (20)

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

TrustArc Webinar: COVID-19, Two Years Later – Still A Data Privacy Challenge

  • 1. 1 1 © 2022 TrustArc Inc. Proprietary and Confidential Information. COVID-19, Two Years Later – Still A Data Privacy Challenge March 8th, 2022
  • 2. 2 2 Speakers Lindsay Palmer Senior Privacy Research Specialist TrustArc Andy McMenamy Global Privacy Program Manager TrustArc Anna Sophia Oberschelp de Meneses Associate Covington & Burling
  • 3. 3 3 Agenda • The privacy trends and implications of the COVID-19 pandemic • How to effectively implement remote work policies to manage privacy risk • Addressing openness and transparency • Considerations for a healthy return to the office • Secure disposal of COVID-19-related data
  • 4. 4 4 Remote working - trending issues Zero-trust network and computing: • Reconsider the castle-and-moat concept • Focus on identification on an individual user and device level Technical training: • Investment in employee training of security tools Social engineering: • Employees must understand basic IT hygiene and security Managing personal vs. work-issued equipment: • Mobile device management (MDM) Employee/productivity monitoring: • URL-blocking and web-filtering to block access to certain websites • EU prohibits systematic and potentially invasive data processing in the workplace
  • 5. 5 5 Transparency - the ongoing challenge • Be clear, open and honest with people about what you are doing with their personal information: ○ Be specific about the purpose of collection ○ Include retention periods to allay fears about scope of processing ○ Let people know where they can go for more information • Individuals can only have a sense of control over their data if they know about the processing and can exercise their rights • Make notices and policies easily accessible: ○ Website ○ Social media ○ Posters/signage ○ Attach to emails about events • Train staff so they can answer questions in line with the privacy notice
  • 6. 6 6 Return to office - vaccine and testing policies Workplace mandates: • Clearly identify the verification process • Specify the information that should/should not be provided • Explain consequences for non-compliance Legitimacy: • Are mandatory policies allowed • Is there a public health requirement to implement a verification policy Necessity: • What is the goal of the policy (i.e., health and safety/prevent transmission in the workplace) Proportionality: • Is verification necessary to achieve the end goal • Are there less intrusive ways to achieve the goal • Do verification practices comply with data minimization
  • 7. 7 7 Clear, Purge and Destroy - What do I do with all this data? Where to start: • Look to data and device inventories, records of processing to understand where data is stored Common data destruction techniques: • Paper shredding • Degaussing: ○ Electromagnetic field must be strong enough to penetrate modern hard drives that use thicker shielding • Physical destruction: ○ Shredding hard drives and storage media into tiny pieces through mechanical shredders ○ Drilling holes in hard drives, hammering or pulverizing *doesn’t actually destroy data but makes the device inoperable to prevent data recovery • Software overwrite: ○ Writing patterns of meaningless data onto each of the hard drive’s sectors *level of security depends on the number of times the hard drive is written over • Use a combination of methods to ensure total data destruction
  • 8. 8 8 Thank You! See http://www.trustarc.com/insightseries for the 2021 Privacy Insight Series and past webinar recordings. If you would like to learn more about how TrustArc can support you with compliance, please reach out to sales@trustarc.com for a free demo.