More Related Content
Similar to GDPR Awareness for YOU (20)
GDPR Awareness for YOU
- 1. © Cliff Gibson 2017
GDPR: IT’S ABOUTYOU
“Your rights as an EU Citizen, regardless of where in
the world your data is being processed”
*GDPR: General Data Protection Regulation
@CliffKGibson
- 2. © Cliff Gibson 2017
Why the new regulations
2015 • 480,000,000
2016 • 3,154,135,541
2017 • ???
Your personal data, the data of
your family, your children & grand
children is being lost or stolen.
Your data is being used to support
crime against you and others.
Your data is being sold to
marketing companies without
your knowledge.
- 3. © Cliff Gibson 2017
I have the right to
know what data you
hold about me.
1
I have the right to
request you send my
data to another
provider.
2
I have the right to be
forgotten.
3
I have the right to
request you correct
my data.
4
I have the right to see
what data you hold
about my Children.
5
Know your rights
- 4. © Cliff Gibson 2017
25%
25%
25%
25%
CUSTOMER
• CRM
• Accounts Receivable
• Data Warehouse
VENDOR
• Vendor Management
• Contracts Management
• Accounts Payable
CONTRACTOR
• Permit to Work
• Finance
EMPLOYEE
• HR System
• Occupational Health
• Travel Booking
• Expenses
• Payroll
“Single view of YOU”, whatever your role
You can often be both a Customer and
Employee of the same organisation.
“Single View of Customer”
is not enough, think bigger with
“Single View of Person”
- 5. © Cliff Gibson 2017
GDPR
What Data
Why Needed
Who Has Access
Where Is It Sent
How Long
Kept For
Can I See It
Can you Change It
Is It SecureConsent
Prove It
- 6. © Cliff Gibson 2017
CONSENT
UNDERSTAND
MANAGE
DELETE
ACT
CONSENT
Demonstrate explicit consent for the collection & specific use
of your data
UNDERSTAND
Demonstrate understanding of what data is collected, how it is
used, where it is, where it is sent and who has access
MANAGE
Policies in place to design systems securely & notify regulators
of any losses of data. Compliance is not a one off exercise
DELETE
Only keep data for its intended purpose, and delete it as soon
as it is no longer required
ACT
Companies need to be acting now, there is no excuse not to be
prepared for GDPR
What companies need to do,
by 25th May 2018
*Some of what companies need to do!