Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Business Side of GDPR - cultural and organizational impacts ISBN 978-1718910836 - concept

60 views

Published on

GDPR, the new frontier of data privacy- courtesy of the European Union, but like GSM it is actually for everybody.

This presentation is a visual summary of a book that I released on June 3 2018, ISBN 978-1718910836.

As GDPR and data privacy are a moving target, this time I decided to create a book page http://robertolofaro.com/gdpr where I will keep posting additional material in the future (including links to this presentation or online articles); there you can also find the Amazon link.

This short book is a discussion from a cultural and organizational perspective about the current and potential business impacts of GDPR, and it is a follow up to "The business side of BYOD" (ISBN 978-1494844264), published on 2014-01-30 (on enabling smartphones, tablets, computers, and any other device that goes under the label "Internet of Things" - IoT).

Published in: Business
  • Be the first to comment

  • Be the first to like this

The Business Side of GDPR - cultural and organizational impacts ISBN 978-1718910836 - concept

  1. 1. The Business side of GDPR cultural and organizational impacts Or: why you should learn to stop worrying and love the GDPR
  2. 2. The Business side of GDPR cultural and organizational impacts Or: why you should learn to stop worrying and love the GDPR First: GDPR (a.k.a. REGULATION (EU) 2016/679) is mainly a crossing the Ts and dotting the Is: ➢ To create a level playing field for our data-centric future ➢ To improve on some weaknesses in the implementation and enforcement of its predecessor Second: what is and isn’t GDPR ➢ It contains mainly commons sense that has picked up also some best practices already adopted- and is about “the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)” ➢ It is not cast in stone, allows for some national clarifications, and future developments Third: it doesn’t dictate systems, but provides a framework your organization should comply with Let’s start with some common ground
  3. 3. The Business side of GDPR cultural and organizational impacts Or: why you should learn to stop worrying and love the GDPR First: this isn’t legal advice on GDPR, it is a visual summary of the themes of my new book Second: as I did for BYOD and IoT in January 2014 (also on privacy-related themes) ➢ Reviews from my 30+ years of experience on corporate data GDPR ➢ Dissects the current theme (GDPR regulation), also to identify how to apply it to legacy systems ➢ Uses that analysis as a framework of reference to discuss the future Third: a book on GDPR cannot be a static book ➢ Therefore, it is a mini-book, focused on details about key elements of GDPR, to enable investigating in your company how to converge existing processes&systems with GDPR ➢ The book has its own page that will keep receiving new material, see links in the last slide About this presentation
  4. 4. The Business side of GDPR cultural and organizational impacts Or: why you should learn to stop worrying and love the GDPR Three main themes, and I discussed first “fines” as it is where most confusion has been created (as fear is always a good motivator in impulse purchasing of consulting services) Focus instead on consent, reasonable measures, and design approaches that will prevent failures in compliance Anybody who worked long enough in corporate environments knows that legacy systems have to be brought to compliance while minimizing costs and impacts on processes and people Hence, the framework that I propose (with realistic pre-GDPR examples) presents a suggested approach on how to “map” your existing preparedness and plan change across the organization Closing elements: a GDPR-inspired update on my 2014 material (BYOD, IoT, cloud, outsourcing, etc.)
  5. 5. The Business side of GDPR cultural and organizational impacts Or: why you should learn to stop worrying and love the GDPR The future is by definition about what you don’t know Therefore, I discuss two phases, with a focus on GDPR: ➢ How to prepare your organization to adapt in the future, to improve resilience ➢ How to improve your governance Then, an update on the “tomorrow” side of IoT vs. 2014 Finally, I share few key elements that I think should enter any business model, organizational development, and product strategy activity that considers the use of personal data But: the concept of “personal data” means something in 2018, and will quite certainly to expand in the future- so better to think ahead
  6. 6. The Business side of GDPR cultural and organizational impacts Or: why you should learn to stop worrying and love the GDPR (yes, it comes from a movie, so I did not add it within the book) You can find links to the book, and current (and future) articles and other material on: http://robertolofaro.com/gdpr The book is available on Amazon (price varies across the EU) It is printed on purpose in black-and-white, to allow reusing parts that you deem useful to your organization (e.g. to follow the “landscape mapping” approach that I suggest, as I used it since the 1990s) The bibliography contains links: to tools, articles, and other material that I found useful, and maybe you too could reuse If you want to contact me, I can be reached on Linkedin Other business mini-books on change? A full list here

×