SlideShare a Scribd company logo

20181108 white paper - clarifications around gdpr

T
Thérèse HAQ QAZI

The GDPR is not merely an IT problem, neither is it merely a legal problem ... Our core business within Khagan is historically in Banking and Insurance. As in Healthcare, personal data is particularly sensitive in these industries. Our clients are companies of all sizes. They asked us what we had to propose to support them in their implementation of GDPR. This is the reason why we have decided to deal pragmatically and quickly with what is seen as one constraint more by many. Here after you will find the link to our vision of GDPR's implementation which is not exclusively based on IT or legal issues. Our approach is a pure application of the regulations.

Business
1 of 10
Download to read offline
BE0652853154-KHAGAN-Visitatiestraat134/001-9040GHENT–BELGIUM PHONE+3293293118MAILcontact@khagan.eu Clarifications around GDPR General Data Protection Regulation (GDPR), Regulation (EU) 2016/679
Allrightsreserved.©Khagan-20/11/18 page2 of10  Arnaud BRUN Imanageandenergizelargeteamstogobeyondtheirownexpertiseand drivethem to success ininternationalenvironments. To achievethis, I use the experi- encegainedinthetelecommunicationandbroadcastsindustrieswhereIactedbothasbusiness managerandbusinessunitdeveloper. Jean-Christophe MATHONET My experience as CFO and CRO, Board Member in financial services, within banks and insurance compagnies, allows me to cover a wide range of topics: general management of entities, Risk and finance management, corporate taxes, supervision of IT and operations, accounting, budgeting, creation and restructuring of legal structures, regulatory reporting, acquisitionofcompanies,operationalstatistics,andmanagementaccounting.
Allrightsreserved.©Khagan-20/11/18 page3 of10  The GDPR is not merely an IT problem, neither is it merely a legal problem ... Our core business within Khagan is historically in Banking and Insurance. As in Healthcare, personaldataisparticularlysensitiveinbothindustries.Ourclientsarecompaniesofallsizes. TheyaskeduswhatweareproposingtosupportthemintheirGDPRimplementationandthat is why we have decided to deal pragmatically and quickly with what is seen as one constraint morebymany. We could have written a positive note about why the GDPR is a good initiative. But given that companiesmustfocusontheirbusinessandalreadydrownundernewconstraintsandregula- tions,wesimplylimitedthispapertoourvisionoftheGDPRimplementation.
Allrightsreserved.©Khagan-20/11/18 page4 of10  GDPR is not an IT subject More than half of the articles we see on the subject are driven by IT integration services companies, or security vendors who are very effective at making the company IT security watertightandhenceprotectingallofitsdata.It’sgood,butunfortunatelysomewhatreductive. Inthebestcasetherewillbeaclassificationofthedataofthecompany,butthatwillleavegaps openforanycontrolbyadataprotectionauthority. GDPR is not a legal issue A lot GDPR related articles present a contractual vision of the regulation. These articles often start by frightening you and showing everything that you do wrong to push you in only reviewing your internal and external contractual documents. They sometimes suggest that someadditionalregistersbeputinplace. The actions such articles suggest are necessary and in accordance with the demands of GDPR.
Allrightsreserved.©Khagan-20/11/18 page5 of10  GDPR is a distorting magnifier of the wrong habits taken by most of us in our training and professional molds respectively: the engineers take refuge in a technical comfort zone when the lawyers find refuge in the comfort of contracts. In both cases, the coherence brought by the governance is lacking. Moreover, the alignment with the organization’s strategy is often lacking. The person in charge of the GDPR is a rare bird TheArticle37(5)oftheGDPR,explainsthattheDataProtectionOfficer(DPO)“shallbeselected onthebasisofprofessionalskillsand,inparticular,itsexpertknowledgeofdataprotectionlaw andpracticesandtheabilitytofulfilthetasksreferredtoinArticle39”. Although Article 37(5) does not specify the skills that should be considered when appointing the DPO, DPO’s must have expertise in national and European data protection laws and practices and an in-depth understanding of GDPR. It can also prove to be helpful if the DPO hasgonethroughaspecifictrainingcertifiedbytheauthorities.
Allrightsreserved.©Khagan-20/11/18 page6 of10  Understandingofthebusinessandoftheorganizationofthecontrollerisalsoarequirement. The DPO should also have a good understanding of the processing operations carried out, as wellastheinformationsystems,datasecurityanddataprotectionneedsofthecontroller. In the case of a public authority, the DPO should also have a sound knowledge of the adminis- trativerulesandproceduresoftheorganization. It is important to understand that there are only self-proclaimed experts in GDPR because there is no training duly validated by the control authorities. The authorities are themselves intheprocessoframpingupandhadnotthetime,yet,tocertifytrainers.Nowadays,wenotice that,withtwotofivedaysoftraining,youcanclaimtobeacertifiedDPO. The Khagan approach on the GDPR Khagan leverages its banking and insurance expertise. In these industries, GDPR is a “non-event” as most of the underlyingconcepts have always beenapplied. All our consultants faced a very stringent and secure management of the IT systems and the data, be it from an internaloranexternalpointofview. As we have always done, we manage the GDPR with a pragmatic governance approach that allows you and your partners to soundly face an audit by the regulator or any internal or external complaint. Our implementation approach uses a set of documents that you can fit to
Allrightsreserved.©Khagan-20/11/18 page7 of10  yourneeds.Thesetmainlyincludes: › › Achecklistandmethodologywithanintroductiontothetopicstobe coveredandanexplanationofthemethodology, › › Usefulprocedurestoimplementinyourcompany(customerrequests, recruitment...) › › Alistofcommunicationstoputinplace › › FormsanddocumentstosupportyourGDPRpath(decisionstaken, impactassessment,reporttothesupervisoryauthority) › › Atemplateforthedatainventorytoknow,amongstothers,whereeach informationislocated › › Oneemptyprocessregisterandanotheralreadyfilledintoallowyouto savetimeduringtheimplementation › › Severalcontractualclausesalreadydraftedtoappendtoyourdifferent contracts Wealsoproposeanoutsourced-DPOservicebecauseweknowthatmanycompaniesdonothave auditandcontrolstafftoindependentlymanagetheGDPRprocess.
Allrightsreserved.©Khagan-20/11/18 page8 of10  Want to talk about it? Phone: +32 (0) 9 329 31 18 Email: contact@khagan.eu
Allrightsreserved.©Khagan-20/11/18 page9 of10  You can always contact us. Arnaud Brun Jean-Christophe Mathonet Director Associate arnaud.brun@khagan.eu jc.mathonet@khagan.eu +32493366215 +32475288423 French, English French, Dutch, English Thérèse Haq Qazi Associate therese.haqqazi@khagan.eu +32488408014 French, Dutch, English
www.khagan.eu

Recommended

GDPR & You, Claus Mortensen, Ecosystm
GDPR & You, Claus Mortensen, EcosystmGDPR & You, Claus Mortensen, Ecosystm
GDPR & You, Claus Mortensen, EcosystmChris White
 
The Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsThe Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsElliot Reeman
 
Cognizant business consulting the impacts of gdpr
Cognizant business consulting the impacts of gdprCognizant business consulting the impacts of gdpr
Cognizant business consulting the impacts of gdpraudrey miguel
 
GDPR compliance with Varonis
GDPR compliance with VaronisGDPR compliance with Varonis
GDPR compliance with VaronisAngad Dayal
 
An Overview Of GDPR (General Data Protection Regulation)
An Overview Of GDPR (General Data Protection Regulation)An Overview Of GDPR (General Data Protection Regulation)
An Overview Of GDPR (General Data Protection Regulation)Madhumita Mantri
 
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...PECB
 
EU GDPR(general data protection regulation)
EU GDPR(general data protection regulation)EU GDPR(general data protection regulation)
EU GDPR(general data protection regulation)RAKESH S
 
Why is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksWhy is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksVISTA InfoSec
 

Recommended

GDPR & You, Claus Mortensen, Ecosystm
GDPR & You, Claus Mortensen, EcosystmGDPR & You, Claus Mortensen, Ecosystm
GDPR & You, Claus Mortensen, EcosystmChris White
 
The Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsThe Countdown to the GDPR Regulations
The Countdown to the GDPR RegulationsElliot Reeman
 
Cognizant business consulting the impacts of gdpr
Cognizant business consulting the impacts of gdprCognizant business consulting the impacts of gdpr
Cognizant business consulting the impacts of gdpraudrey miguel
 
GDPR compliance with Varonis
GDPR compliance with VaronisGDPR compliance with Varonis
GDPR compliance with VaronisAngad Dayal
 
An Overview Of GDPR (General Data Protection Regulation)
An Overview Of GDPR (General Data Protection Regulation)An Overview Of GDPR (General Data Protection Regulation)
An Overview Of GDPR (General Data Protection Regulation)Madhumita Mantri
 
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...PECB
 
EU GDPR(general data protection regulation)
EU GDPR(general data protection regulation)EU GDPR(general data protection regulation)
EU GDPR(general data protection regulation)RAKESH S
 
Why is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksWhy is gdpr essential for small businesses with links
Why is gdpr essential for small businesses with linksVISTA InfoSec
 
GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleMickey Mellen
 
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationGDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationFERMA
 
Operational impact of gdpr finance industries in the caribbean
Operational impact of gdpr finance industries in the caribbeanOperational impact of gdpr finance industries in the caribbean
Operational impact of gdpr finance industries in the caribbeanEquiGov Institute
 
Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)Gerson Trigueiros
 
Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)Kwanko
 
GDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality OwnersGDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality OwnersBoostly
 
Are you GDPRed yet?
Are you GDPRed yet?Are you GDPRed yet?
Are you GDPRed yet?Datamatics Business Solutions Ltd.
 
GDPR: Time to Act
GDPR: Time to ActGDPR: Time to Act
GDPR: Time to ActCathy Gilmartin
 
Fasten Your Belts for #GDPR
Fasten Your Belts for #GDPRFasten Your Belts for #GDPR
Fasten Your Belts for #GDPR"John "Jeb"" Beckwith
 
Fasten Your Belts for GDPR
Fasten Your Belts for GDPRFasten Your Belts for GDPR
Fasten Your Belts for GDPR"John "Jeb"" Beckwith
 
GDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free DownloadGDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free DownloadVisitor Analytics
 
Do You Have a Roadmap for EU GDPR Compliance? Article
Do You Have a Roadmap for EU GDPR Compliance? ArticleDo You Have a Roadmap for EU GDPR Compliance? Article
Do You Have a Roadmap for EU GDPR Compliance? ArticleUlf Mattsson
 
IDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRIDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRVeritas Technologies LLC
 
GDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your businessGDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your businessMark Baker
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. dan hyde
 
The Basics of GDPR
The Basics of GDPR The Basics of GDPR
The Basics of GDPR Bhupesh Chaurasia
 
What is GDPR Data Flow Mapping
What is GDPR Data Flow MappingWhat is GDPR Data Flow Mapping
What is GDPR Data Flow MappingVISTA InfoSec
 
Come cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeoCome cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeoGiulio Coraggio
 
Top 10 GDPR solution providers 2020
Top 10 GDPR solution providers 2020Top 10 GDPR solution providers 2020
Top 10 GDPR solution providers 2020TheCEOViews
 
GDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation ChecklistGDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation ChecklistNetworkIQ
 
Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptx
Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptxExploring-Pipe-Flanges-Applications-Types-and-Benefits.pptx
Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptxTexas Flange
 
How to refresh to be fit for the future world
How to refresh to be fit for the future worldHow to refresh to be fit for the future world
How to refresh to be fit for the future worldChris Skinner
 

More Related Content

Similar to 20181108 white paper - clarifications around gdpr

GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleMickey Mellen
 
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationGDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationFERMA
 
Operational impact of gdpr finance industries in the caribbean
Operational impact of gdpr finance industries in the caribbeanOperational impact of gdpr finance industries in the caribbean
Operational impact of gdpr finance industries in the caribbeanEquiGov Institute
 
Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)Gerson Trigueiros
 
Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)Kwanko
 
GDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality OwnersGDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality OwnersBoostly
 
GDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free DownloadGDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free DownloadVisitor Analytics
 
Do You Have a Roadmap for EU GDPR Compliance? Article
Do You Have a Roadmap for EU GDPR Compliance? ArticleDo You Have a Roadmap for EU GDPR Compliance? Article
Do You Have a Roadmap for EU GDPR Compliance? ArticleUlf Mattsson
 
GDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your businessGDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your businessMark Baker
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. dan hyde
 
What is GDPR Data Flow Mapping
What is GDPR Data Flow MappingWhat is GDPR Data Flow Mapping
What is GDPR Data Flow MappingVISTA InfoSec
 
Come cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeoCome cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeoGiulio Coraggio
 
Top 10 GDPR solution providers 2020
Top 10 GDPR solution providers 2020Top 10 GDPR solution providers 2020
Top 10 GDPR solution providers 2020TheCEOViews
 
GDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation ChecklistGDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation ChecklistNetworkIQ
 

Similar to 20181108 white paper - clarifications around gdpr (20)

GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal Trouble
 
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationGDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementation
 
Operational impact of gdpr finance industries in the caribbean
Operational impact of gdpr finance industries in the caribbeanOperational impact of gdpr finance industries in the caribbean
Operational impact of gdpr finance industries in the caribbean
 
Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)
 
Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)Infographic : What's going to change with the GDPR (2018)
Infographic : What's going to change with the GDPR (2018)
 
GDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality OwnersGDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality Owners
 
Are you GDPRed yet?
Are you GDPRed yet?Are you GDPRed yet?
Are you GDPRed yet?
 
GDPR: Time to Act
GDPR: Time to ActGDPR: Time to Act
GDPR: Time to Act
 
Fasten Your Belts for #GDPR
Fasten Your Belts for #GDPRFasten Your Belts for #GDPR
Fasten Your Belts for #GDPR
 
Fasten Your Belts for GDPR
Fasten Your Belts for GDPRFasten Your Belts for GDPR
Fasten Your Belts for GDPR
 
GDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free DownloadGDPR & Data Privacy Guide - Free Download
GDPR & Data Privacy Guide - Free Download
 
Do You Have a Roadmap for EU GDPR Compliance? Article
Do You Have a Roadmap for EU GDPR Compliance? ArticleDo You Have a Roadmap for EU GDPR Compliance? Article
Do You Have a Roadmap for EU GDPR Compliance? Article
 
IDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRIDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPR
 
GDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your businessGDPR- Get the facts and prepare your business
GDPR- Get the facts and prepare your business
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
 
The Basics of GDPR
The Basics of GDPR The Basics of GDPR
The Basics of GDPR
 
What is GDPR Data Flow Mapping
What is GDPR Data Flow MappingWhat is GDPR Data Flow Mapping
What is GDPR Data Flow Mapping
 
Come cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeoCome cambia la cybersecurity con il regolamento privacy europeo
Come cambia la cybersecurity con il regolamento privacy europeo
 
Top 10 GDPR solution providers 2020
Top 10 GDPR solution providers 2020Top 10 GDPR solution providers 2020
Top 10 GDPR solution providers 2020
 
GDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation ChecklistGDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation Checklist
 

Recently uploaded

Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptx
Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptxExploring-Pipe-Flanges-Applications-Types-and-Benefits.pptx
Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptxTexas Flange
 
How to refresh to be fit for the future world
How to refresh to be fit for the future worldHow to refresh to be fit for the future world
How to refresh to be fit for the future worldChris Skinner
 
wagamamaLab presentation @MIT 20240509 IRODORI
wagamamaLab presentation @MIT 20240509 IRODORIwagamamaLab presentation @MIT 20240509 IRODORI
wagamamaLab presentation @MIT 20240509 IRODORIIRODORI inc.
 
The Vietnam Believer Newsletter_May 13th, 2024_ENVol. 007.pdf
The Vietnam Believer Newsletter_May 13th, 2024_ENVol. 007.pdfThe Vietnam Believer Newsletter_May 13th, 2024_ENVol. 007.pdf
The Vietnam Believer Newsletter_May 13th, 2024_ENVol. 007.pdfbelieveminhh
 
Creating an Income Statement with Forecasts: A Simple Guide and Free Excel Te...
Creating an Income Statement with Forecasts: A Simple Guide and Free Excel Te...Creating an Income Statement with Forecasts: A Simple Guide and Free Excel Te...
Creating an Income Statement with Forecasts: A Simple Guide and Free Excel Te...Aurelien Domont, MBA
 
1Q24_EN hyundai capital 1q performance
1Q24_EN hyundai capital 1q performance1Q24_EN hyundai capital 1q performance
1Q24_EN hyundai capital 1q performanceirhcs
 
Abortion pills in Muscut<Oman(+27737758557) Cytotec available.inn Kuwait City.
Abortion pills in Muscut<Oman(+27737758557) Cytotec available.inn Kuwait City.Abortion pills in Muscut<Oman(+27737758557) Cytotec available.inn Kuwait City.
Abortion pills in Muscut<Oman(+27737758557) Cytotec available.inn Kuwait City.daisycvs
 
Understanding Financial Accounting 3rd Canadian Edition by Christopher D. Bur...
Understanding Financial Accounting 3rd Canadian Edition by Christopher D. Bur...Understanding Financial Accounting 3rd Canadian Edition by Christopher D. Bur...
Understanding Financial Accounting 3rd Canadian Edition by Christopher D. Bur...ssuserf63bd7
 
HAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future ProspectsHAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future ProspectsRajesh Gupta
 
Pay after result spell caster (,$+27834335081)@ bring back lost lover same da...
Pay after result spell caster (,$+27834335081)@ bring back lost lover same da...Pay after result spell caster (,$+27834335081)@ bring back lost lover same da...
Pay after result spell caster (,$+27834335081)@ bring back lost lover same da...BabaJohn3
 
RATINGS OF EACH VIDEO FOR UNI PROJECT IWDSFODF
RATINGS OF EACH VIDEO FOR UNI PROJECT IWDSFODFRATINGS OF EACH VIDEO FOR UNI PROJECT IWDSFODF
RATINGS OF EACH VIDEO FOR UNI PROJECT IWDSFODFCaitlinCummins3
 
How Bookkeeping helps you in Cost Saving, Tax Saving and Smooth Business Runn...
How Bookkeeping helps you in Cost Saving, Tax Saving and Smooth Business Runn...How Bookkeeping helps you in Cost Saving, Tax Saving and Smooth Business Runn...
How Bookkeeping helps you in Cost Saving, Tax Saving and Smooth Business Runn...YourLegal Accounting
 
如何办理(SUT毕业证书)斯威本科技大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(SUT毕业证书)斯威本科技大学毕业证成绩单本科硕士学位证留信学历认证如何办理(SUT毕业证书)斯威本科技大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(SUT毕业证书)斯威本科技大学毕业证成绩单本科硕士学位证留信学历认证ogawka
 
First Time Home Buyer's Guide - KM Realty Group LLC
First Time Home Buyer's Guide - KM Realty Group LLCFirst Time Home Buyer's Guide - KM Realty Group LLC
First Time Home Buyer's Guide - KM Realty Group LLCTammy Jackson
 
Presentation4 (2) survey responses clearly labelled
Presentation4 (2) survey responses clearly labelledPresentation4 (2) survey responses clearly labelled
Presentation4 (2) survey responses clearly labelledCaitlinCummins3
 
Toyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & TransformationsToyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & TransformationsStefan Wolpers
 
High Profile Bangalore Just VIP Brigade Road 100% Genuine at your Door Step
High Profile Bangalore Just VIP Brigade Road 100% Genuine at your Door StepHigh Profile Bangalore Just VIP Brigade Road 100% Genuine at your Door Step
High Profile Bangalore Just VIP Brigade Road 100% Genuine at your Door Stepdarmandersingh4580
 
Blinkit: Revolutionizing the On-Demand Grocery Delivery Service.pptx
Blinkit: Revolutionizing the On-Demand Grocery Delivery Service.pptxBlinkit: Revolutionizing the On-Demand Grocery Delivery Service.pptx
Blinkit: Revolutionizing the On-Demand Grocery Delivery Service.pptxSaksham Gupta
 
tekAura | Desktop Procedure Template (2016)
tekAura | Desktop Procedure Template (2016)tekAura | Desktop Procedure Template (2016)
tekAura | Desktop Procedure Template (2016)Norah Medlin
 

Recently uploaded (20)

Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptx
Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptxExploring-Pipe-Flanges-Applications-Types-and-Benefits.pptx
Exploring-Pipe-Flanges-Applications-Types-and-Benefits.pptx
 
How to refresh to be fit for the future world
How to refresh to be fit for the future worldHow to refresh to be fit for the future world
How to refresh to be fit for the future world
 
wagamamaLab presentation @MIT 20240509 IRODORI
wagamamaLab presentation @MIT 20240509 IRODORIwagamamaLab presentation @MIT 20240509 IRODORI
wagamamaLab presentation @MIT 20240509 IRODORI
 
The Vietnam Believer Newsletter_May 13th, 2024_ENVol. 007.pdf
The Vietnam Believer Newsletter_May 13th, 2024_ENVol. 007.pdfThe Vietnam Believer Newsletter_May 13th, 2024_ENVol. 007.pdf
The Vietnam Believer Newsletter_May 13th, 2024_ENVol. 007.pdf
 
Creating an Income Statement with Forecasts: A Simple Guide and Free Excel Te...
Creating an Income Statement with Forecasts: A Simple Guide and Free Excel Te...Creating an Income Statement with Forecasts: A Simple Guide and Free Excel Te...
Creating an Income Statement with Forecasts: A Simple Guide and Free Excel Te...
 
1Q24_EN hyundai capital 1q performance
1Q24_EN hyundai capital 1q performance1Q24_EN hyundai capital 1q performance
1Q24_EN hyundai capital 1q performance
 
Abortion pills in Muscut<Oman(+27737758557) Cytotec available.inn Kuwait City.
Abortion pills in Muscut<Oman(+27737758557) Cytotec available.inn Kuwait City.Abortion pills in Muscut<Oman(+27737758557) Cytotec available.inn Kuwait City.
Abortion pills in Muscut<Oman(+27737758557) Cytotec available.inn Kuwait City.
 
WAM Corporate Presentation May 2024_w.pdf
WAM Corporate Presentation May 2024_w.pdfWAM Corporate Presentation May 2024_w.pdf
WAM Corporate Presentation May 2024_w.pdf
 
Understanding Financial Accounting 3rd Canadian Edition by Christopher D. Bur...
Understanding Financial Accounting 3rd Canadian Edition by Christopher D. Bur...Understanding Financial Accounting 3rd Canadian Edition by Christopher D. Bur...
Understanding Financial Accounting 3rd Canadian Edition by Christopher D. Bur...
 
HAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future ProspectsHAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future Prospects
 
Pay after result spell caster (,$+27834335081)@ bring back lost lover same da...
Pay after result spell caster (,$+27834335081)@ bring back lost lover same da...Pay after result spell caster (,$+27834335081)@ bring back lost lover same da...
Pay after result spell caster (,$+27834335081)@ bring back lost lover same da...
 
RATINGS OF EACH VIDEO FOR UNI PROJECT IWDSFODF
RATINGS OF EACH VIDEO FOR UNI PROJECT IWDSFODFRATINGS OF EACH VIDEO FOR UNI PROJECT IWDSFODF
RATINGS OF EACH VIDEO FOR UNI PROJECT IWDSFODF
 
How Bookkeeping helps you in Cost Saving, Tax Saving and Smooth Business Runn...
How Bookkeeping helps you in Cost Saving, Tax Saving and Smooth Business Runn...How Bookkeeping helps you in Cost Saving, Tax Saving and Smooth Business Runn...
How Bookkeeping helps you in Cost Saving, Tax Saving and Smooth Business Runn...
 
如何办理(SUT毕业证书)斯威本科技大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(SUT毕业证书)斯威本科技大学毕业证成绩单本科硕士学位证留信学历认证如何办理(SUT毕业证书)斯威本科技大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(SUT毕业证书)斯威本科技大学毕业证成绩单本科硕士学位证留信学历认证
 
First Time Home Buyer's Guide - KM Realty Group LLC
First Time Home Buyer's Guide - KM Realty Group LLCFirst Time Home Buyer's Guide - KM Realty Group LLC
First Time Home Buyer's Guide - KM Realty Group LLC
 
Presentation4 (2) survey responses clearly labelled
Presentation4 (2) survey responses clearly labelledPresentation4 (2) survey responses clearly labelled
Presentation4 (2) survey responses clearly labelled
 
Toyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & TransformationsToyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & Transformations
 
High Profile Bangalore Just VIP Brigade Road 100% Genuine at your Door Step
High Profile Bangalore Just VIP Brigade Road 100% Genuine at your Door StepHigh Profile Bangalore Just VIP Brigade Road 100% Genuine at your Door Step
High Profile Bangalore Just VIP Brigade Road 100% Genuine at your Door Step
 
Blinkit: Revolutionizing the On-Demand Grocery Delivery Service.pptx
Blinkit: Revolutionizing the On-Demand Grocery Delivery Service.pptxBlinkit: Revolutionizing the On-Demand Grocery Delivery Service.pptx
Blinkit: Revolutionizing the On-Demand Grocery Delivery Service.pptx
 
tekAura | Desktop Procedure Template (2016)
tekAura | Desktop Procedure Template (2016)tekAura | Desktop Procedure Template (2016)
tekAura | Desktop Procedure Template (2016)
 

20181108 white paper - clarifications around gdpr

  • 2. Allrightsreserved.©Khagan-20/11/18 page2 of10  Arnaud BRUN Imanageandenergizelargeteamstogobeyondtheirownexpertiseand drivethem to success ininternationalenvironments. To achievethis, I use the experi- encegainedinthetelecommunicationandbroadcastsindustrieswhereIactedbothasbusiness managerandbusinessunitdeveloper. Jean-Christophe MATHONET My experience as CFO and CRO, Board Member in financial services, within banks and insurance compagnies, allows me to cover a wide range of topics: general management of entities, Risk and finance management, corporate taxes, supervision of IT and operations, accounting, budgeting, creation and restructuring of legal structures, regulatory reporting, acquisitionofcompanies,operationalstatistics,andmanagementaccounting.
  • 3. Allrightsreserved.©Khagan-20/11/18 page3 of10  The GDPR is not merely an IT problem, neither is it merely a legal problem ... Our core business within Khagan is historically in Banking and Insurance. As in Healthcare, personaldataisparticularlysensitiveinbothindustries.Ourclientsarecompaniesofallsizes. TheyaskeduswhatweareproposingtosupportthemintheirGDPRimplementationandthat is why we have decided to deal pragmatically and quickly with what is seen as one constraint morebymany. We could have written a positive note about why the GDPR is a good initiative. But given that companiesmustfocusontheirbusinessandalreadydrownundernewconstraintsandregula- tions,wesimplylimitedthispapertoourvisionoftheGDPRimplementation.
  • 4. Allrightsreserved.©Khagan-20/11/18 page4 of10  GDPR is not an IT subject More than half of the articles we see on the subject are driven by IT integration services companies, or security vendors who are very effective at making the company IT security watertightandhenceprotectingallofitsdata.It’sgood,butunfortunatelysomewhatreductive. Inthebestcasetherewillbeaclassificationofthedataofthecompany,butthatwillleavegaps openforanycontrolbyadataprotectionauthority. GDPR is not a legal issue A lot GDPR related articles present a contractual vision of the regulation. These articles often start by frightening you and showing everything that you do wrong to push you in only reviewing your internal and external contractual documents. They sometimes suggest that someadditionalregistersbeputinplace. The actions such articles suggest are necessary and in accordance with the demands of GDPR.
  • 5. Allrightsreserved.©Khagan-20/11/18 page5 of10  GDPR is a distorting magnifier of the wrong habits taken by most of us in our training and professional molds respectively: the engineers take refuge in a technical comfort zone when the lawyers find refuge in the comfort of contracts. In both cases, the coherence brought by the governance is lacking. Moreover, the alignment with the organization’s strategy is often lacking. The person in charge of the GDPR is a rare bird TheArticle37(5)oftheGDPR,explainsthattheDataProtectionOfficer(DPO)“shallbeselected onthebasisofprofessionalskillsand,inparticular,itsexpertknowledgeofdataprotectionlaw andpracticesandtheabilitytofulfilthetasksreferredtoinArticle39”. Although Article 37(5) does not specify the skills that should be considered when appointing the DPO, DPO’s must have expertise in national and European data protection laws and practices and an in-depth understanding of GDPR. It can also prove to be helpful if the DPO hasgonethroughaspecifictrainingcertifiedbytheauthorities.
  • 6. Allrightsreserved.©Khagan-20/11/18 page6 of10  Understandingofthebusinessandoftheorganizationofthecontrollerisalsoarequirement. The DPO should also have a good understanding of the processing operations carried out, as wellastheinformationsystems,datasecurityanddataprotectionneedsofthecontroller. In the case of a public authority, the DPO should also have a sound knowledge of the adminis- trativerulesandproceduresoftheorganization. It is important to understand that there are only self-proclaimed experts in GDPR because there is no training duly validated by the control authorities. The authorities are themselves intheprocessoframpingupandhadnotthetime,yet,tocertifytrainers.Nowadays,wenotice that,withtwotofivedaysoftraining,youcanclaimtobeacertifiedDPO. The Khagan approach on the GDPR Khagan leverages its banking and insurance expertise. In these industries, GDPR is a “non-event” as most of the underlyingconcepts have always beenapplied. All our consultants faced a very stringent and secure management of the IT systems and the data, be it from an internaloranexternalpointofview. As we have always done, we manage the GDPR with a pragmatic governance approach that allows you and your partners to soundly face an audit by the regulator or any internal or external complaint. Our implementation approach uses a set of documents that you can fit to
  • 7. Allrightsreserved.©Khagan-20/11/18 page7 of10  yourneeds.Thesetmainlyincludes: › › Achecklistandmethodologywithanintroductiontothetopicstobe coveredandanexplanationofthemethodology, › › Usefulprocedurestoimplementinyourcompany(customerrequests, recruitment...) › › Alistofcommunicationstoputinplace › › FormsanddocumentstosupportyourGDPRpath(decisionstaken, impactassessment,reporttothesupervisoryauthority) › › Atemplateforthedatainventorytoknow,amongstothers,whereeach informationislocated › › Oneemptyprocessregisterandanotheralreadyfilledintoallowyouto savetimeduringtheimplementation › › Severalcontractualclausesalreadydraftedtoappendtoyourdifferent contracts Wealsoproposeanoutsourced-DPOservicebecauseweknowthatmanycompaniesdonothave auditandcontrolstafftoindependentlymanagetheGDPRprocess.
  • 8. Allrightsreserved.©Khagan-20/11/18 page8 of10  Want to talk about it? Phone: +32 (0) 9 329 31 18 Email: contact@khagan.eu
  • 9. Allrightsreserved.©Khagan-20/11/18 page9 of10  You can always contact us. Arnaud Brun Jean-Christophe Mathonet Director Associate arnaud.brun@khagan.eu jc.mathonet@khagan.eu +32493366215 +32475288423 French, English French, Dutch, English Thérèse Haq Qazi Associate therese.haqqazi@khagan.eu +32488408014 French, Dutch, English