SlideShare a Scribd company logo

Build Your Foundation: Strategies and Tools for Managing Retention and Personal Data Risks

Download as PPTX, PDF
Iron Mountain
Iron Mountain

Privacy is more of a priority than ever. With new, heavy-hitting regulations being introduced nationally and globally (such as GDPR and CCPA), as well as news about high-profile data breaches and mishandling of private information by companies, it’s not hard to see why. The key to a successful privacy program is to manage your information throughout its lifecycle with strong governance rooted in policy. In this presentation, learn about the tools, strategies, and techniques public and private organizations are using to identify, manage, and dispose of personal data.

Technology
1 of 37
Building Your Foundation: Strategies and Tools for Managing Retention and Personal Data Risks May 2, 2019 ©2019 Iron Mountain Incorporated. All rights reserved. Iron Mountain and the design of the mountain are registered trademarks of Iron Mountain Incorporated in the U.S. and other countries. All other trademarks and registered trademarks are the property of their respective owners.
Speaker Information Kelly Matoney, JD/MBA/CIPM Principal & Practice Leader Iron Mountain Moderator & Panelist Carole LaRochelle, MLIS/CIPM Information Governance & Records Administrator, PGA TOUR Panelist Shannon R. Dahn, MPP/CIPP/G Privacy Section Chief, Office of the Chief Information Security Officer Federal Deposit Insurance Corporation Panelist
Agenda I. Welcome and Introductions II. The Information Challenge III. Strategies & Tools for Developing Personal Data Inventory & Data Maps IV. Assessing Risks & Prioritizing Data Remediation Activities V. Solutions for Managing Records to Meet Data Retention & Disposal Obligations VI. Questions and Answers VII. Closing Remarks
The Information Challenge
The Information Challenge 2004 Legal dept drafts records policy & retention schedules 1920s Tournament golf developed 1950s-1960s Operated as part of PGA of America 1968 PGA TOUR becomes separate entity 1980s Records are born; Stadium Golf & Tournament Players Clubs network 1980s- Paper records managed by Facilities & Legal Librarian 2003 Scanning of paper records into homegrown repository 2020 New headquarters 2013 2016 Hurricane Matthew 2018 GDPR
NEW PGA HEADQUARTERS
Ways records are held The Information Challenge Hard-copy historical records Mainframe systems Unstructured data Modernizing IT
The Information Challenge Finding the right balance
How Do You Know: What you have? Where is it? Who’s data is it? What rights do they have?
DISPOSE/ RECYCLE ENABLE RESTORATION AND DISASTER RECOVERY SECURELY STORE AND ACCESS LEVERAGE INTELLIGENCE & INSIGHTS DIGITIZE/CONVERT/ MIGRATE INTEGRATE WORKFLOW/BPM APPLY RETENTION, PRIVACY & CLASSIFICATON CREATE CONTENT POLICY & GOVERNANCE DIGITAL & PHYSICAL Your Information Lifecycle
POLICY & GOVERNANCE DIGITAL & PHYSICAL
What is a Record and PII?
Assess Internal/External Environments Deep-dive assessment of departments’ records processing activities Updated vendor agreements
 Revised privacy policy  Enterprise Privacy Framework  Implement Resources – ongoing web training KnowBe4  Standardize Data Protection & Compliance Update/Implement Policies & Tools
• Formed a grass-roots working group, RISC • Explained impact of failure to comply • Socialization & Education Employee Engagement
Compliance Program
Existing Law & Policy Requirements Leverage the Current Environment Chief Data Officer Requirement
Existing Record Job Aids Employee Engagement Data Clean-up Days General Employee Awareness Campaigns
Create a Unified View of Your Personal Data and Related Obligations SHOW CONNECTIONS VISUALLY THROUGH DATA FLOW MAPS CONNECT CRITICAL INFORMATION ABOUT YOUR PERSONAL DATA
POLICY & GOVERNANCE DIGITAL & PHYSICAL
• Focus on consumer data • Outside consultant to perform GDPR risk analysis/gap assessment • Data inventory assessment of 34 internal groups Assess Risks
Personally Identifiable Information Fair Information Practice Principles • Minimization • Accountability and Auditing • Individual Participation Evolving NIST Risk Management Framework Emphasis on reducing risk to PII Focus on PII
Risk Map Source: https://www.cnil.fr/sites/default/files/typo/docu ment/CNIL-ManagingPrivacyRisks-Methodology.pdf
POLICY & GOVERNANCE DIGITAL & PHYSICAL
Retention Solutions • Records Management Policy resurrected, reviewed, revised, finalized • Incorporate 3 main concepts of Records Management • Addressed electronic documents management • Introduced email classification/etiquette • Restructured IT department
Iron Mountain® Policy Center Solution
Privacy Programmatic Approach Options
Reduce Costs & Risks Most information is needlessly retained far beyond retention requirements. Over-retained information is a liability and racks up costs They can’t hack what you don’t have. Get rid of what you legally can to protect yourself from data breaches Having a current retention schedule and sticking to it consistently will help you: • reduce risk (regulatory, legal, financial, operational, AND reputational) • save on storage and legal discovery costs • satisfy audits and regulatory inquiries • defend your program in legal and litigation matters Retention Schedule = Foundation for Consistency
The Advantage of Managing Privacy and Retention Together Increasing privacy concerns and regulations like the GDPR are elevating the need for privacy and retention to be managed together so you can:  Have a unified view of your personal data and related obligations  Dispose of private information as soon as possible  Reduce unnecessary exposure to data breaches
Top Tips • Information Lifecycle Management is more important than ever to address privacy concerns • Define what a record is to your company • Consider working with a consultant and leveraging technologies • Retention and privacy must be managed together • Employee engagement is imperative for your privacy program
Connect With Us Follow #peakofprivacy and @IronMountain Connect with the speakers: • Kelly Matoney, Privacy Principal & Practice Leader, Iron Mountain • Carole LaRochelle, Information Governance & Records Administrator, PGA TOUR • Shannon Dahn, Privacy Section Chief, FDIC
QUESTIONS & ANSWERS
Iron Mountain® Policy Center Solution Iron Mountain® Privacy Advisory Service www.ironmountain.com/dataprivacy Resources
How Did Things Go? (We Really Want To Know) Did you enjoy this session? Is there any way we could make it better? Let us know by filling out a speaker evaluation. Start by opening the IAPP Events App Select this session and tap “Rate the Session” Once you’ve answered all three questions, tap “Done” and you’re all set 1 2 3
THANK YOU ©2019 Iron Mountain Incorporated. All rights reserved. Iron Mountain and the design of the mountain are registered trademarks of Iron Mountain Incorporated in the U.S. and other countries. All other trademarks and registered trademarks are the property of their respective owners.

Recommended

Enterprise Discovery: Taking Control, Driving Change
Enterprise Discovery: Taking Control, Driving ChangeEnterprise Discovery: Taking Control, Driving Change
Enterprise Discovery: Taking Control, Driving Change
Iron Mountain
 
Safeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset DispositionSafeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset Disposition
Iron Mountain
 
Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory Service
Iron Mountain
 
Getting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation ReadinessGetting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation Readiness
Iron Mountain
 
Driving Digital Transformation
Driving Digital TransformationDriving Digital Transformation
Driving Digital Transformation
Iron Mountain
 
Embedding GDPR Within Your Information and Library Service
Embedding GDPR Within Your Information and Library ServiceEmbedding GDPR Within Your Information and Library Service
Embedding GDPR Within Your Information and Library Service
CILIPScotland
 
GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...
Ardoq
 
10 Steps Toward Information Governance Nirvana
10 Steps Toward Information Governance Nirvana10 Steps Toward Information Governance Nirvana
10 Steps Toward Information Governance Nirvana
Christian Buckley
 

Recommended

Enterprise Discovery: Taking Control, Driving Change
Enterprise Discovery: Taking Control, Driving ChangeEnterprise Discovery: Taking Control, Driving Change
Enterprise Discovery: Taking Control, Driving Change
Iron Mountain
 
Safeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset DispositionSafeguarding Your Brand With Secure IT Asset Disposition
Safeguarding Your Brand With Secure IT Asset Disposition
Iron Mountain
 
Privacy Advisory Service
Privacy Advisory ServicePrivacy Advisory Service
Privacy Advisory Service
Iron Mountain
 
Getting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation ReadinessGetting Your House in Order: Cost-effective Litigation Readiness
Getting Your House in Order: Cost-effective Litigation Readiness
Iron Mountain
 
Driving Digital Transformation
Driving Digital TransformationDriving Digital Transformation
Driving Digital Transformation
Iron Mountain
 
Embedding GDPR Within Your Information and Library Service
Embedding GDPR Within Your Information and Library ServiceEmbedding GDPR Within Your Information and Library Service
Embedding GDPR Within Your Information and Library Service
CILIPScotland
 
GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...
Ardoq
 
10 Steps Toward Information Governance Nirvana
10 Steps Toward Information Governance Nirvana10 Steps Toward Information Governance Nirvana
10 Steps Toward Information Governance Nirvana
Christian Buckley
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
DATUM LLC
 
Information Governance – What Does a Modern Program Look Like?
Information Governance – What Does a Modern Program Look Like?Information Governance – What Does a Modern Program Look Like?
Information Governance – What Does a Modern Program Look Like?
Winston & Strawn LLP
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
Vuzion
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Eryk Budi Pratama
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) Data
DATAVERSITY
 
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Delphix
 
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
DATUM LLC
 
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
Everteam
 
Your Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured DataYour Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured Data
DATAVERSITY
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - Eryk
Eryk Budi Pratama
 
Principles of Holistic Information Governance
Principles of Holistic Information GovernancePrinciples of Holistic Information Governance
Principles of Holistic Information Governance
PHIGs Information Management Consulting Inc.
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPR
DAMA Ireland
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
IDERA Software
 
How to implement gdpr in your document repository
How to implement gdpr in your document repository How to implement gdpr in your document repository
How to implement gdpr in your document repository
XeniT Solutions nv
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
Cobweb
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
Eryk Budi Pratama
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
Paul O'Carroll
 
An Introduction to the General Data Protection Regulation (GDPR)
An Introduction to the General Data Protection Regulation (GDPR)An Introduction to the General Data Protection Regulation (GDPR)
An Introduction to the General Data Protection Regulation (GDPR)
Bright
 
5 Steps to Prepare for Digital Transformation & Real-Time Analytics
5 Steps to Prepare for Digital Transformation & Real-Time Analytics 5 Steps to Prepare for Digital Transformation & Real-Time Analytics
5 Steps to Prepare for Digital Transformation & Real-Time Analytics
DATUM LLC
 
2019 06-19 convince customerspartnersboard gdpr-compliant
2019 06-19 convince customerspartnersboard gdpr-compliant2019 06-19 convince customerspartnersboard gdpr-compliant
2019 06-19 convince customerspartnersboard gdpr-compliant
TrustArc
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
AIIM International
 

More Related Content

What's hot

Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
DATUM LLC
 
Information Governance – What Does a Modern Program Look Like?
Information Governance – What Does a Modern Program Look Like?Information Governance – What Does a Modern Program Look Like?
Information Governance – What Does a Modern Program Look Like?
Winston & Strawn LLP
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
Vuzion
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Eryk Budi Pratama
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) Data
DATAVERSITY
 
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Delphix
 
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
DATUM LLC
 
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
Everteam
 
Your Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured DataYour Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured Data
DATAVERSITY
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - Eryk
Eryk Budi Pratama
 
Principles of Holistic Information Governance
Principles of Holistic Information GovernancePrinciples of Holistic Information Governance
Principles of Holistic Information Governance
PHIGs Information Management Consulting Inc.
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPR
DAMA Ireland
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
IDERA Software
 
How to implement gdpr in your document repository
How to implement gdpr in your document repository How to implement gdpr in your document repository
How to implement gdpr in your document repository
XeniT Solutions nv
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
Cobweb
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
Eryk Budi Pratama
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
Paul O'Carroll
 
An Introduction to the General Data Protection Regulation (GDPR)
An Introduction to the General Data Protection Regulation (GDPR)An Introduction to the General Data Protection Regulation (GDPR)
An Introduction to the General Data Protection Regulation (GDPR)
Bright
 
5 Steps to Prepare for Digital Transformation & Real-Time Analytics
5 Steps to Prepare for Digital Transformation & Real-Time Analytics 5 Steps to Prepare for Digital Transformation & Real-Time Analytics
5 Steps to Prepare for Digital Transformation & Real-Time Analytics
DATUM LLC
 

What's hot (20)

Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
 
Information Governance – What Does a Modern Program Look Like?
Information Governance – What Does a Modern Program Look Like?Information Governance – What Does a Modern Program Look Like?
Information Governance – What Does a Modern Program Look Like?
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
 
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEnabling Data Governance - Data Trust, Data Ethics, Data Quality
Enabling Data Governance - Data Trust, Data Ethics, Data Quality
 
DAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) DataDAMA Webinar: The Data Governance of Personal (PII) Data
DAMA Webinar: The Data Governance of Personal (PII) Data
 
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
Secure Your Enterprise Data Now and Be Ready for CCPA in 2020
 
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
Data Discovery & Search: Making it an Integral Part of Analytics, Compliance ...
 
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...What Are you Waiting For? Remediate your File Shares and Govern your Informat...
What Are you Waiting For? Remediate your File Shares and Govern your Informat...
 
Your Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured DataYour Worst GDPR Nightmare - Unstructured Data
Your Worst GDPR Nightmare - Unstructured Data
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - Eryk
 
Principles of Holistic Information Governance
Principles of Holistic Information GovernancePrinciples of Holistic Information Governance
Principles of Holistic Information Governance
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPR
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
 
How to implement gdpr in your document repository
How to implement gdpr in your document repository How to implement gdpr in your document repository
How to implement gdpr in your document repository
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to Compliance
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
 
An Introduction to the General Data Protection Regulation (GDPR)
An Introduction to the General Data Protection Regulation (GDPR)An Introduction to the General Data Protection Regulation (GDPR)
An Introduction to the General Data Protection Regulation (GDPR)
 
5 Steps to Prepare for Digital Transformation & Real-Time Analytics
5 Steps to Prepare for Digital Transformation & Real-Time Analytics 5 Steps to Prepare for Digital Transformation & Real-Time Analytics
5 Steps to Prepare for Digital Transformation & Real-Time Analytics
 

Similar to Build Your Foundation: Strategies and Tools for Managing Retention and Personal Data Risks

2019 06-19 convince customerspartnersboard gdpr-compliant
2019 06-19 convince customerspartnersboard gdpr-compliant2019 06-19 convince customerspartnersboard gdpr-compliant
2019 06-19 convince customerspartnersboard gdpr-compliant
TrustArc
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
AIIM International
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offer
Capgemini
 
Standing Up A Holistic And World Class Information Governance Program
Standing Up A Holistic And World Class Information Governance ProgramStanding Up A Holistic And World Class Information Governance Program
Standing Up A Holistic And World Class Information Governance Program
Rafael Moscatel CRM, IGP
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
Eryk Budi Pratama
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and Retention
InfoGoTo
 
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
Michele Collu
 
A2: Getting ready for GDPR (with only one month to go)
A2: Getting ready for GDPR (with only one month to go)A2: Getting ready for GDPR (with only one month to go)
A2: Getting ready for GDPR (with only one month to go)
NCVO - National Council for Voluntary Organisations
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
PECB
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
EMMAIntl
 
The Changing Role of the RIM Professional
The Changing Role of the RIM ProfessionalThe Changing Role of the RIM Professional
The Changing Role of the RIM Professional
SIMC Coaching
 
Evolution of Records Management in Law Firms
Evolution of Records Management in Law FirmsEvolution of Records Management in Law Firms
Evolution of Records Management in Law Firms
Jim Merrifield, IGP, CIP
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
FLUZO
 
DMA Data Protection 2014
DMA Data Protection 2014DMA Data Protection 2014
DMA Data Protection 2014
Rachel Aldighieri
 
EXPERT WEBINAR: Convergence of Cybersecurity & Privacy with Herjavec Group
EXPERT WEBINAR: Convergence of Cybersecurity & Privacy with Herjavec GroupEXPERT WEBINAR: Convergence of Cybersecurity & Privacy with Herjavec Group
EXPERT WEBINAR: Convergence of Cybersecurity & Privacy with Herjavec Group
Feroot
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
TrustArc
 
Privacy: Regulatory Pressure is the Consequence of a Broader Problem
Privacy: Regulatory Pressure is the Consequence of a Broader ProblemPrivacy: Regulatory Pressure is the Consequence of a Broader Problem
Privacy: Regulatory Pressure is the Consequence of a Broader Problem
Matthew Karnas
 
Agile Data Strategy and Lean Execution
Agile Data Strategy and Lean ExecutionAgile Data Strategy and Lean Execution
Agile Data Strategy and Lean Execution
Mario Faria
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analytics
Marc Vael
 
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data PrivacyFalcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io
 

Similar to Build Your Foundation: Strategies and Tools for Managing Retention and Personal Data Risks (20)

2019 06-19 convince customerspartnersboard gdpr-compliant
2019 06-19 convince customerspartnersboard gdpr-compliant2019 06-19 convince customerspartnersboard gdpr-compliant
2019 06-19 convince customerspartnersboard gdpr-compliant
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offer
 
Standing Up A Holistic And World Class Information Governance Program
Standing Up A Holistic And World Class Information Governance ProgramStanding Up A Holistic And World Class Information Governance Program
Standing Up A Holistic And World Class Information Governance Program
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 
Bridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and RetentionBridging the Gap Between Privacy and Retention
Bridging the Gap Between Privacy and Retention
 
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
 
A2: Getting ready for GDPR (with only one month to go)
A2: Getting ready for GDPR (with only one month to go)A2: Getting ready for GDPR (with only one month to go)
A2: Getting ready for GDPR (with only one month to go)
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
 
The Changing Role of the RIM Professional
The Changing Role of the RIM ProfessionalThe Changing Role of the RIM Professional
The Changing Role of the RIM Professional
 
Evolution of Records Management in Law Firms
Evolution of Records Management in Law FirmsEvolution of Records Management in Law Firms
Evolution of Records Management in Law Firms
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
 
DMA Data Protection 2014
DMA Data Protection 2014DMA Data Protection 2014
DMA Data Protection 2014
 
EXPERT WEBINAR: Convergence of Cybersecurity & Privacy with Herjavec Group
EXPERT WEBINAR: Convergence of Cybersecurity & Privacy with Herjavec GroupEXPERT WEBINAR: Convergence of Cybersecurity & Privacy with Herjavec Group
EXPERT WEBINAR: Convergence of Cybersecurity & Privacy with Herjavec Group
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
 
Privacy: Regulatory Pressure is the Consequence of a Broader Problem
Privacy: Regulatory Pressure is the Consequence of a Broader ProblemPrivacy: Regulatory Pressure is the Consequence of a Broader Problem
Privacy: Regulatory Pressure is the Consequence of a Broader Problem
 
Agile Data Strategy and Lean Execution
Agile Data Strategy and Lean ExecutionAgile Data Strategy and Lean Execution
Agile Data Strategy and Lean Execution
 
The value of big data analytics
The value of big data analyticsThe value of big data analytics
The value of big data analytics
 
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data PrivacyFalcon.io | 2021 Trends Virtual Summit - Data Privacy
Falcon.io | 2021 Trends Virtual Summit - Data Privacy
 

More from Iron Mountain

Why Should You Care About Information Management?
Why Should You Care About Information Management?Why Should You Care About Information Management?
Why Should You Care About Information Management?
Iron Mountain
 
Better Information Management for Improved Productivity
Better Information Management for Improved ProductivityBetter Information Management for Improved Productivity
Better Information Management for Improved Productivity
Iron Mountain
 
Maximize the Business Value of Your Information
Maximize the Business Value of Your Information Maximize the Business Value of Your Information
Maximize the Business Value of Your Information
Iron Mountain
 
Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?
Iron Mountain
 
Email Archiving ROI. Two Simple Reasons to Archive Your Email Data Now.
Email Archiving ROI. Two Simple Reasons to Archive Your Email Data Now.Email Archiving ROI. Two Simple Reasons to Archive Your Email Data Now.
Email Archiving ROI. Two Simple Reasons to Archive Your Email Data Now.
Iron Mountain
 
Skip the Disk, Move to the Cloud
Skip the Disk, Move to the CloudSkip the Disk, Move to the Cloud
Skip the Disk, Move to the Cloud
Iron Mountain
 
Six Steps to Information Management Compliance
Six Steps to Information Management ComplianceSix Steps to Information Management Compliance
Six Steps to Information Management Compliance
Iron Mountain
 
Top 5 Efficiency Tips
Top 5 Efficiency TipsTop 5 Efficiency Tips
Top 5 Efficiency Tips
Iron Mountain
 

More from Iron Mountain (8)

Why Should You Care About Information Management?
Why Should You Care About Information Management?Why Should You Care About Information Management?
Why Should You Care About Information Management?
 
Better Information Management for Improved Productivity
Better Information Management for Improved ProductivityBetter Information Management for Improved Productivity
Better Information Management for Improved Productivity
 
Maximize the Business Value of Your Information
Maximize the Business Value of Your Information Maximize the Business Value of Your Information
Maximize the Business Value of Your Information
 
Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?Are Your PCs and Laptops Recovery and Discovery Ready?
Are Your PCs and Laptops Recovery and Discovery Ready?
 
Email Archiving ROI. Two Simple Reasons to Archive Your Email Data Now.
Email Archiving ROI. Two Simple Reasons to Archive Your Email Data Now.Email Archiving ROI. Two Simple Reasons to Archive Your Email Data Now.
Email Archiving ROI. Two Simple Reasons to Archive Your Email Data Now.
 
Skip the Disk, Move to the Cloud
Skip the Disk, Move to the CloudSkip the Disk, Move to the Cloud
Skip the Disk, Move to the Cloud
 
Six Steps to Information Management Compliance
Six Steps to Information Management ComplianceSix Steps to Information Management Compliance
Six Steps to Information Management Compliance
 
Top 5 Efficiency Tips
Top 5 Efficiency TipsTop 5 Efficiency Tips
Top 5 Efficiency Tips
 

Recently uploaded

Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
Public CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptxPublic CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptx
marufrahmanstratejm
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloudSAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
maazsz111
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
Brandon Minnick, MBA
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
LucaBarbaro3
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Jeffrey Haguewood
 

Recently uploaded (20)

Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
Public CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptxPublic CyberSecurity Awareness Presentation 2024.pptx
Public CyberSecurity Awareness Presentation 2024.pptx
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
SAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloudSAP S/4 HANA sourcing and procurement to Public cloud
SAP S/4 HANA sourcing and procurement to Public cloud
 
Choosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptxChoosing The Best AWS Service For Your Website + API.pptx
Choosing The Best AWS Service For Your Website + API.pptx
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process MiningTrusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdfdbms calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...
 

Build Your Foundation: Strategies and Tools for Managing Retention and Personal Data Risks

  • 1.
  • 2. Building Your Foundation: Strategies and Tools for Managing Retention and Personal Data Risks May 2, 2019 ©2019 Iron Mountain Incorporated. All rights reserved. Iron Mountain and the design of the mountain are registered trademarks of Iron Mountain Incorporated in the U.S. and other countries. All other trademarks and registered trademarks are the property of their respective owners.
  • 3. Speaker Information Kelly Matoney, JD/MBA/CIPM Principal & Practice Leader Iron Mountain Moderator & Panelist Carole LaRochelle, MLIS/CIPM Information Governance & Records Administrator, PGA TOUR Panelist Shannon R. Dahn, MPP/CIPP/G Privacy Section Chief, Office of the Chief Information Security Officer Federal Deposit Insurance Corporation Panelist
  • 4. Agenda I. Welcome and Introductions II. The Information Challenge III. Strategies & Tools for Developing Personal Data Inventory & Data Maps IV. Assessing Risks & Prioritizing Data Remediation Activities V. Solutions for Managing Records to Meet Data Retention & Disposal Obligations VI. Questions and Answers VII. Closing Remarks
  • 6. The Information Challenge 2004 Legal dept drafts records policy & retention schedules 1920s Tournament golf developed 1950s-1960s Operated as part of PGA of America 1968 PGA TOUR becomes separate entity 1980s Records are born; Stadium Golf & Tournament Players Clubs network 1980s- Paper records managed by Facilities & Legal Librarian 2003 Scanning of paper records into homegrown repository 2020 New headquarters 2013 2016 Hurricane Matthew 2018 GDPR
  • 8. Ways records are held The Information Challenge Hard-copy historical records Mainframe systems Unstructured data Modernizing IT
  • 10. How Do You Know: What you have? Where is it? Who’s data is it? What rights do they have?
  • 11. DISPOSE/ RECYCLE ENABLE RESTORATION AND DISASTER RECOVERY SECURELY STORE AND ACCESS LEVERAGE INTELLIGENCE & INSIGHTS DIGITIZE/CONVERT/ MIGRATE INTEGRATE WORKFLOW/BPM APPLY RETENTION, PRIVACY & CLASSIFICATON CREATE CONTENT POLICY & GOVERNANCE DIGITAL & PHYSICAL Your Information Lifecycle
  • 13. What is a Record and PII?
  • 14. Assess Internal/External Environments Deep-dive assessment of departments’ records processing activities Updated vendor agreements
  • 15.  Revised privacy policy  Enterprise Privacy Framework  Implement Resources – ongoing web training KnowBe4  Standardize Data Protection & Compliance Update/Implement Policies & Tools
  • 16. • Formed a grass-roots working group, RISC • Explained impact of failure to comply • Socialization & Education Employee Engagement
  • 18. Existing Law & Policy Requirements Leverage the Current Environment Chief Data Officer Requirement
  • 19. Existing Record Job Aids Employee Engagement Data Clean-up Days General Employee Awareness Campaigns
  • 20. Create a Unified View of Your Personal Data and Related Obligations SHOW CONNECTIONS VISUALLY THROUGH DATA FLOW MAPS CONNECT CRITICAL INFORMATION ABOUT YOUR PERSONAL DATA
  • 22. • Focus on consumer data • Outside consultant to perform GDPR risk analysis/gap assessment • Data inventory assessment of 34 internal groups Assess Risks
  • 23. Personally Identifiable Information Fair Information Practice Principles • Minimization • Accountability and Auditing • Individual Participation Evolving NIST Risk Management Framework Emphasis on reducing risk to PII Focus on PII
  • 26. Retention Solutions • Records Management Policy resurrected, reviewed, revised, finalized • Incorporate 3 main concepts of Records Management • Addressed electronic documents management • Introduced email classification/etiquette • Restructured IT department
  • 27. Iron Mountain® Policy Center Solution
  • 28.
  • 30. Reduce Costs & Risks Most information is needlessly retained far beyond retention requirements. Over-retained information is a liability and racks up costs They can’t hack what you don’t have. Get rid of what you legally can to protect yourself from data breaches Having a current retention schedule and sticking to it consistently will help you: • reduce risk (regulatory, legal, financial, operational, AND reputational) • save on storage and legal discovery costs • satisfy audits and regulatory inquiries • defend your program in legal and litigation matters Retention Schedule = Foundation for Consistency
  • 31. The Advantage of Managing Privacy and Retention Together Increasing privacy concerns and regulations like the GDPR are elevating the need for privacy and retention to be managed together so you can:  Have a unified view of your personal data and related obligations  Dispose of private information as soon as possible  Reduce unnecessary exposure to data breaches
  • 32. Top Tips • Information Lifecycle Management is more important than ever to address privacy concerns • Define what a record is to your company • Consider working with a consultant and leveraging technologies • Retention and privacy must be managed together • Employee engagement is imperative for your privacy program
  • 33. Connect With Us Follow #peakofprivacy and @IronMountain Connect with the speakers: • Kelly Matoney, Privacy Principal & Practice Leader, Iron Mountain • Carole LaRochelle, Information Governance & Records Administrator, PGA TOUR • Shannon Dahn, Privacy Section Chief, FDIC
  • 35. Iron Mountain® Policy Center Solution Iron Mountain® Privacy Advisory Service www.ironmountain.com/dataprivacy Resources
  • 36. How Did Things Go? (We Really Want To Know) Did you enjoy this session? Is there any way we could make it better? Let us know by filling out a speaker evaluation. Start by opening the IAPP Events App Select this session and tap “Rate the Session” Once you’ve answered all three questions, tap “Done” and you’re all set 1 2 3
  • 37. THANK YOU ©2019 Iron Mountain Incorporated. All rights reserved. Iron Mountain and the design of the mountain are registered trademarks of Iron Mountain Incorporated in the U.S. and other countries. All other trademarks and registered trademarks are the property of their respective owners.