SlideShare a Scribd company logo

Critical regulations governing data privacy and data protection 20 dec2018

Download as PPTX, PDF
S
Surabhi Jain

Critical regulations governing data privacy and data protection, please check the facts if you want to use it .

Law
1 of 19
CRITICAL REGULATIONS GOVERNING DATA PRIVACY AND DATA PROTECTION Surabhi Jain Clinical Data manager india
DATA PRIVACY AND PROTECTION: WHY SHOULD IT BE A PRIORITY? In the US alone, 11 million cases of medical data security breaches were recorded in 2015. Criminals and hackers now recognize that medical data or sensitive personal health information (PHI) are more valuable than credit card data, yet is 100 times easier to hack.
DATA PRIVACY AND PROTECTION: WHY SHOULD IT BE A PRIORITY? 1st thing 1st It is an universal Human Right Penalties Theft of patient’s identity Resulting in government investigations/ legal consequences Harm to company reputation
HUMAN RIGHT ON DATA PRIVACY No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. - The Universal Declaration of Human Rights, Article 12
HUMAN RIGHT ON DATA PRIVACY Everyone has right to respect for his private and family life, his home and his correspondence. - European Convention for protection of human rights and Fundamental freedom
THE CONFIDENTIALITY OF RECORDS THAT COULD IDENTIFY SUBJECTS SHOULD BE PROTECTED, RESPECTING THE PRIVACY AND CONFIDENTIALITY RULES IN ACCORDANCE WITH THE APPLICABLE REGULATORY REQUIREMENT(S).  THE PRINCIPLES OF ICH GCP-2.11
REGULATORY GUIDANCE EU Data Protection Directive 95/46/EC EU Data Protection Directive 2001/20/EC General Data Protection Regulation EU 2016/679
EU DATA PROTECTION DIRECTIVE 95/46/EC- 7 PRINCIPLES Governing the Organization for Economic Cooperation and Development recommendation:  Notice—data subjects should be given notice when their data is being collected;  Purpose—data should only be used for the purpose stated and not for any other purposes;  Consent—data should not be disclosed without the data subject’s consent;  Security—collected data should be kept secure from any potential abuses;  Disclosure—data subjects should be informed as to who is collecting their data;  Access—data subjects should be allowed to access their data and make corrections to any inaccurate data; and  Accountability—data subjects should have a method available to them to hold data collectors accountable for not following the above principles
EU DATA PROTECTION DIRECTIVE 95/46/EC Personal data should not be processed at all, except when certain conditions are met. These conditions fall into three categories: transparency, legitimate purpose, and proportionality.
EU DATA PROTECTION DIRECTIVE 95/46/EC Transfer of personal data to third countries- The Directive's Article 29 created the "Working party on the Protection of Individuals with regard to the Processing of Personal Data", commonly known as the "Article 29 Working Party". The Working Party gives advice about the level of protection in the European Union and third countries.
EU DATA PROTECTION DIRECTIVE 2001/20/EC  The Clinical Trials Directive (Officially Directive 2001/20/EC of 4 April 2001, of the European Parliament relating to implementation of good clinical practice in the conduct of clinical trials on medicinal products for human use) is a European Union directive that aimed at facilitating the internal market in medicinal products within the European Union.  It pursues to simplify and harmonize the administrative provisions governing clinical trials in the European Community, by establishing a clear, transparent procedure.  The Member States had to apply these provisions at the latest with effect from 1 May 2004.  It has 24 Articles.
EU DATA PROTECTION DIRECTIVE 2001/20/EC- ARTICLE 3  Section 2(C) the rights of the subject to physical and mental integrity, to privacy and to the protection of the data concerning him in accordance with Directive 95/46/EC (EU Data Protection Directive) are safeguarded;  95/46/ EC *Fair and lawful processing *Purpose limitation and specification *Minimal storage term *Transparency Data quality *Security Special categories of data *Data minimization
GENERAL DATA PROTECTION REGULATION EU 2016/679 Reason for moving to GDPR- Privacy issues arising from an exponential growth in consumer and mobile technologies, an increasingly connected planet and mass cross border data flows In 2012, the European Commission published a draft regulation and final text published on 27 April 2016
GENERAL DATA PROTECTION REGULATION EU 2016/679  More than 90% of Europeans say they want the same data protection rights across the EU – and regardless of where their data is processed.  Applies to EU and non EU Organization who process data related to who are in EU  GDPR will capture many more overseas organizations  EU Member States have to transpose it into their national law by 6 May 2018.
GENERAL DATA PROTECTION REGULATION EU 2016/679  The GDPR is Europe's new framework for data protection laws – it replaces the previous 1995 data protection directive, which current UK law is based upon  the legislation is designed to "harmonise" data privacy laws across Europe as well as give greater protection and rights to individuals  GDPR changes how personal data can be used  In the full text of GDPR there are 99 articles setting out the rights of individuals and obligations placed on organisations covered by the regulation.
GENERAL DATA PROTECTION REGULATION EU 2016/679 Any data breach must be reported to Supervisory authority within 72 hours. companies that have "regular and systematic monitoring" of individuals at a large scale or process a lot of sensitive personal data have to employ a data protection officer (DPO).
SAFE HARBOR PRINCIPLES- HARMONIZATION EFFORTS The European Union and the United States have fundamentally different attitudes towards the protection of personal data. To ease the business between US and EU, In 2000, the U.S. Department of Commerce issued the Safe Harbor Privacy Principles which were subsequently recognized by the European Commission
SAFE HARBOR PRINCIPLES- 7 PRINCIPLES Notice- An organization must inform individuals about the purposes for which it collects and uses information. Choice- Subject must be able to opt-out of collection and transfer of the information Onwards Transfer- Organization must apply notice and Choice principles. Third parties acting as agents must provide the same level of privacy protection
SAFE HARBOR PRINCIPLES- 7 PRINCIPLES  Security. Organizations creating, maintaining, using or disseminating personal information must take reasonable precautions to protect it.  Data Integrity. Personal information must be relevant for the purposes.  Access. Individuals must have access to the information about them  Enforcement. Effective privacy protection must include mechanisms for verifying compliance to the above principles.

Recommended

Factsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenFactsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenEdouard Nguyen
 
Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Edouard Nguyen
 
Privacy Ordinance in Hong Kong
Privacy Ordinance in Hong KongPrivacy Ordinance in Hong Kong
Privacy Ordinance in Hong Kong若水 鲁
 
Quick guide gdpr
Quick guide gdprQuick guide gdpr
Quick guide gdprMiguel Mello
 
Quick Guide to GDPR
Quick Guide to GDPRQuick Guide to GDPR
Quick Guide to GDPRPavol Balaj
 
Safe Harbor: A framework for US – EU data privacy
Safe Harbor: A framework for US – EU data privacy Safe Harbor: A framework for US – EU data privacy
Safe Harbor: A framework for US – EU data privacy Raymond Cunningham
 
US – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataUS – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataMark Aldrich
 
Uia presentation Eng
Uia presentation EngUia presentation Eng
Uia presentation EngFabio Marazzi
 

Recommended

Factsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenFactsheet data protection and Right to be Forgotten
Factsheet data protection and Right to be ForgottenEdouard Nguyen
 
Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Data Protection Guide – What are your rights as a citizen?
Data Protection Guide – What are your rights as a citizen?Edouard Nguyen
 
Privacy Ordinance in Hong Kong
Privacy Ordinance in Hong KongPrivacy Ordinance in Hong Kong
Privacy Ordinance in Hong Kong若水 鲁
 
Quick guide gdpr
Quick guide gdprQuick guide gdpr
Quick guide gdprMiguel Mello
 
Quick Guide to GDPR
Quick Guide to GDPRQuick Guide to GDPR
Quick Guide to GDPRPavol Balaj
 
Safe Harbor: A framework for US – EU data privacy
Safe Harbor: A framework for US – EU data privacy Safe Harbor: A framework for US – EU data privacy
Safe Harbor: A framework for US – EU data privacy Raymond Cunningham
 
US – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataUS – EU Safe Harbor for Cross-Border Data
US – EU Safe Harbor for Cross-Border DataMark Aldrich
 
Uia presentation Eng
Uia presentation EngUia presentation Eng
Uia presentation EngFabio Marazzi
 
Overview of the_data_protection-act
Overview of the_data_protection-actOverview of the_data_protection-act
Overview of the_data_protection-actRodamaeLBaccay
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIKarel Holst
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORIKarel Holst
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldParsons Behle & Latimer
 
GDPR and Copyright Law
GDPR and Copyright LawGDPR and Copyright Law
GDPR and Copyright LawGiovanni Maria Riccio
 
Cross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesCross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesKarl Larson
 
1º Palestra sobre Proteção de Dados Pessoais
1º Palestra sobre Proteção de Dados Pessoais1º Palestra sobre Proteção de Dados Pessoais
1º Palestra sobre Proteção de Dados PessoaisIBE_USP
 
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...Amministratore Bluefactor
 
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Amministratore Bluefactor
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingIT Governance Ltd
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?TAG Alliances
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRIT Governance Ltd
 
香港六合彩
香港六合彩香港六合彩
香港六合彩mhffyol
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideShareriguo
 
Overview of privacy and data protection considerations for DEVELOP
Overview of privacy and data protection considerations for DEVELOPOverview of privacy and data protection considerations for DEVELOP
Overview of privacy and data protection considerations for DEVELOPTrilateral Research
 
Internet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms dayInternet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms daymoldovaictsummit2016
 
No Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyNo Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyKate Chan
 
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationCognizant
 
[REPORT PREVIEW] GDPR Beyond May 25, 2018
[REPORT PREVIEW] GDPR Beyond May 25, 2018[REPORT PREVIEW] GDPR Beyond May 25, 2018
[REPORT PREVIEW] GDPR Beyond May 25, 2018Altimeter, a Prophet Company
 
GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protectionInterlogica
 
Final projet
Final projetFinal projet
Final projetserge-parfait Goma
 

More Related Content

What's hot

Overview of the_data_protection-act
Overview of the_data_protection-actOverview of the_data_protection-act
Overview of the_data_protection-actRodamaeLBaccay
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIKarel Holst
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORIKarel Holst
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldParsons Behle & Latimer
 
Cross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesCross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesKarl Larson
 
1º Palestra sobre Proteção de Dados Pessoais
1º Palestra sobre Proteção de Dados Pessoais1º Palestra sobre Proteção de Dados Pessoais
1º Palestra sobre Proteção de Dados PessoaisIBE_USP
 
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...Amministratore Bluefactor
 
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Amministratore Bluefactor
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016John Greenwood
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingIT Governance Ltd
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?TAG Alliances
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRIT Governance Ltd
 
香港六合彩
香港六合彩香港六合彩
香港六合彩mhffyol
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideShareriguo
 

What's hot (15)

Overview of the_data_protection-act
Overview of the_data_protection-actOverview of the_data_protection-act
Overview of the_data_protection-act
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORI
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
 
Cross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy ShieldCross Border Data Transfers and the Privacy Shield
Cross Border Data Transfers and the Privacy Shield
 
GDPR and Copyright Law
GDPR and Copyright LawGDPR and Copyright Law
GDPR and Copyright Law
 
Cross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesCross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property Issues
 
1º Palestra sobre Proteção de Dados Pessoais
1º Palestra sobre Proteção de Dados Pessoais1º Palestra sobre Proteção de Dados Pessoais
1º Palestra sobre Proteção de Dados Pessoais
 
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
Att. patrizia giannini ggi lisbon conference 19 april 2013 - electronic dis...
 
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
 
Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016Regulation (EU) 2016_679_GDPR_Overview_June 2016
Regulation (EU) 2016_679_GDPR_Overview_June 2016
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketing
 
The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?The GDPR: What About Data Stored or Transmitted Outside the EU?
The GDPR: What About Data Stored or Transmitted Outside the EU?
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR
 
香港六合彩
香港六合彩香港六合彩
香港六合彩
 
香港六合彩 » SlideShare
香港六合彩 » SlideShare香港六合彩 » SlideShare
香港六合彩 » SlideShare
 

Similar to Critical regulations governing data privacy and data protection 20 dec2018

Overview of privacy and data protection considerations for DEVELOP
Overview of privacy and data protection considerations for DEVELOPOverview of privacy and data protection considerations for DEVELOP
Overview of privacy and data protection considerations for DEVELOPTrilateral Research
 
Internet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms dayInternet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms daymoldovaictsummit2016
 
No Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyNo Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyKate Chan
 
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationCognizant
 
GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protectionInterlogica
 
Data Privacy and consent management .. .
Data Privacy and consent management .. .Data Privacy and consent management .. .
Data Privacy and consent management .. .ClinosolIndia
 
How does GDPR Regulation help in Data Protection and Data Privacy?
How does GDPR Regulation help in Data Protection and Data Privacy?How does GDPR Regulation help in Data Protection and Data Privacy?
How does GDPR Regulation help in Data Protection and Data Privacy?TobyRobinson13
 
Auditing your EU entities for data protection compliance 5661651 1
Auditing your EU entities for data protection compliance 5661651 1Auditing your EU entities for data protection compliance 5661651 1
Auditing your EU entities for data protection compliance 5661651 1rtjbond
 
Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Andrew Sharpe
 
Data protection and data integrity
Data protection and data integrity Data protection and data integrity
Data protection and data integrityAxon Lawyers
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoJoel A. Gómez Treviño
 
Data protection act
Data protection act Data protection act
Data protection act Iqbal Bocus
 
Key Recommendations for Health Information Privacy Reform
Key Recommendations for Health Information Privacy ReformKey Recommendations for Health Information Privacy Reform
Key Recommendations for Health Information Privacy ReformALRC
 
Medical device data protection and security
Medical device data protection and security Medical device data protection and security
Medical device data protection and security Erik Vollebregt
 

Similar to Critical regulations governing data privacy and data protection 20 dec2018 (20)

Overview of privacy and data protection considerations for DEVELOP
Overview of privacy and data protection considerations for DEVELOPOverview of privacy and data protection considerations for DEVELOP
Overview of privacy and data protection considerations for DEVELOP
 
Internet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms dayInternet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms day
 
No Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data PrivacyNo Man is an Island: The Battle for Data Privacy
No Man is an Island: The Battle for Data Privacy
 
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
 
[REPORT PREVIEW] GDPR Beyond May 25, 2018
[REPORT PREVIEW] GDPR Beyond May 25, 2018[REPORT PREVIEW] GDPR Beyond May 25, 2018
[REPORT PREVIEW] GDPR Beyond May 25, 2018
 
GDPR - The new era of data protection
GDPR - The new era of data protectionGDPR - The new era of data protection
GDPR - The new era of data protection
 
Final projet
Final projetFinal projet
Final projet
 
Data Privacy and consent management .. .
Data Privacy and consent management .. .Data Privacy and consent management .. .
Data Privacy and consent management .. .
 
GDPR-Overview
GDPR-OverviewGDPR-Overview
GDPR-Overview
 
How does GDPR Regulation help in Data Protection and Data Privacy?
How does GDPR Regulation help in Data Protection and Data Privacy?How does GDPR Regulation help in Data Protection and Data Privacy?
How does GDPR Regulation help in Data Protection and Data Privacy?
 
Auditing your EU entities for data protection compliance 5661651 1
Auditing your EU entities for data protection compliance 5661651 1Auditing your EU entities for data protection compliance 5661651 1
Auditing your EU entities for data protection compliance 5661651 1
 
Data Protection (Download for slideshow)
Data Protection (Download for slideshow)Data Protection (Download for slideshow)
Data Protection (Download for slideshow)
 
GDPR
GDPRGDPR
GDPR
 
Data protection and data integrity
Data protection and data integrity Data protection and data integrity
Data protection and data integrity
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in Mexico
 
2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final2017 10 26 webinar - gdpr final
2017 10 26 webinar - gdpr final
 
Data protection act
Data protection act Data protection act
Data protection act
 
Key Recommendations for Health Information Privacy Reform
Key Recommendations for Health Information Privacy ReformKey Recommendations for Health Information Privacy Reform
Key Recommendations for Health Information Privacy Reform
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018
 
Medical device data protection and security
Medical device data protection and security Medical device data protection and security
Medical device data protection and security
 

Recently uploaded

Succession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeSuccession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeMelvinPernez2
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》o8wvnojp
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书SD DS
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书Fir L
 
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791BlayneRush1
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书SD DS
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一jr6r07mb
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeBlayneRush1
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceMichael Cicero
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesHome Tax Saver
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书Fir L
 
SecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfSecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfDrNiteshSaraswat
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书SD DS
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书SD DS
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...shubhuc963
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书srst S
 

Recently uploaded (20)

Succession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil CodeSuccession (Articles 774-1116 Civil Code
Succession (Articles 774-1116 Civil Code
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
 
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
如何办理新加坡南洋理工大学毕业证(本硕)NTU学位证书
 
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
Alexis O'Connell Alexis Lee mugshot Lexileeyogi 512-840-8791
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
定制(WMU毕业证书)美国西密歇根大学毕业证成绩单原版一比一
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
 
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics GuidanceLaw360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
Law360 - How Duty Of Candor Figures In USPTO AI Ethics Guidance
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax Rates
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
 
SecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdfSecuritiesContracts(Regulation)Act,1956.pdf
SecuritiesContracts(Regulation)Act,1956.pdf
 
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A History
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
如何办理(UoM毕业证书)曼彻斯特大学毕业证学位证书
 

Critical regulations governing data privacy and data protection 20 dec2018

  • 1. CRITICAL REGULATIONS GOVERNING DATA PRIVACY AND DATA PROTECTION Surabhi Jain Clinical Data manager india
  • 2. DATA PRIVACY AND PROTECTION: WHY SHOULD IT BE A PRIORITY? In the US alone, 11 million cases of medical data security breaches were recorded in 2015. Criminals and hackers now recognize that medical data or sensitive personal health information (PHI) are more valuable than credit card data, yet is 100 times easier to hack.
  • 3. DATA PRIVACY AND PROTECTION: WHY SHOULD IT BE A PRIORITY? 1st thing 1st It is an universal Human Right Penalties Theft of patient’s identity Resulting in government investigations/ legal consequences Harm to company reputation
  • 4. HUMAN RIGHT ON DATA PRIVACY No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. - The Universal Declaration of Human Rights, Article 12
  • 5. HUMAN RIGHT ON DATA PRIVACY Everyone has right to respect for his private and family life, his home and his correspondence. - European Convention for protection of human rights and Fundamental freedom
  • 6. THE CONFIDENTIALITY OF RECORDS THAT COULD IDENTIFY SUBJECTS SHOULD BE PROTECTED, RESPECTING THE PRIVACY AND CONFIDENTIALITY RULES IN ACCORDANCE WITH THE APPLICABLE REGULATORY REQUIREMENT(S).  THE PRINCIPLES OF ICH GCP-2.11
  • 7. REGULATORY GUIDANCE EU Data Protection Directive 95/46/EC EU Data Protection Directive 2001/20/EC General Data Protection Regulation EU 2016/679
  • 8. EU DATA PROTECTION DIRECTIVE 95/46/EC- 7 PRINCIPLES Governing the Organization for Economic Cooperation and Development recommendation:  Notice—data subjects should be given notice when their data is being collected;  Purpose—data should only be used for the purpose stated and not for any other purposes;  Consent—data should not be disclosed without the data subject’s consent;  Security—collected data should be kept secure from any potential abuses;  Disclosure—data subjects should be informed as to who is collecting their data;  Access—data subjects should be allowed to access their data and make corrections to any inaccurate data; and  Accountability—data subjects should have a method available to them to hold data collectors accountable for not following the above principles
  • 9. EU DATA PROTECTION DIRECTIVE 95/46/EC Personal data should not be processed at all, except when certain conditions are met. These conditions fall into three categories: transparency, legitimate purpose, and proportionality.
  • 10. EU DATA PROTECTION DIRECTIVE 95/46/EC Transfer of personal data to third countries- The Directive's Article 29 created the "Working party on the Protection of Individuals with regard to the Processing of Personal Data", commonly known as the "Article 29 Working Party". The Working Party gives advice about the level of protection in the European Union and third countries.
  • 11. EU DATA PROTECTION DIRECTIVE 2001/20/EC  The Clinical Trials Directive (Officially Directive 2001/20/EC of 4 April 2001, of the European Parliament relating to implementation of good clinical practice in the conduct of clinical trials on medicinal products for human use) is a European Union directive that aimed at facilitating the internal market in medicinal products within the European Union.  It pursues to simplify and harmonize the administrative provisions governing clinical trials in the European Community, by establishing a clear, transparent procedure.  The Member States had to apply these provisions at the latest with effect from 1 May 2004.  It has 24 Articles.
  • 12. EU DATA PROTECTION DIRECTIVE 2001/20/EC- ARTICLE 3  Section 2(C) the rights of the subject to physical and mental integrity, to privacy and to the protection of the data concerning him in accordance with Directive 95/46/EC (EU Data Protection Directive) are safeguarded;  95/46/ EC *Fair and lawful processing *Purpose limitation and specification *Minimal storage term *Transparency Data quality *Security Special categories of data *Data minimization
  • 13. GENERAL DATA PROTECTION REGULATION EU 2016/679 Reason for moving to GDPR- Privacy issues arising from an exponential growth in consumer and mobile technologies, an increasingly connected planet and mass cross border data flows In 2012, the European Commission published a draft regulation and final text published on 27 April 2016
  • 14. GENERAL DATA PROTECTION REGULATION EU 2016/679  More than 90% of Europeans say they want the same data protection rights across the EU – and regardless of where their data is processed.  Applies to EU and non EU Organization who process data related to who are in EU  GDPR will capture many more overseas organizations  EU Member States have to transpose it into their national law by 6 May 2018.
  • 15. GENERAL DATA PROTECTION REGULATION EU 2016/679  The GDPR is Europe's new framework for data protection laws – it replaces the previous 1995 data protection directive, which current UK law is based upon  the legislation is designed to "harmonise" data privacy laws across Europe as well as give greater protection and rights to individuals  GDPR changes how personal data can be used  In the full text of GDPR there are 99 articles setting out the rights of individuals and obligations placed on organisations covered by the regulation.
  • 16. GENERAL DATA PROTECTION REGULATION EU 2016/679 Any data breach must be reported to Supervisory authority within 72 hours. companies that have "regular and systematic monitoring" of individuals at a large scale or process a lot of sensitive personal data have to employ a data protection officer (DPO).
  • 17. SAFE HARBOR PRINCIPLES- HARMONIZATION EFFORTS The European Union and the United States have fundamentally different attitudes towards the protection of personal data. To ease the business between US and EU, In 2000, the U.S. Department of Commerce issued the Safe Harbor Privacy Principles which were subsequently recognized by the European Commission
  • 18. SAFE HARBOR PRINCIPLES- 7 PRINCIPLES Notice- An organization must inform individuals about the purposes for which it collects and uses information. Choice- Subject must be able to opt-out of collection and transfer of the information Onwards Transfer- Organization must apply notice and Choice principles. Third parties acting as agents must provide the same level of privacy protection
  • 19. SAFE HARBOR PRINCIPLES- 7 PRINCIPLES  Security. Organizations creating, maintaining, using or disseminating personal information must take reasonable precautions to protect it.  Data Integrity. Personal information must be relevant for the purposes.  Access. Individuals must have access to the information about them  Enforcement. Effective privacy protection must include mechanisms for verifying compliance to the above principles.