Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
Norfolk Chamber delivered a morning conference based around the European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. Delegates heared from a variety of GDPR expert speakers from legal, marketing, IT and Data Protection perspectives.
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
Norfolk Chamber delivered a morning conference based around the European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. Delegates heared from a variety of GDPR expert speakers from legal, marketing, IT and Data Protection perspectives.
The presentation explains about Data Security as an industrial concept. It addresses
its concern on Data Loss Prevention in detail, from what it is, its approach, the best practices and
common mistakes people make for the same. The presentation concludes with highlighting
Happiest Minds' expertise in the domain.
Learn more about Happiest Minds Data Security Service Offerings
http://www.happiestminds.com/IT-security-services/data-security-services/
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
Explores:
1. Introduction to Privacy Regimes in the United States and Abroad
2. Mobile Applications and Devices
3. Lawful Collection and Use of “Big Data”
4. International Privacy and Cross-Border Data Transfers
5. Data Security Requirements and Data Breach Response
6. IT Outsourcing and the Cloud
7. Recent Developments and Emerging Issues
25th May 2018 marks the enforcement date of EU’s General Data Protection Regulation. This new regulation strives to increase privacy for individuals and penalize businesses in breach. The complexity organizations face in managing consumer data is driving the growth of privacy tech solutions that decisively address a slew of privacy compliance challenges.
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
Presented at CDEF 16th Meetup at 18 August 2022.
Title:
Privacy-ready Data Protection Program Implementation
Topics:
- Why data protection is important
- Data Privacy Program Domain
- Operationalize Data Privacy Program
- Privacy-aligned Information Security Framework
- Roadmap to Protect Personal Data
- Privacy Management Technology
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykEryk Budi Pratama
Presented at Orang Siber Indonesia webinar.
11 July 2020
Topic: Data Protection: Basic Regulation and Technical Aspects
This presentation covers:
> Indonesia Data Protection Bill
> Data Masking
> Identity & Access Management
> Data Loss Prevention
Join us (for Indonesian):
t.me/orangsiber
t.me/dataprotectionid
This slide provide various details regarding Information security. The Database its Advantage, Regarding DBMS, RDBMS, IS Design conderations. Various Cyber crime Techniques. Element of Information i.e Integrity, Availability , Classification of Threats. Information Security Risk Assessment. Four Stages of Risk Management. NIST Definition. Risk Assessment Methodologies. Security Risk Assessment Approach. Risk Mitigation Options. Categories of controls. Technical Controls etc.
Data security and cyber risks - In house lawyers forum 2013, Richard NicholasBrowne Jacobson LLP
At the in house lawyers forum back in 2013, Richard Nicholas talks about data security and cyber risks – recent news and developments, the difference between data protection and data security, and more.
The presentation explains about Data Security as an industrial concept. It addresses
its concern on Data Loss Prevention in detail, from what it is, its approach, the best practices and
common mistakes people make for the same. The presentation concludes with highlighting
Happiest Minds' expertise in the domain.
Learn more about Happiest Minds Data Security Service Offerings
http://www.happiestminds.com/IT-security-services/data-security-services/
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
Explores:
1. Introduction to Privacy Regimes in the United States and Abroad
2. Mobile Applications and Devices
3. Lawful Collection and Use of “Big Data”
4. International Privacy and Cross-Border Data Transfers
5. Data Security Requirements and Data Breach Response
6. IT Outsourcing and the Cloud
7. Recent Developments and Emerging Issues
25th May 2018 marks the enforcement date of EU’s General Data Protection Regulation. This new regulation strives to increase privacy for individuals and penalize businesses in breach. The complexity organizations face in managing consumer data is driving the growth of privacy tech solutions that decisively address a slew of privacy compliance challenges.
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
Presented at CDEF 16th Meetup at 18 August 2022.
Title:
Privacy-ready Data Protection Program Implementation
Topics:
- Why data protection is important
- Data Privacy Program Domain
- Operationalize Data Privacy Program
- Privacy-aligned Information Security Framework
- Roadmap to Protect Personal Data
- Privacy Management Technology
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykEryk Budi Pratama
Presented at Orang Siber Indonesia webinar.
11 July 2020
Topic: Data Protection: Basic Regulation and Technical Aspects
This presentation covers:
> Indonesia Data Protection Bill
> Data Masking
> Identity & Access Management
> Data Loss Prevention
Join us (for Indonesian):
t.me/orangsiber
t.me/dataprotectionid
This slide provide various details regarding Information security. The Database its Advantage, Regarding DBMS, RDBMS, IS Design conderations. Various Cyber crime Techniques. Element of Information i.e Integrity, Availability , Classification of Threats. Information Security Risk Assessment. Four Stages of Risk Management. NIST Definition. Risk Assessment Methodologies. Security Risk Assessment Approach. Risk Mitigation Options. Categories of controls. Technical Controls etc.
Data security and cyber risks - In house lawyers forum 2013, Richard NicholasBrowne Jacobson LLP
At the in house lawyers forum back in 2013, Richard Nicholas talks about data security and cyber risks – recent news and developments, the difference between data protection and data security, and more.
Kawser Hamid : ICO and Data Protection in the CloudGurbir Singh
Kawser Hamid Lead Policy Officer at the Information Commissioner's Office talks about the challenges of Cloud Computing and complying with Data Protection Act
A recording of the Northwest Regional meeting of the Institute of Information Security Professionals in Manchester on 23rd May 2013. Copyright of this presentation is held by the author, Kawser Hamid.
Mind Your Business: Why Privacy Matters to the Successful EnterpriseEric Kavanagh
The Briefing Room with Dr. Robin Bloor and HPE Security
There's no such thing as bad publicity? In the era of data breaches, that's not really true. Time and again in recent years, the mighty have fallen. And as sensitive data reaches the hands of bad guys the world over, so go the fates of customers and companies alike. That's why security is the fastest growing sector of enterprise IT today, with privacy issues front and center.
Register for this episode of The Briefing Room to hear veteran Analyst Dr. Robin Bloor explain why companies need to pay serious attention to the ever-growing importance of privacy, not just security. He'll be briefed by Jay Irwin of Teradata and Carole Murphy of HPE Security, who will demonstrate how their technologies can be combined to create a robust privacy infrastructure that allows organizations to avoid data breaches, or at least keep the data encrypted, thus avoiding the damage of a breach.
New General Data Protection Regulation (Agnes Andersson Hammarstrand)Nordic APIs
This is a session given by Agnes Andersson Hammarstrand at Nordic APIs 2016 Platform Summit on October 25th, in Stockholm Sweden.
Description:
This spring a new EU General Data Protection Regulation was adopted to replace the current personal data legislations. Companies that break the rules risk fines of up to 4 % of the worldwide group turnover. The new regulations entail a large number of news that all companies should be informed about. Among other things, IT systems need to be adapted to privacy under the principles of privacy by design.
Agnes Hammarstrand, partner at Delphi Law firm and expert within IT and online provides an introduction to the new regulations and what you need to do.
The EU Data Protection Regulation - what you need to knowSophos Benelux
De komende EU Data Beschermingsregulering vraagt van organisaties wereldwijd dat zij de data beveiligen die zij beheren en bezitten van Europese burgers. Het is algemeen aanvaard dat encryptie de beste methode is om te voldoen aan deze nieuwe regulering. Wanneer een lek ontstaat en u kunt aantonen dat alle persoonlijke data was versleuteld, verkleint de kans aanzienlijk dat u vanuit de EU een boete ontvangt.
Veel organisaties hebben geen idee wat deze nieuwe regulering inhoudt of hoe zij zich moeten voorbereiden op deze nieuwe regels. Behoort uw organisatie ook tot deze groep?
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...Brian Miller, Solicitor
In a more detailed look at data protection, Vicki Bowles takes a look at the new draft EU Data Protection Regulation, disclosure and BYOD (Bring Your Own Device).
Brian Miller then covers ISO certification, how to check whether your vendor’s systems are secure, how US Safe Harbor worked in practice, how it will do so with the new Privacy Shield and the various certification/accreditation systems for cloud computing vendors.
GDPR – what does it mean for charities and what you need to consider - Iain P...m-hance
The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, The European Council and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). EU members have until May 2018 to ensure that they are fully compliant with the new regulation. Regardless of Brexit, organisations in the UK that collect and use personal data will need to comply. In this slide deck Iain gives an overview of GDPR, what the requirements mean for charities and what charities need to consider to be compliant
Large employers will have to produce their first gender pay gap reports by April 2018 at the latest, based on payroll data from April 2017. While the final version of the regulations isn’t expected until summer 2016, the main elements are now clear. These slides set out what the Regulations require and the issues that employers should be thinking about now.
Developing branded products - A toolkit for agencies Lewis Silkin
Agencies are increasingly leveraging the opportunities afforded by the digital ecosystem to develop products which have the potential to be exploited by the agency’s brand owner clients, but which do not sit comfortably within the traditional client-agency business model.
Lewis Silkin's Don't get it wrong #socialmedia Seminar PresentationLewis Silkin
This presentation is from Lewis Silkin’s Don't get it wrong #socialmedia semina on the 17th April 2012. Simon Morrissey and Jo Farmer, Partners in the Media, Brands and Technology department look at social media and the legal and regulatory aspects of its use in advertising.
You can view the youtube playlist of the videos that accompany this presentation here: http://youtu.be/4edioYoxClM; or on our website here: http://www.lewissilkin.com/Knowledge/2012/April/Dont-get-it-wrong-socialmedia.aspx
Lewis Silkin Seminar - Warranties and Indemnities - 8th March 2012Lewis Silkin
This is the first presentation from Lewis Silkin's recent "Warranties and Indemnities" seminar on the 8th March 2012 by Julian Parry and Lucy Lewis.
You can view the case study slides here: http://www.slideshare.net/LewisSilkin/lewis-silkin-whats-trending-in-tupe
If you would like more information please get in touch.
http://www.lewissilkin.com
Julian Parry
http://uk.linkedin.com/in/tupeguru
Lucy Lewis
http://uk.linkedin.com/in/lucylewis
Lewis Silkin Seminar - What's Trending in TUPE - 8th March 2012Lewis Silkin
This is the case study presentation from Lewis Silkin's recent "Warranties and Indemnities" seminar on the 8th March 2012 by Julian Parry and Lucy Lewis. If you would like more information please get in touch.
http://www.lewissilkin.com
Julian Parry
http://uk.linkedin.com/in/tupeguru
Lucy Lewis
http://uk.linkedin.com/in/lucylewis
The New Data Protection Regulation and Cookie ComplianceLewis Silkin
This presentation is from Lewis Silkin’s The New Data Protection Regulation and Cookie Compliance breakfast briefing on the 23 February 2012. Simon Morrissey, Lewis Silkin, and Meriel Lenfestey, Foolproof, look at the new Data Protection Regulations and some of the options available when thinking about cookie compliance and the end user experience.
You can visit http://www.lewissilkin.com for more information.
Lewis Silkin Brand Academy 2011 Supplementary DocumentLewis Silkin
This document contains the supplementary documentation for the Lewis Silkin Brand Academy 2011 event held at the Imagination Gallery on the 13th October 2011.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
11. What has this meant over last 15 years?
• Data subject requests
• Data protection policies - consent
• Transfer overseas especially to US
• “Light touch” enforcement
• Globalisation and other less light
touch data protection laws
12. Data Protection – a brief history
Late 1960s First
electronic messaging 1984 Original Data Protection
law (minimal impact)
1998 Data
Protection Act
2005 Employment
Practices Code
15. Data Protection – a brief history
Late 1960s First
electronic messaging 1984 Original Data Protection
law (minimal impact)
1998 Data
Protection Act
2005 Employment
Practices Code
2007 ICO Personal
Data guidance
17. Data Protection – a brief history
Late 1960s First
electronic messaging 1984 Original Data Protection
law (minimal impact)
1998 Data
Protection Act
2005 Employment
Practices Code
2010 Sanctions
increase to £500k
2007 ICO Personal
Data guidance
19. Data Protection – a brief history
Late 1960s First
electronic messaging 1984 Original Data Protection
law (minimal impact)
1998 Data
Protection Act
2005 Employment
Practices Code
2010 Sanctions
increase to £500k
2013 ICO BYOD guidance
2007 ICO Personal
Data guidance
21. Data Protection – a brief history
Late 1960s First
electronic messaging 1984 Original Data Protection
law (minimal impact)
1998 Data
Protection Act
TODAY Proposed General
Data Protection Regulation
2005 Employment
Practices Code
2010 Sanctions
increase to £500k
2013 ICO BYOD guidance
2007 ICO Personal
Data guidance
23. Data Protection Regulation – introduction
• What’s the problem?
• Commission solution
• Strategy
• Particular measures proposed
• Practical implications for now?
24. Data protection – the need for change
• Change in nature and extent of processing
• Globalisation
Different rules in different states
Cloud
• Employment context
volume
free-form data
25. Commission solution – a Data Protection
Regulation
• What is a regulation?
• Aim
one-stop shop
greater legal certainty - and consistency
throughout EU
reduction of administrative burden
strengthened data subject rights
efficiency of supervision and enforcement
• And “it will save money” – not just red tape
26. Strategy proposed
• Strategy
similar to current rules....but more
stricter data protection principles
more specific and granular obligations
more extensive individual rights...right to be forgotten...
Backed up by tougher
enforcement – fines of 2% of
global turnover
27. Policy, process...and documentation (1)
• Internal documentation
adopt policies
implement measures to ensure
compliance with policies
be able to demonstrate compliance
if appropriate establish an audit
28. Policy, process...and documentation (2)
• Documentation for data subjects
Extensive information including
> purposes of processing
> if justified by "legitimate interests" ...what those
interests are
> data subject rights and how to complain
> who gets to see it ....recipients
> If data does not come from data subject, who the
source is
29. Policy, process...and documentation (3)
• Very granular..... underscored by new data protection
principle
for each processing operation, controller must ensure and
demonstrate compliance
• Lots of paper .....but does it protect privacy?
30. Right to be forgotten
• Right to have personal data
erased if
no longer necessary in
relation to purposes for
which collected
consent withdrawn
expiry of retention period
processing is non-
compliant
31. Right to be forgotten
• If personal data has been
made public, controller shall
take all reasonable steps to
tell third parties
• Controller may restrict
where issue over accuracy
data needed for purposes
of proof (evidence of
business operations)
32. Data security (1)
• Controller and processor must
do risk assessment
implement technical and organisations measures to ensure
security
• "Personal data breach" means breach of security .... leading
to accidental or unlawful
destruction, loss or alteration
unauthorised disclosure
33. Data security (2)
• Duty to notify
• Duty to document breaches
• If breach is likely to affect privacy of data subjects, controller
must tell data subject of breach and what it is doing
34. Data protection by design
• "Data protection by design" ...if developing business in ways
that impinge on personal data (e.g. a new HR system)
implement to ensure compliance (having regard to cost and
technology)
ensure that by default system
> only processes data
necessary for purpose
> does not collect too much
> does not store too long
> controls
35. Data protection officer
• Controller and processor must establish
a DPO if 250 employees or more
• What are the roles/functions of a DPO?
36. Data protection officer
• Controller and processor must establish
a DPO if 250 employees or more
• What are the roles/functions of a DPO?
37. Data protection officer
Monitoring data protection
breaches
Contact point for supervisory
authority
Informing controller and
processor of obligations
under DPR (and documenting)
Monitoring
implementation of
policies (including audit
and training)
Ensuring documentation is
maintained
Monitoring protection
by design and
security
Monitoring data protection
impact assessment
38. Remedies and sanctions
• Up to 2% of turnover
• Enforcement by "main establishment" regulator
In EU - where purposes of processing determined or, if not,
where main processing takes place
If not established in EU, must appoint a "representative"
39. Special rules on employment
• Regulation allows members states to adopt special rules for
employment....but upwards only
Extra conditions for processing
Regulatory consent?
Works Council approval?
• Defeats "one-stop" shop?
40. What to do now?
• Proposals will change............
• Share your thoughts with MoJ?
• Processing operations
identify and record
consider how you comply
• Establish extent to which you use "consent"
to justify processing...and find other ways
