Everything you Need to Know about The Data Protection Officer Role HackerOne
Data privacy and security expert, Debra Farber, presents on the emerging role of the Data Protection Officer (DPO). When the EU's General Data Protection Regulation (GDPR) becomes enforceable on May 25, 2018, companies around the world who process the personal data of EU residents will be required by law to appoint an independent DPO who has specific responsibilities and data protection knowledge.
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
The Data Protection Act 2019, was enacted on November 8th, 2019, ushering a new era of accountability and responsibility with regard to processing of personal data and information. Naturally, there has been a resurrection of the chatter around data protection in increasingly data-driven social and economic settings. The question on everyone’s mind being what does this mean for me?
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
Presented at CDEF 16th Meetup at 18 August 2022.
Title:
Privacy-ready Data Protection Program Implementation
Topics:
- Why data protection is important
- Data Privacy Program Domain
- Operationalize Data Privacy Program
- Privacy-aligned Information Security Framework
- Roadmap to Protect Personal Data
- Privacy Management Technology
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
Presented at APTIKNAS (Indonesia ICT Business Association) DKI Jakarta regular webinar.
Title:Data Loss Prevention: Fundamental Concept in Enabling DLP System
2 July 2020
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIEryk Budi Pratama
UU No 27 Tahun 2022 tentang Pelindungan Data Pribadi (“UU PDP”) telah disahkan pada bulan Oktober 2022 dan saat ini telah memasuki masa tenggang. Ketiadaan peraturan teknis / turunan membuat banyak organisasi masih ragu dalam menetapkan arah dan mengimplementasikan UU PDP sesuai dengan peraturan perundang-undangan yang berlaku. Salah satu aspek penting dalam UU PDP adalah terkait penunjukan Pejabat/Petugas yang melaksanakan fungsi Pelindungan Data Pribadi (PPDP) atau Data Protection Officer (DPO) seperti yang diamanatkan oleh UU PDP Pasal 53 dan 54.
Melalui Keputusan Menteri Ketenagakerjaan Republik Indonesia Nomor 103 Tahun 2023 tentang Penetapan Standar Kompetensi Kerja Nasional Indonesia Kategori Informasi dan Komunikasi Golongan Pokok Aktivitas Pemrograman, Konsultasi Komputer dan Kegiatan yang Berhubungan dengan Itu (YBDI) Bidang Keahlian Pelindungan Data Pribadi yang ditetapkan pada tanggal 23 Juni 2023, maka standar kompetensi PPDP/DPO telah sah untuk dapat dijadikan rujukan dalam menentukan kompetensi SDM, kebutuhan rekrutmen, pelatihan, dan sertifikasi terkait dengan Pelindungan Data Pribadi.
Ringkasan Standar Kompentensi / SKKNI Pelindungan Data Pribadi ini disusun untuk memudahkan masyarakat dalam memahami secara ringkas 4 Fungsi Kunci, 8 Fungsi Utama, dan 19 Fungsi Dasar yang telah disusun oleh Tim Perumus dan Kementerian Komunikasi dan Informatika Republik Indonesia, serta disahkan oleh Menteri Ketenagakerjaan Republik Indonesia. Semoga ringkasan SKKNI PDP ini dapat bermanfaat dan memberikan panduan secara ringkas tidak hanya perihal kompetensi PPDP/DPO, namun juga hal-hal yang dapat dilakukan oleh organisasi dalam menerapkan Program Pelindungan Data Pribadi.
Salam,
Eryk Budi Pratama, CIPM, CIPP/E, FIP
Chairman - Institute of Digital Trust Indonesia (IODTI)
Tim Perumus SKKNI Pelindungan Data Pribadi
Tim Perumus Rancangan Peraturan Pemerintah Pelindungan Data Pribadi (“RPP PDP”)
eryk@digitaltrustid.org
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...PECB
Key Data Privacy Roles Explained: Data Protection Officer, Information Security Manager, and Information Security Auditor
In this session, we will go through the roles and responsibilities of the main actors responsible for protecting data in an organization: the Data Protection Officer, Information Security Manager, and Information Security Auditor.
The webinar will cover:
• What are the roles and responsibilities of the main actors responsible for protecting data in an organization?
• How can an organization find out if they are required to designate a DPO role or not?
• Can the roles of a DPO and Information Security Manager be covered by the same individual?
• What organizations are required to do to have the DPO perform its role and responsivities independently?
Presenter:
Our first presenter for this webinar is Peter Geelen, director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Our second presenter is Stefan Mathuvis, owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy.
Recorded webinar: https://www.youtube.com/watch?v=Y0hnv1laxAw&feature=youtu.be
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
Everything you Need to Know about The Data Protection Officer Role HackerOne
Data privacy and security expert, Debra Farber, presents on the emerging role of the Data Protection Officer (DPO). When the EU's General Data Protection Regulation (GDPR) becomes enforceable on May 25, 2018, companies around the world who process the personal data of EU residents will be required by law to appoint an independent DPO who has specific responsibilities and data protection knowledge.
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
The Data Protection Act 2019, was enacted on November 8th, 2019, ushering a new era of accountability and responsibility with regard to processing of personal data and information. Naturally, there has been a resurrection of the chatter around data protection in increasingly data-driven social and economic settings. The question on everyone’s mind being what does this mean for me?
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
Presented at CDEF 16th Meetup at 18 August 2022.
Title:
Privacy-ready Data Protection Program Implementation
Topics:
- Why data protection is important
- Data Privacy Program Domain
- Operationalize Data Privacy Program
- Privacy-aligned Information Security Framework
- Roadmap to Protect Personal Data
- Privacy Management Technology
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
Presented at APTIKNAS (Indonesia ICT Business Association) DKI Jakarta regular webinar.
Title:Data Loss Prevention: Fundamental Concept in Enabling DLP System
2 July 2020
Ringkasan Standar Kompetensi Data Protection Officer | Agustus 2023 | IODTIEryk Budi Pratama
UU No 27 Tahun 2022 tentang Pelindungan Data Pribadi (“UU PDP”) telah disahkan pada bulan Oktober 2022 dan saat ini telah memasuki masa tenggang. Ketiadaan peraturan teknis / turunan membuat banyak organisasi masih ragu dalam menetapkan arah dan mengimplementasikan UU PDP sesuai dengan peraturan perundang-undangan yang berlaku. Salah satu aspek penting dalam UU PDP adalah terkait penunjukan Pejabat/Petugas yang melaksanakan fungsi Pelindungan Data Pribadi (PPDP) atau Data Protection Officer (DPO) seperti yang diamanatkan oleh UU PDP Pasal 53 dan 54.
Melalui Keputusan Menteri Ketenagakerjaan Republik Indonesia Nomor 103 Tahun 2023 tentang Penetapan Standar Kompetensi Kerja Nasional Indonesia Kategori Informasi dan Komunikasi Golongan Pokok Aktivitas Pemrograman, Konsultasi Komputer dan Kegiatan yang Berhubungan dengan Itu (YBDI) Bidang Keahlian Pelindungan Data Pribadi yang ditetapkan pada tanggal 23 Juni 2023, maka standar kompetensi PPDP/DPO telah sah untuk dapat dijadikan rujukan dalam menentukan kompetensi SDM, kebutuhan rekrutmen, pelatihan, dan sertifikasi terkait dengan Pelindungan Data Pribadi.
Ringkasan Standar Kompentensi / SKKNI Pelindungan Data Pribadi ini disusun untuk memudahkan masyarakat dalam memahami secara ringkas 4 Fungsi Kunci, 8 Fungsi Utama, dan 19 Fungsi Dasar yang telah disusun oleh Tim Perumus dan Kementerian Komunikasi dan Informatika Republik Indonesia, serta disahkan oleh Menteri Ketenagakerjaan Republik Indonesia. Semoga ringkasan SKKNI PDP ini dapat bermanfaat dan memberikan panduan secara ringkas tidak hanya perihal kompetensi PPDP/DPO, namun juga hal-hal yang dapat dilakukan oleh organisasi dalam menerapkan Program Pelindungan Data Pribadi.
Salam,
Eryk Budi Pratama, CIPM, CIPP/E, FIP
Chairman - Institute of Digital Trust Indonesia (IODTI)
Tim Perumus SKKNI Pelindungan Data Pribadi
Tim Perumus Rancangan Peraturan Pemerintah Pelindungan Data Pribadi (“RPP PDP”)
eryk@digitaltrustid.org
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...PECB
Key Data Privacy Roles Explained: Data Protection Officer, Information Security Manager, and Information Security Auditor
In this session, we will go through the roles and responsibilities of the main actors responsible for protecting data in an organization: the Data Protection Officer, Information Security Manager, and Information Security Auditor.
The webinar will cover:
• What are the roles and responsibilities of the main actors responsible for protecting data in an organization?
• How can an organization find out if they are required to designate a DPO role or not?
• Can the roles of a DPO and Information Security Manager be covered by the same individual?
• What organizations are required to do to have the DPO perform its role and responsivities independently?
Presenter:
Our first presenter for this webinar is Peter Geelen, director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Our second presenter is Stefan Mathuvis, owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy.
Recorded webinar: https://www.youtube.com/watch?v=Y0hnv1laxAw&feature=youtu.be
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
Symantec Data Loss Prevention. Las tendencias mundiales nos muestran que el mayor porcentaje de perdida y robo de datos responde a la falta de visibilidad y el error en el manejo de los mismos. Conozca como prevenirse.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
Making Data Classification Work for You - 18 Things to Consider When Choosing Data Classification Solutions.
For more information, please visit: http://www.secureislands.com/solutions-classification/
Privacy is the right to be left alone, or freedom from interference or intrusion. Due to advancement in technological innovation, information privacy is becoming more complex by the minute as more data is being collected and exchanged.
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Eryk Budi Pratama
Sosialisasi UU Pelindungan Data Pribadi untuk sektor kesehatan.
Webinar Serial TIK I-2022
Diselenggarakan oleh:
*INDOHCF - KREKI - IODTI - FORKOMTIKNAS - Z-COURSE*
TOPIK:
*Implikasi UU PDP (Perlindungan Data Pribadi) Terhadap Tata Kelola Data di Sektor Kesehatan*
Rancangan Undang - Undang (RUU) Perlindungan Data Pribadi (PDP) telah resmi disahkan menjadi Undang-Undang (UU) dalam Rapat Paripurna DPR RI pada tanggal 20 Sept 2022. Sambil menunggu peraturan pelaksanaannya, maka perlu lebih mencermati isi regulasi tsb dan mendiskusikan bagaimana implikasinya bagi sektor kesehatan baik Faskes, BPJS, Masyarakat dan stakeholder kesehatan lainnya
DATA LOSS PREVENTION ENSURES CRITICAL INFORMATION ARE KEPT SAFELY AT THE CORPORATE NETWORK AND HELPS ADMINISTRATOR CONTROL THE DATA WHAT
END-USERS WISH TO TRANSFER.
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
Presented on PHPID Online Learning 35.
Komunitas PHP Indonesia
Title: Enabling Data Governance - The Journey through Data Trust, Ethics, and Quality
Eryk B. Pratama
Global IT & Cybersecurity Advisor
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
The presentation provides the following:
- Symantec Corporate Overview
- Solution Portfolio of Symantec
- Symantec Data Loss Prevention - Introduction
- Symantec Data Loss Prevention - Components
- Symantec Data Loss Prevention - Features & Use Cases
- Symantec Data Loss Prevention - System Requirements
- Symantec Data Loss Prevention - Appendix (extra information)
This provides a brief overview of Symantec Data Loss Prevention (DLP). Please note all the information is based prior to May 2016 and the full integration of Blue Coat Systems's set of solutions.
GDPR and ISO 27001 - how to be compliantIlesh Dattani
being GDPR Compliant using a long-standing international standing and getting accreditation. Demonstrate GDPR Compliance. accreditation provides a means to demonstrate that you are in line with standard procedures and processes
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
Data Processing - data privacy and sensitive dataOpenAIRE
Data Processing - data privacy and sensitive data- Elli Papadopoulou (Librarian at Athena R.C. / OpenAIRE NOAD for Greece)
Presented : at OpenAIRE - EOSC-hub webinar “Data Privacy and Sensitive Data Services” https://www.openaire.eu/item/openaire-eosc-hub-webinar-data-privacy-and-sensitive-data-services https://www.openaire.eu/item/openaire-eosc-hub-webinar-data-privacy-and-sensitive-data-services
** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
OVERVIEW OF NIGERIA DATA PROTECTION ACT 2014UsmanMAmeer
This slide dive into Nigeria Data Protection Act 2014 to understand the right and roles of people that deals with Data, from Data Subject, Data Protection Officer to Data Compliance Officers.
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
Symantec Data Loss Prevention. Las tendencias mundiales nos muestran que el mayor porcentaje de perdida y robo de datos responde a la falta de visibilidad y el error en el manejo de los mismos. Conozca como prevenirse.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
Making Data Classification Work for You - 18 Things to Consider When Choosing Data Classification Solutions.
For more information, please visit: http://www.secureislands.com/solutions-classification/
Privacy is the right to be left alone, or freedom from interference or intrusion. Due to advancement in technological innovation, information privacy is becoming more complex by the minute as more data is being collected and exchanged.
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
Implikasi UU PDP terhadap Tata Kelola Data Sektor Kesehatan - Rangkuman UU Pe...Eryk Budi Pratama
Sosialisasi UU Pelindungan Data Pribadi untuk sektor kesehatan.
Webinar Serial TIK I-2022
Diselenggarakan oleh:
*INDOHCF - KREKI - IODTI - FORKOMTIKNAS - Z-COURSE*
TOPIK:
*Implikasi UU PDP (Perlindungan Data Pribadi) Terhadap Tata Kelola Data di Sektor Kesehatan*
Rancangan Undang - Undang (RUU) Perlindungan Data Pribadi (PDP) telah resmi disahkan menjadi Undang-Undang (UU) dalam Rapat Paripurna DPR RI pada tanggal 20 Sept 2022. Sambil menunggu peraturan pelaksanaannya, maka perlu lebih mencermati isi regulasi tsb dan mendiskusikan bagaimana implikasinya bagi sektor kesehatan baik Faskes, BPJS, Masyarakat dan stakeholder kesehatan lainnya
DATA LOSS PREVENTION ENSURES CRITICAL INFORMATION ARE KEPT SAFELY AT THE CORPORATE NETWORK AND HELPS ADMINISTRATOR CONTROL THE DATA WHAT
END-USERS WISH TO TRANSFER.
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
Presented on PHPID Online Learning 35.
Komunitas PHP Indonesia
Title: Enabling Data Governance - The Journey through Data Trust, Ethics, and Quality
Eryk B. Pratama
Global IT & Cybersecurity Advisor
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
The presentation provides the following:
- Symantec Corporate Overview
- Solution Portfolio of Symantec
- Symantec Data Loss Prevention - Introduction
- Symantec Data Loss Prevention - Components
- Symantec Data Loss Prevention - Features & Use Cases
- Symantec Data Loss Prevention - System Requirements
- Symantec Data Loss Prevention - Appendix (extra information)
This provides a brief overview of Symantec Data Loss Prevention (DLP). Please note all the information is based prior to May 2016 and the full integration of Blue Coat Systems's set of solutions.
GDPR and ISO 27001 - how to be compliantIlesh Dattani
being GDPR Compliant using a long-standing international standing and getting accreditation. Demonstrate GDPR Compliance. accreditation provides a means to demonstrate that you are in line with standard procedures and processes
With GDPR coming into effect, we can see a lot of changes in the privacy policies of companies doing business online. The presentation is a description of GDPR and its implications in India and worldwide. The main aim of the presentation is to identify the key issues of data privacy and the rights available to the consumer who's data is to be shared.
Data Processing - data privacy and sensitive dataOpenAIRE
Data Processing - data privacy and sensitive data- Elli Papadopoulou (Librarian at Athena R.C. / OpenAIRE NOAD for Greece)
Presented : at OpenAIRE - EOSC-hub webinar “Data Privacy and Sensitive Data Services” https://www.openaire.eu/item/openaire-eosc-hub-webinar-data-privacy-and-sensitive-data-services https://www.openaire.eu/item/openaire-eosc-hub-webinar-data-privacy-and-sensitive-data-services
** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
OVERVIEW OF NIGERIA DATA PROTECTION ACT 2014UsmanMAmeer
This slide dive into Nigeria Data Protection Act 2014 to understand the right and roles of people that deals with Data, from Data Subject, Data Protection Officer to Data Compliance Officers.
Unit 6 Privacy and Data Protection 8 hrTushar Rajput
Right to Privacy and its Legal Framework, The Concept of Privacy, National Legal
Framework for Protecting Privacy, International Legal Framework for Protecting Privacy, Privacy Related Wrongs and Remedies, Data Security, The Concept of Security in Cyberspace, Technological Vulnerabilities, Legal Response to Technological
Vulnerabilities, Security Audit (VA/PT), Data Protection, Data Protection Position in
India, Privacy Policy, Emerging Issues in Data Protection and Privacy, BPOs and
Legal Regime in India, Protect Kids' Privacy Online, Evolving Trends in Data Protection and Information Security
Data protection law in India is currently facing many problem and resentments due the absence of proper legislative framework. There is an ongoing explosion of cyber crimes on a global scale. The theft and sale of stolen data is happening across vast continents where physical boundaries pose no restriction or seem non-existent in this technological era. India being the largest host of outsourced data processing in the world could become the epicentre of cyber crimes this is mainly due absence of the appropriate legislation
Data Privacy Protection Competrency Guide by a Data SubjectJohn Macasio
Data Privacy Protection Competency Guide shares the belief that the valid, verifiable, and actionable demonstration of respect on the data privacy rights of a data subject, and that the privacy and security of personal information are protected, comes from open guidance that presents the share-able practice standards that guide the right content of understanding, decision, and work of data privacy law compliance.
The workplace view of data privacy risks, policy, organization, process, and documentation have to be easily and consistently created and improved with freely available knowledge on the rules and standards of practice.
The directly accountable and responsible in the personal data collection, retention, use, sharing, and disposal have to be engaged to experience the applicability of data privacy rules and standards in their filing system, automation program, and technology services.
Comparison between the mobile privacy principles and African Union convention on cybersecurity and personal data protection.
Focus on personal data protection
New opportunities and business risks with evolving privacy regulationsUlf Mattsson
In the shadow of the global pandemic and the associated economic downturn, organizations are focused on cost optimization, which often leads to impulsive decisions to deprioritize compliance with all nonrevenue programs.
Regulators have evolved to adapt with the notable increase in data subject complaints and are getting more serious about organizations that don’t properly protect consumer data. Marriott was hit with a $124 million fine while Equifax agreed to pay a minimum of $575 million for its breach. The US Federal Trade Commission, the US Consumer Financial Protection Bureau (CFPB), and all 50 U.S. states and territories sued over the company’s failure to take “reasonable steps” to secure its sensitive personal data.
Privacy and data protection are enforced by a growing number of regulations around the world and people are actively demanding privacy protection — and legislators are reacting. More than 60 countries have introduced privacy laws in response to citizens’ cry for transparency and control. By 2023, 65% of the world’s population will have its personal information covered under modern privacy regulations, up from 10% today, according to Gartner. There is a convergence of data privacy principles, standards and regulations on a common set of fundamental principles.
The opportunities to use data are growing exponentially, but so too are the business and financial risks as the number of data protection and privacy regulations grows internationally.
Join this webinar to learn more about:
- Trends in modern privacy regulations
- The impact on organizations to protect and use sensitive data
- Data privacy principles
- The impact of General Data Protection Regulation (GDPR) and data transfer between US and EU
- The evolving CCPA, the new PCI DSS version 4 and new international data privacy laws or regulations
- Data privacy best practices, use cases and how to control sensitive personal data throughout the data life cycle
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
How GDPR works : companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe
Does your organization take credit card information? Do you store personal information on your staff, clients or donors? Raffa can help you avoid the pitfalls and penalties that can come from storing these privacy related items in unsecured ways.
PCI DSS, the Payment Card Industry Data Security Standard is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment. This applies to essentially any merchant that has a Merchant ID (MID).
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information must ensure that all the required physical, network, and process security measures are in place and followed. This includes anyone who provides treatment, payment and operations in healthcare, and anyone with access to patient information and provides support in treatment, payment or operations.
principles of mobile privacy and policy guidelines .it also include regulatory framework and mobile applications privacy by design developmenet modules
General Data Protection Regulation (GDPR) tidal wave that has hit, are you ready? Is your organization prepared for the extensive privacy requirements GDPR puts forth for any organization handling EU Data Subjects' personal Data? At this point, organizations must have a complete inventory of personal data and have conducted a DPIA against it. A handful of supervisory authorities have issued compliance guidelines, but your organizations must be able to assess compliance with this ambiguous regulation at any time.
Many aspects of GDPR define the distinction between a data collector and a data processor, their respective responsibilities and compliance requirements. Those responsibilities will have an effect on the contracts you negotiate with third parties, the way in which you evaluate the risks involved with establishing a business relationship and the policies you develop to maintain compliance to the regulations.
Join this webinar to learn:
*More information about GDPR and what the industry is experiencing to date
*What minimum requirements you should have had in place by May 25, 2018
*What you should plan to do for the next 12-18 months if you are not completely ready
*What the SEC Privacy Shield program is and why you should self-certify
*How to continuously monitor vendor risk KPIs
Data Privacy: What you should know, what you should do!
CSMFO Data Privacy in the Governmental Sector, Local Government. Data Privacy Laws, PCI, Breaches, AICPA – Generally Accepted Privacy Principles
In 2020, the Ministry of Home Affairs established a committee led by Prof. (Dr.) Ranbir Singh, former Vice Chancellor of National Law University (NLU), Delhi. This committee was tasked with reviewing the three codes of criminal law. The primary objective of the committee was to propose comprehensive reforms to the country’s criminal laws in a manner that is both principled and effective.
The committee’s focus was on ensuring the safety and security of individuals, communities, and the nation as a whole. Throughout its deliberations, the committee aimed to uphold constitutional values such as justice, dignity, and the intrinsic value of each individual. Their goal was to recommend amendments to the criminal laws that align with these values and priorities.
Subsequently, in February, the committee successfully submitted its recommendations regarding amendments to the criminal law. These recommendations are intended to serve as a foundation for enhancing the current legal framework, promoting safety and security, and upholding the constitutional principles of justice, dignity, and the inherent worth of every individual.
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselThomas (Tom) Jasper
Military Commissions Trial Judiciary, Guantanamo Bay, Cuba. Notice of the Chief Defense Counsel's detailing of LtCol Thomas F. Jasper, Jr. USMC, as Detailed Defense Counsel for Abd Al Hadi Al-Iraqi on 6 August 2014 in the case of United States v. Hadi al Iraqi (10026)
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxanvithaav
These slides helps the student of international law to understand what is the nature of international law? and how international law was originated and developed?.
The slides was well structured along with the highlighted points for better understanding .
ALL EYES ON RAFAH BUT WHY Explain more.pdf46adnanshahzad
All eyes on Rafah: But why?. The Rafah border crossing, a crucial point between Egypt and the Gaza Strip, often finds itself at the center of global attention. As we explore the significance of Rafah, we’ll uncover why all eyes are on Rafah and the complexities surrounding this pivotal region.
INTRODUCTION
What makes Rafah so significant that it captures global attention? The phrase ‘All eyes are on Rafah’ resonates not just with those in the region but with people worldwide who recognize its strategic, humanitarian, and political importance. In this guide, we will delve into the factors that make Rafah a focal point for international interest, examining its historical context, humanitarian challenges, and political dimensions.
A "File Trademark" is a legal term referring to the registration of a unique symbol, logo, or name used to identify and distinguish products or services. This process provides legal protection, granting exclusive rights to the trademark owner, and helps prevent unauthorized use by competitors.
Visit Now: https://www.tumblr.com/trademark-quick/751620857551634432/ensure-legal-protection-file-your-trademark-with?source=share
WINDING UP of COMPANY, Modes of DissolutionKHURRAMWALI
Winding up, also known as liquidation, refers to the legal and financial process of dissolving a company. It involves ceasing operations, selling assets, settling debts, and ultimately removing the company from the official business registry.
Here's a breakdown of the key aspects of winding up:
Reasons for Winding Up:
Insolvency: This is the most common reason, where the company cannot pay its debts. Creditors may initiate a compulsory winding up to recover their dues.
Voluntary Closure: The owners may decide to close the company due to reasons like reaching business goals, facing losses, or merging with another company.
Deadlock: If shareholders or directors cannot agree on how to run the company, a court may order a winding up.
Types of Winding Up:
Voluntary Winding Up: This is initiated by the company's shareholders through a resolution passed by a majority vote. There are two main types:
Members' Voluntary Winding Up: The company is solvent (has enough assets to pay off its debts) and shareholders will receive any remaining assets after debts are settled.
Creditors' Voluntary Winding Up: The company is insolvent and creditors will be prioritized in receiving payment from the sale of assets.
Compulsory Winding Up: This is initiated by a court order, typically at the request of creditors, government agencies, or even by the company itself if it's insolvent.
Process of Winding Up:
Appointment of Liquidator: A qualified professional is appointed to oversee the winding-up process. They are responsible for selling assets, paying off debts, and distributing any remaining funds.
Cease Trading: The company stops its regular business operations.
Notification of Creditors: Creditors are informed about the winding up and invited to submit their claims.
Sale of Assets: The company's assets are sold to generate cash to pay off creditors.
Payment of Debts: Creditors are paid according to a set order of priority, with secured creditors receiving payment before unsecured creditors.
Distribution to Shareholders: If there are any remaining funds after all debts are settled, they are distributed to shareholders according to their ownership stake.
Dissolution: Once all claims are settled and distributions made, the company is officially dissolved and removed from the business register.
Impact of Winding Up:
Employees: Employees will likely lose their jobs during the winding-up process.
Creditors: Creditors may not recover their debts in full, especially if the company is insolvent.
Shareholders: Shareholders may not receive any payout if the company's debts exceed its assets.
Winding up is a complex legal and financial process that can have significant consequences for all parties involved. It's important to seek professional legal and financial advice when considering winding up a company.
3. Fully titled, “An Act Protecting Individual Personal Information
in Information and Communications Systems in the
Government and the Private Sector, Creating for this Purpose
a National Privacy Commission, and for Other Purposes” the
DPA aims to protect the fundamental human right of privacy,
of communication while ensuring the free flow of information
to promote innovation and growth.
Republic Act 10173 – Data Privacy Act of 2012
4. CHAPTER I – GENERAL PROVISIONS
SECTION 1. Short Title.
SECTION 2. Declaration of Policy.
SECTION 3. Definition of Terms.
SECTION 4. Scope.
SECTION 5. Protection Afforded to Journalists and Their Sources.
SECTION 6. Extraterritorial Application.
CHAPTER II – THE NATIONAL PRIVACY COMMISSION
SECTION 7. Functions of the National Privacy Commission.
SECTION 8. Confidentiality.
SECTION 9. Organizational Structure of the Commission.
SECTION 10. The Secretariat.
5. CHAPTER III – PROCESSING OF PERSONAL INFORMATION
SECTION 11. General Data Privacy Principles.
SECTION 12. Criteria for Lawful Processing of Personal Information.
SECTION 13. Sensitive Personal Information and Privileged Information.
SECTION 14. Subcontract of Personal Information.
SECTION 15. Extension of Privileged Communication.
CHAPTER IV – RIGHTS OF THE DATA SUBJECT
SECTION 16. Rights of the Data Subject.
SECTION 17. Transmissibility of Rights of the Data Subjects.
SECTION 18. Right to Data Portability.
SECTION 19. Non-Applicability.
CHAPTER V – SECURITY OF PERSONAL INFORMATION
SECTION 20. Security of Personal Information.
CHAPTER VI – ACCOUNTABILITY FOR TRANSFER OF PERSONAL INFORMATION
SECTION 21. Principle of Accountability.
CHAPTER VII – SECURITY OF SENSITIVE PERSONAL INFORMATION IN GOVERNMENT
SECTION 22. Responsibility of Heads of Agencies.
SECTION 23. Requirements Relating to Access by Agency Personnel to Sensitive Personal Information.
SECTION 24. Applicability to Government Contractors.
6. CHAPTER VIII – PENALTIES
SECTION 25. Unauthorized Processing of Personal Information and
Sensitive Personal Information.
SECTION 26. Accessing Personal Information and Sensitive Personal
Information Due to Negligence.
SECTION 27. Improper Disposal of Personal Information and Sensitive
Personal Information.
SECTION 28. Processing of Personal Information and Sensitive
Personal Information for Unauthorized Purposes.
SECTION 29. Unauthorized Access or Intentional Breach.
SECTION 30. Concealment of Security Breaches Involving Sensitive
Personal Information.
SECTION 31. Malicious Disclosure.
SECTION 32. Unauthorized Disclosure.
SECTION 33. Combination or Series of Acts.
SECTION 34. Extent of Liability.
SECTION 35. Large-Scale.
SECTION 36. Offense Committed by Public Officer.
SECTION 37. Restitution.
9. National Privacy Commission NPC
independent body mandated to implement the DPA
Personal information controller PIC
a natural or juridical person, or any other body who controls
the processing of personal data
Personal information processor PIP
a natural or juridical person, or any other body to whom a PIC
may outsource or instruct the processing of personal data
10. PI refers to any information from which the identity of an individual
is apparent or can be reasonably and directly ascertained, or when put
together with other information would directly and certainly identify an
individual
CRITERIA FOR LAWFUL PROCESSING OF PI
• Consent
• Contract with the individual
• Vital interests/Life & health
• Legal obligation
• National emergency / public order & safety, as prescribed by law
• Constitutional or statutory mandate of a public authority
• Legitimate interests of the PIC or third parties
11. • Race • Ethnic origin
• Marital status • Age
• Color • Religious, philosophical or political affiliations
• Health, education, genetic or sexual life
• Proceeding for any offense committed or alleged to have been committed by an
individual
• Government-issued IDs
• Those established by an executive order or an act of Congress to be kept classified
CRITERIA FOR LAWFUL PROCESSING OF SPI
• Consent • Existing laws & regulations
• Life & health • Processing by non-stock, non-profit orgs
• Medical treatment • Lawful rights & interests in court proceedings/legal claims
12.
13.
14.
15. STATEMENT OF PRIVACY COMMISSIONER JOHN HENRY NAGA
ON SELFIE VERIFICATION IN SIM CARD REGISTRATION
December 29, 2022 | 4:40 PM GMT+0800 Last Edit: December 29, 2022
In performing their responsibilities under the Subscriber Identity Module (SIM) Card
Registration Act, Public Telecommunications Entities (PTEs) are reminded of their obligation
to process our citizens’ personal data in accordance with the Data Privacy Act of 2012.
Thus, as an additional layer of protection against fraud and identity theft, the processing
involved in selfie verification should pass the general data privacy principles of transparency,
legitimate purpose, proportionality, and all other data privacy safeguards in the law.
Ensuring the privacy of our registrants is paramount to instilling trust in the full
implementation of the SIM Card Registration Act. This will be bolstered if PTEs can
guarantee that all the data in their possession are protected against misuse, unauthorized
processing, data breaches, and all other security incidents.
ATTY. JOHN HENRY D. NAGA
Privacy Commissioner
16. Malicious third parties may infiltrate data and documents
that you and your employees create, access, store, or share
across your organization. When third parties gain access to your
private information, you’re at risk of data loss, reputational
damage, and regulatory fines.
#1 Insufficient Data Privacy Plans
#2 Data Trading
#3 Location Tracking
#4 Dangers of Additional Devices
#5 Insufficient Standard Operating Procedures
#6 Data Hoarding
17. Data privacy issues can be addressed with various solutions, some of which we’ve already briefly explored.
These include:
Bolster data privacy plans – To protect your digital assets thoroughly, review your current procedures
and software, identify coverage gaps, and build a system that can scale as you create more data.
Monitor data trading – Prevent data trading by reducing the likelihood of third-party data access—
consider software-based solutions and internal procedures.
Disable location tracking – Disable location services on devices company-wide to prevent data leaks and
competitor access.
Reduce devices – Limit the number of devices that can access your data and restrict employee access to
company assets via personal devices.
Create sufficient SOPs – Determine the vulnerabilities in your internal procedures, create new SOPs, and
train your employees to follow them.
Avoid data hoarding – Perform regular purges of outdated digital documents, opting for hard copies in
secure storage when necessary.
18. Student privacy is not the most discussed topic on education boards and forums. Parents and students
themselves are taking action to protect their data and encourage all school communities to take this matter
more seriously.
While students are using school computers and networks for educational purposes, it can often leave their
data exposed to security risks. The educational system must include rules and regulations for proper
student data management. Avoiding personal data exploitation is essential in all school grades.
Digital devices and similar tools can enhance students’ experience during their educational journey.
However, the use of smart devices in classrooms and on school premises can have negative consequences.
While most teachers are concerned about students being distracted by phones and laptops, few think about
data privacy. Students are exposed to common security risks each time they log into school computers or
use the school’s public WiFi.
19. Principles for the Protection of Student Privacy
There are five crucial principles to improve student privacy protections in schools and allow parents to
control their children’s data. These principles include the following:
Transparency – According to this principle, parents must be notified if their child’s data is leaked or
exposed to any person or organization outside the school system. Each student data disclosure should be
properly labeled and announced.
No Commercial Uses – This principle ensures that the student’s data cannot be sold in any way or used
for marketing purposes. The students must not receive any advertising or targeted ads based on the data
revealed to the educational facility.
Security Protection – Educational facilities must implement security protocols to ensure full encryption
of all personal data as the minimum measure. These protection protocols must prioritize students’
personal data and passwords.
Parental Rights – The students’ parents must be allowed to see the school’s data collected from their
child. They also must have the right to delete it at any time or opt-out of further data collection.
Enforcement – Lastly, there should be laws that specify fines for schools and educational facilities that
fail to protect student’s data.
