2. @thedatabloke
@_AlexYates_
#SQLSatDenmark
Information Notice:
The information and opinions in this presentation are for general
information purposes only and not provided as part of any contract
or service. They are not intended to constitute legal or other
professional advice, and should not be relied on or treated as a
substitute for specific advice relevant to particular circumstances.
It is for each organisation to take its own decisions and its own
advice on GDPR and regulatory compliance more generally.
3. @thedatabloke
@_AlexYates_
#SQLSatDenmark
Founder of Look atYour Data
Passionate about GDPR
lookatyourdata.org
pete@lookatyourdata.com
Pete Moore
@thedatabloke
Founder of DLM Consultants
Microsoft Data Platform MVP
workingwithdevs.com
alex.yates@dlmconsultants.com
AlexYates
@_AlexYates_
4. @thedatabloke
@_AlexYates_
#SQLSatDenmark
Founder of Look atYour Data
Passionate about GDPR
lookatyourdata.org
pete@lookatyourdata.com
Pete Moore
@thedatabloke
Passionate about GDPR
Data Scientist
Who am I?
Background in recruitment IT
18. @thedatabloke
@_AlexYates_
#SQLSatDenmark
SIMPLY PUT
These are the changes
• Obligation on data quality, security, integrity & confidentiality
• Potential huge fines
• No implicit opt-in
• Breaches must be reported
• Extra-territorial EU law (Brexit does not matter)
19. @thedatabloke
@_AlexYates_
#SQLSatDenmark
Founder of DLM Consultants
Microsoft Data Platform MVP
workingwithdevs.com
alex.yates@dlmconsultants.com
AlexYates
@_AlexYates_
Passionate about DevOps
Database Lifecycle Management (DLM) Consultant
Who am I?
Helping clients improve processes since 2010
20. @thedatabloke
@_AlexYates_
#SQLSatDenmark
Founder of DLM Consultants
Microsoft Data Platform MVP
workingwithdevs.com
alex.yates@dlmconsultants.com
AlexYates
@_AlexYates_
Automation/change control/dev data
Clients
Why GDPR?
Dedicated databases
21. @thedatabloke
@_AlexYates_
#SQLSatDenmark
GDPR – Sorting fact from fiction
“Like the DPA, the GDPR gives us a suite of sanctions to help organisations comply – warnings,
reprimands, corrective orders. While these will not hit organisations in the pocket – their
reputations will suffer a significant blow.”
Elizabeth Denham, UK Information Commissioner
https://iconewsblog.org.uk/2017/08/09/gdpr-sorting-the-fact-from-the-fiction/
22. @thedatabloke
@_AlexYates_
#SQLSatDenmark
GDPR – Sorting fact from fiction
“Like the DPA, the GDPR gives us a suite of sanctions to help organisations comply – warnings,
reprimands, corrective orders. While these will not hit organisations in the pocket – their
reputations will suffer a significant blow.
And you can’t insure against that.”
Elizabeth Denham, UK Information Commissioner
https://iconewsblog.org.uk/2017/08/09/gdpr-sorting-the-fact-from-the-fiction/
36. @thedatabloke
@_AlexYates_
#SQLSatDenmark
Image sources
Author Source Information
wynpnt Pixabay Brexit Regrext European Union Europa - Pixabay. This file is licensed under the Creative Commons CC0 licence. Free for
commercial use, no attribution required.
https://commons.wikimedia.org/wiki/File:Catopsilia_pomona_(yellow)_and_Graphium_doson_(black_and_blue)_butterflie
s_mud-puddling_-_20100616.jpg
https://www.pexels.com/photo/blur-cars-chain-close-up-339814/
Editor's Notes
Implement appropriate technical and organisational measures that ensure and demonstrate that you comply. This may include internal data protection policies such as staff training, internal audits of processing activities, and reviews of internal HR policies.
Maintain relevant documentation on processing activities. Where appropriate, appoint a data protection officer. Implement measures that meet the principles of data protection by design and data protection by default. Measures could include:
Data minimisation “Data Minimisation is a principle that states that data collected and processed should not be held or further used unless this is essential for reasons that were clearly stated in advance to support data and privacy.”
Pseudonymisation;
Transparency;
Allowing individuals to monitor processing;
Creating and improving security features on an ongoing basis.
Different for orgs with more/less than 250 employees