Guidance on complying with the new EU GDPR regulation. A look at GDPR definitions, what it entails and a roadmap to start your journey on compliance as well as some handy WordPress GDPR links to plugins.
The document discusses key aspects of preparing for and complying with the EU General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018. It outlines some of the major changes and requirements introduced by the GDPR, including its expanded territorial reach, new obligations for data processors, strengthened consent requirements, increased penalties for non-compliance, and the role of supervisory authorities. The document emphasizes that organizations must conduct assessments, secure resources and budgets, and implement technologies and processes to ensure they have a defensible position and are prepared to address the challenges and opportunities created by the GDPR.
Do You Have a Roadmap for EU GDPR Compliance? ArticleUlf Mattsson
GDPR is Top Priority in US
Over half of US multinationals say GDPR is their top data- protection priority according to PWC. Of the 200 respondents, 54 % reported that GDPR readiness is the highest priority on their data-privacy and security agenda. Another 38% said GDPR is one of several top priorities, while only 7% said it isn’t a top priority.
Even though GDPR is a European Union regulation, it impacts any company with customers in that region. One of the first key tasks of the data management team should be to create awareness regarding the impact of GDPR on the business with all key stakeholders across the organization. In order to generate awareness, organizations need to have clearly defined documentation defining the policies, rules, requirements and the impact of non-compliance. Kim Brushaber will look at what is involved with GDPR, what you should be concerned with, and how to get the conversation started between the business and technical teams within your organization using ER/Studio.
Do You Have a Roadmap for EU GDPR Compliance?Ulf Mattsson
The General Data Protection Regulation (GDPR) goes into effect in 2018 and it will affect any business that handles data, even if it's not based in the European Union.Are you looking to move and host data for EU citizens? Do you have a roadmap and associated estimated costs for EU GDPR compliance?Join this webinar to learn:
• Case study and legal/regulatory impact to GDPR• Security Metrics• Oversight of third parties• How to measure cybersecurity preparedness
Presenters : Ulf Mattsson, David Morris, Ian West. and Khizar Sheikh
Date & Time : Aug 17 2017 5:00 pm
Timezone : United States - New York
Preparing for GDPR: What Every B2B Marketer Must KnowIntegrate
Considering the consequences of non-compliance (up to €20M/$24M or 4% worldwide annual revenue), this translates to a major problem for B2B marketers.
How can your team ensure its lead gen processes are GDPR-compliant without undermining demand generation performance?
View this deck to see how Julian Archer (Sr. Research Director, SiriusDecisions) and Scott Vaughan (CMO, Integrate) educate B2B marketers on: developing a comprehensive GDPR compliance strategy, putting your compliance strategy into action, and applying software to support your compliance measures.
To watch the on-demand version of the webinar, click here:
https://www.integrate.com/gdpr-compliance-b2b-marketing-webinar
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
This presentation covers what you as a business owner need to do in order to be ready and compliant for GDPR. It shows you all of the different lawful basis that you can use for processing personal data, so that you do not have to rely on consent.
This document is a presentation on GDPR given at the University of Dundee. It provides an overview of key GDPR concepts such as personal data, processing, lawful bases for processing including consent, and the principles of accountability. It discusses how GDPR compliance applies even when personal data from EU citizens is processed outside the EU. Examples are given of how services like Padlet, Peerwise and Teammates can be used in education in a GDPR-compliant way. The presentation emphasizes obtaining consent, anonymizing or obscuring personal data, and having alternatives for students who do not wish to provide personal data.
The document discusses key aspects of preparing for and complying with the EU General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018. It outlines some of the major changes and requirements introduced by the GDPR, including its expanded territorial reach, new obligations for data processors, strengthened consent requirements, increased penalties for non-compliance, and the role of supervisory authorities. The document emphasizes that organizations must conduct assessments, secure resources and budgets, and implement technologies and processes to ensure they have a defensible position and are prepared to address the challenges and opportunities created by the GDPR.
Do You Have a Roadmap for EU GDPR Compliance? ArticleUlf Mattsson
GDPR is Top Priority in US
Over half of US multinationals say GDPR is their top data- protection priority according to PWC. Of the 200 respondents, 54 % reported that GDPR readiness is the highest priority on their data-privacy and security agenda. Another 38% said GDPR is one of several top priorities, while only 7% said it isn’t a top priority.
Even though GDPR is a European Union regulation, it impacts any company with customers in that region. One of the first key tasks of the data management team should be to create awareness regarding the impact of GDPR on the business with all key stakeholders across the organization. In order to generate awareness, organizations need to have clearly defined documentation defining the policies, rules, requirements and the impact of non-compliance. Kim Brushaber will look at what is involved with GDPR, what you should be concerned with, and how to get the conversation started between the business and technical teams within your organization using ER/Studio.
Do You Have a Roadmap for EU GDPR Compliance?Ulf Mattsson
The General Data Protection Regulation (GDPR) goes into effect in 2018 and it will affect any business that handles data, even if it's not based in the European Union.Are you looking to move and host data for EU citizens? Do you have a roadmap and associated estimated costs for EU GDPR compliance?Join this webinar to learn:
• Case study and legal/regulatory impact to GDPR• Security Metrics• Oversight of third parties• How to measure cybersecurity preparedness
Presenters : Ulf Mattsson, David Morris, Ian West. and Khizar Sheikh
Date & Time : Aug 17 2017 5:00 pm
Timezone : United States - New York
Preparing for GDPR: What Every B2B Marketer Must KnowIntegrate
Considering the consequences of non-compliance (up to €20M/$24M or 4% worldwide annual revenue), this translates to a major problem for B2B marketers.
How can your team ensure its lead gen processes are GDPR-compliant without undermining demand generation performance?
View this deck to see how Julian Archer (Sr. Research Director, SiriusDecisions) and Scott Vaughan (CMO, Integrate) educate B2B marketers on: developing a comprehensive GDPR compliance strategy, putting your compliance strategy into action, and applying software to support your compliance measures.
To watch the on-demand version of the webinar, click here:
https://www.integrate.com/gdpr-compliance-b2b-marketing-webinar
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
This presentation covers what you as a business owner need to do in order to be ready and compliant for GDPR. It shows you all of the different lawful basis that you can use for processing personal data, so that you do not have to rely on consent.
This document is a presentation on GDPR given at the University of Dundee. It provides an overview of key GDPR concepts such as personal data, processing, lawful bases for processing including consent, and the principles of accountability. It discusses how GDPR compliance applies even when personal data from EU citizens is processed outside the EU. Examples are given of how services like Padlet, Peerwise and Teammates can be used in education in a GDPR-compliant way. The presentation emphasizes obtaining consent, anonymizing or obscuring personal data, and having alternatives for students who do not wish to provide personal data.
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018.
The European General Data Protection Regulation, better known as GDPR, will take effect on May 25, 2018. When it does, every business, organization, or government agency that collects information on European Union (EU) citizens (in other words, just about everyone) will be forced to radically change how it manages customer data and security. If you don’t, the cost of noncompliance is significant: fines can reach up to €20M ($23.5M) or 4 percent of annual sales, whichever is higher.
The document discusses preparing organizations for compliance with the EU General Data Protection Regulation (GDPR). It provides an overview of key GDPR requirements, such as obtaining consent for personal data use, implementing privacy by design, and responding to data breaches. The document recommends developing a GDPR action plan that includes conducting privacy impact assessments and audits. Overall, the summary emphasizes the need for organizations to understand how they use personal data and ensure they can meet GDPR requirements for data protection.
The document discusses the growth of the internet of things and connected devices. It notes that by 2018, digital business will require fewer workers but more digital jobs, and the cost of business operations will be reduced by 30% through automation. It also discusses new technologies like smart homes, wearables, and connected medical devices. However, the widespread connectivity of devices introduces new security threats, as many devices have poor security and collect personal data without encryption. The document calls for more robust security measures to protect the growing internet of things.
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
This document provides an overview of the General Data Protection Regulation (GDPR) and how Windows 10 can help organizations comply with it. It begins with background on the GDPR, including its key implications like enhanced privacy rights for EU citizens and mandatory breach reporting. It defines personal and sensitive data under the GDPR. The document then outlines the key steps for an organization's GDPR compliance journey and describes various security and privacy capabilities in Windows 10 that can help with compliance, such as threat protection, identity protection, and information protection features. It concludes by providing Windows 10 resources to help organizations meet GDPR requirements.
Ensuring GDPR Compliance - A Zymplify GuideZymplify
The GDPR will come into force on 25 May 2018 and will change data protection laws across the EU. Organisations can face heavy fines if they are found to be in breach of the GDPR, so take a look at Zymplify's guide to the most important parts of the regulation. Act now to get ready for the GDPR. Book a Demo with Zymplify - http://d36.co/12vWD
The European Union’s General Data Protection Regulation David Sayce
Introduction to GDPR
New data protection laws for 25 May 2018
Europe's data protection rules will undergo their biggest changes in two decades. Since they were created in the 90s, the amount of digital information we create, capture, and store has vastly increased. Simply put, the old regime was no longer fit for purpose.
The solution is the mutually agreed European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. It will change how businesses and public sector organisations can handle the information of customer
The document provides an overview of an upcoming presentation on the General Data Protection Regulation (GDPR). It begins with introductions and disclaimers from the presenter and VMware. It then outlines the areas that will be covered in the 30 minute presentation, including timeframes for GDPR compliance, key changes from the previous Data Protection Directive, myths about GDPR requirements, potential fines, and VMware products that can help with GDPR compliance.
The document provides guidance to companies on becoming compliant with the General Data Protection Regulation (GDPR). It explains what GDPR is and how it strengthens data protection rules in the EU. It then outlines the key changes under GDPR and presents a process flow for how a company can achieve compliance, including awareness campaigns, assessing risks and current state, implementing changes, updating policies and notices, and ongoing training. It identifies areas companies should analyze like marketing, IT, legal, and provides questions they should ask to validate compliance. The deadline for compliance is May 25, 2018.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
The document discusses the General Data Protection Regulation (GDPR) which regulates how companies handle personal data of EU citizens. It provides an overview of GDPR including key events leading to its adoption and how it strengthens data protection rights. It highlights some notable differences between GDPR and the previous UK Data Protection Act. The document also outlines an approach for companies to become GDPR compliant including conducting a data assessment, updating policies and processes, and appointing a data protection officer if needed. It notes both the penalties for non-compliance and opportunities that GDPR presents organizations.
GDPR Basics - General Data Protection RegulationVicky Dallas
The General Data Protection Regulation (GDPR) is a new EU privacy law that strengthens and unifies data protection for individuals within the European Union. It aims to give EU citizens more control over their personal data and to simplify regulations for international businesses. Key aspects of the GDPR include individuals having the right to access, correct and delete their personal data. It also introduces strict rules on obtaining consent and heightened requirements for companies to protect customer data. The GDPR will be enforced beginning May 25, 2018.
Charity Law Updates for 2018: Making the Most of ChangeIBB Law
January 2018 welcomes the Kingston Smith and IBB Solicitors annual charities update to bring you up to speed with the legal and regulatory developments in the Charity Sector.
For advice on developments in the Charity Sector please see:
https://www.ibblaw.co.uk/sector/charities
For charity law experts see:
https://www.ibblaw.co.uk/service/charities
Rosie Brass, senior solicitor in the Charities team at IBB, will provide an overview of the legal framework for the GDPR. Then Dan Fletcher, Director (Fundraising), at Kingston Smith, will guide attendees on how to make the most of the GDPR and use the changes to improve their data management. Dan will also discuss practical ways to use the changes to improve fundraising and marketing for the better. For more information on GDPR please see: https://www.ibblaw.co.uk/insights/blog/are-you-ready-general-data-protection-regulation
In the second half of the seminar, Mahmood Ramji and Luke Holt from the Kingston Smith Charities team will provide an update on accounting, including looking at the recent SORP information sheet and the expected future timeline for new SORP iterations, followed by an overview of another 2017 hot topic - charity fraud, including cybercrime. Mahmood will also share details of the most pertinent areas we have been discussing with our clients during 2017. Looking forward into 2018, Luke will highlight the main points from the Lords Select Committee on Charities and how the sector may adapt as a result. Following the release of the third edition of the Charity Governance Code, Luke will also discuss the main areas of consideration and significant changes from previous versions. They will then conclude with a look at the new CC32 Independent Examination guidance and its key amendments.
The last part of the presentation will be provided by Paul Ridout, who heads the IBB Charities practice and will talk briefly about some recent regulatory action by the Charity Commission, including the deployment of some of the new powers brought in by the Charities (Protection and Social Investment) Act 2016. He will also address the tricky issue of serious incident reporting, in the light of the Commission’s recent changes to its guidance to trustees about what needs to be reported, and when.
GDPR Data Subject Rights - What You Need to KnowPiwik PRO
The General Data Protection Regulation (GDPR) comes into effect on May 25th 2018 and introduces a list of data subjects’ rights to protect internet users. Learn how data controllers can ensure these rights and avoid severe fines.
The infographic was created by the experts from Piwik PRO.
A simple, beautiful guide to understanding GDPR (General Data Protection Regulation).
All businesses in the UK and EU need to comply with GDPR by the 25th of May 2018 or risk hefty fines.
Use this free, visual guide to understand how you need to comply.
We'll be looking at what your customers' rights are, privacy by design, breach notifications, data security and more.
Finally, we'll give you a GDPR action checklist so you can take right steps to comply with the legislation in time.
How GDPR works : companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe
The engaging white paper delivers the core facts you need to understand the fundamental nature of the GDPR regulations and what it means for your business and the management of its data.
The document provides an overview of data protection and the General Data Protection Regulation (GDPR). It discusses key principles of data protection law including definitions of personal data, data controllers, processors, and the rights of data subjects. It outlines obligations around obtaining and processing personal data lawfully and with consent. The GDPR introduces stricter rules around security, breach notification, rights of individuals, and increased fines for non-compliance. Businesses need to audit their data practices, put appropriate security measures in place, and may need to appoint a data protection officer to comply with the new regulation.
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
We will discuss the Evolving International Privacy Regulations. Cross Border Data Transfer for GDPR under Schrems II is now ruled by an EU court that defined what is required. This ruling can be far reaching for many businesses.
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data.The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-eu-general-data-protection-regulation-planning-implementation-and-compliance-2021/
The document discusses the General Data Protection Regulation (GDPR) which will take effect in May 2018. It provides an overview of what GDPR is, how it differs from previous data protection laws, and some of the key things companies need to do to comply, such as obtaining consent, implementing privacy notices and data breach procedures, honoring deletion and access requests, and addressing automated decision making and profiling. The document emphasizes that GDPR provides both opportunities and risks for companies, so compliance is important.
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018.
The European General Data Protection Regulation, better known as GDPR, will take effect on May 25, 2018. When it does, every business, organization, or government agency that collects information on European Union (EU) citizens (in other words, just about everyone) will be forced to radically change how it manages customer data and security. If you don’t, the cost of noncompliance is significant: fines can reach up to €20M ($23.5M) or 4 percent of annual sales, whichever is higher.
The document discusses preparing organizations for compliance with the EU General Data Protection Regulation (GDPR). It provides an overview of key GDPR requirements, such as obtaining consent for personal data use, implementing privacy by design, and responding to data breaches. The document recommends developing a GDPR action plan that includes conducting privacy impact assessments and audits. Overall, the summary emphasizes the need for organizations to understand how they use personal data and ensure they can meet GDPR requirements for data protection.
The document discusses the growth of the internet of things and connected devices. It notes that by 2018, digital business will require fewer workers but more digital jobs, and the cost of business operations will be reduced by 30% through automation. It also discusses new technologies like smart homes, wearables, and connected medical devices. However, the widespread connectivity of devices introduces new security threats, as many devices have poor security and collect personal data without encryption. The document calls for more robust security measures to protect the growing internet of things.
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
This document provides an overview of the General Data Protection Regulation (GDPR) and how Windows 10 can help organizations comply with it. It begins with background on the GDPR, including its key implications like enhanced privacy rights for EU citizens and mandatory breach reporting. It defines personal and sensitive data under the GDPR. The document then outlines the key steps for an organization's GDPR compliance journey and describes various security and privacy capabilities in Windows 10 that can help with compliance, such as threat protection, identity protection, and information protection features. It concludes by providing Windows 10 resources to help organizations meet GDPR requirements.
Ensuring GDPR Compliance - A Zymplify GuideZymplify
The GDPR will come into force on 25 May 2018 and will change data protection laws across the EU. Organisations can face heavy fines if they are found to be in breach of the GDPR, so take a look at Zymplify's guide to the most important parts of the regulation. Act now to get ready for the GDPR. Book a Demo with Zymplify - http://d36.co/12vWD
The European Union’s General Data Protection Regulation David Sayce
Introduction to GDPR
New data protection laws for 25 May 2018
Europe's data protection rules will undergo their biggest changes in two decades. Since they were created in the 90s, the amount of digital information we create, capture, and store has vastly increased. Simply put, the old regime was no longer fit for purpose.
The solution is the mutually agreed European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. It will change how businesses and public sector organisations can handle the information of customer
The document provides an overview of an upcoming presentation on the General Data Protection Regulation (GDPR). It begins with introductions and disclaimers from the presenter and VMware. It then outlines the areas that will be covered in the 30 minute presentation, including timeframes for GDPR compliance, key changes from the previous Data Protection Directive, myths about GDPR requirements, potential fines, and VMware products that can help with GDPR compliance.
The document provides guidance to companies on becoming compliant with the General Data Protection Regulation (GDPR). It explains what GDPR is and how it strengthens data protection rules in the EU. It then outlines the key changes under GDPR and presents a process flow for how a company can achieve compliance, including awareness campaigns, assessing risks and current state, implementing changes, updating policies and notices, and ongoing training. It identifies areas companies should analyze like marketing, IT, legal, and provides questions they should ask to validate compliance. The deadline for compliance is May 25, 2018.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
The document discusses the General Data Protection Regulation (GDPR) which regulates how companies handle personal data of EU citizens. It provides an overview of GDPR including key events leading to its adoption and how it strengthens data protection rights. It highlights some notable differences between GDPR and the previous UK Data Protection Act. The document also outlines an approach for companies to become GDPR compliant including conducting a data assessment, updating policies and processes, and appointing a data protection officer if needed. It notes both the penalties for non-compliance and opportunities that GDPR presents organizations.
GDPR Basics - General Data Protection RegulationVicky Dallas
The General Data Protection Regulation (GDPR) is a new EU privacy law that strengthens and unifies data protection for individuals within the European Union. It aims to give EU citizens more control over their personal data and to simplify regulations for international businesses. Key aspects of the GDPR include individuals having the right to access, correct and delete their personal data. It also introduces strict rules on obtaining consent and heightened requirements for companies to protect customer data. The GDPR will be enforced beginning May 25, 2018.
Charity Law Updates for 2018: Making the Most of ChangeIBB Law
January 2018 welcomes the Kingston Smith and IBB Solicitors annual charities update to bring you up to speed with the legal and regulatory developments in the Charity Sector.
For advice on developments in the Charity Sector please see:
https://www.ibblaw.co.uk/sector/charities
For charity law experts see:
https://www.ibblaw.co.uk/service/charities
Rosie Brass, senior solicitor in the Charities team at IBB, will provide an overview of the legal framework for the GDPR. Then Dan Fletcher, Director (Fundraising), at Kingston Smith, will guide attendees on how to make the most of the GDPR and use the changes to improve their data management. Dan will also discuss practical ways to use the changes to improve fundraising and marketing for the better. For more information on GDPR please see: https://www.ibblaw.co.uk/insights/blog/are-you-ready-general-data-protection-regulation
In the second half of the seminar, Mahmood Ramji and Luke Holt from the Kingston Smith Charities team will provide an update on accounting, including looking at the recent SORP information sheet and the expected future timeline for new SORP iterations, followed by an overview of another 2017 hot topic - charity fraud, including cybercrime. Mahmood will also share details of the most pertinent areas we have been discussing with our clients during 2017. Looking forward into 2018, Luke will highlight the main points from the Lords Select Committee on Charities and how the sector may adapt as a result. Following the release of the third edition of the Charity Governance Code, Luke will also discuss the main areas of consideration and significant changes from previous versions. They will then conclude with a look at the new CC32 Independent Examination guidance and its key amendments.
The last part of the presentation will be provided by Paul Ridout, who heads the IBB Charities practice and will talk briefly about some recent regulatory action by the Charity Commission, including the deployment of some of the new powers brought in by the Charities (Protection and Social Investment) Act 2016. He will also address the tricky issue of serious incident reporting, in the light of the Commission’s recent changes to its guidance to trustees about what needs to be reported, and when.
GDPR Data Subject Rights - What You Need to KnowPiwik PRO
The General Data Protection Regulation (GDPR) comes into effect on May 25th 2018 and introduces a list of data subjects’ rights to protect internet users. Learn how data controllers can ensure these rights and avoid severe fines.
The infographic was created by the experts from Piwik PRO.
A simple, beautiful guide to understanding GDPR (General Data Protection Regulation).
All businesses in the UK and EU need to comply with GDPR by the 25th of May 2018 or risk hefty fines.
Use this free, visual guide to understand how you need to comply.
We'll be looking at what your customers' rights are, privacy by design, breach notifications, data security and more.
Finally, we'll give you a GDPR action checklist so you can take right steps to comply with the legislation in time.
How GDPR works : companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe
The engaging white paper delivers the core facts you need to understand the fundamental nature of the GDPR regulations and what it means for your business and the management of its data.
The document provides an overview of data protection and the General Data Protection Regulation (GDPR). It discusses key principles of data protection law including definitions of personal data, data controllers, processors, and the rights of data subjects. It outlines obligations around obtaining and processing personal data lawfully and with consent. The GDPR introduces stricter rules around security, breach notification, rights of individuals, and increased fines for non-compliance. Businesses need to audit their data practices, put appropriate security measures in place, and may need to appoint a data protection officer to comply with the new regulation.
Evolving international privacy regulations and cross border data transfer - g...Ulf Mattsson
We will discuss the Evolving International Privacy Regulations. Cross Border Data Transfer for GDPR under Schrems II is now ruled by an EU court that defined what is required. This ruling can be far reaching for many businesses.
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data.The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-eu-general-data-protection-regulation-planning-implementation-and-compliance-2021/
The document discusses the General Data Protection Regulation (GDPR) which will take effect in May 2018. It provides an overview of what GDPR is, how it differs from previous data protection laws, and some of the key things companies need to do to comply, such as obtaining consent, implementing privacy notices and data breach procedures, honoring deletion and access requests, and addressing automated decision making and profiling. The document emphasizes that GDPR provides both opportunities and risks for companies, so compliance is important.
Introduction to EU General Data Protection Regulation: Planning, Implementat...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data. The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
1) The new GDPR laws taking effect in May 2018 will give users more control over their personal data and require businesses to be more transparent in how they collect and use personal data.
2) All businesses that collect any personal data, whether small or large, will need to be compliant with GDPR by May 25, 2018. Non-compliance can result in fines of up to 20 million euros or 4% of global turnover.
3) Businesses need to audit what personal data they hold, where it was collected from, who they share it with, obtain user consent for data use, update their privacy policies and marketing practices, and be prepared to respond to data breaches within 72 hours to be compliant with
The Countdown is on: Key Things to Know About the GDPRCase IQ
The EU’s General Data Protection Regulation (GDPR) comes into effect on May 25th. This powerful legislation strengthens data privacy laws in Europe and has implications for companies all over the world that store, process or transfer the information of the EU’s citizens.
Failure to comply with the regulation can expose a company to fines based on global revenue and reputation damage, yet many companies are struggling to comply in time.
Join information security expert and CEO/Founder of AsTech Consulting, Greg Reber, as he walks participants through a plan for GDPR compliance.
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
The General Data Protection Regulation is the biggest change to the law on data in years. This webinar features Vicky Brown, Deputy General Counsel at WPP, and Paul King, Head of Data at OgilvyOne discussing what it is, why it matters and what companies are doing.
This document discusses the General Data Protection Regulation (GDPR) and its implications for WordPress sites. Some key points:
- GDPR strengthens and expands the data protection rights of EU individuals and applies to any company processing EU residents' personal data, regardless of location.
- It introduces strict rules around consent, data breaches, and new individual rights like the "right to be forgotten." Non-compliance can result in fines of up to 20 million Euros.
- WordPress core has implemented changes like comment consent checks and data export/erasure features to help sites comply. However, plugins and privacy policies may also need updates, and proper data collection, storage, and use practices should be reviewed
This document discusses preparations for the General Data Protection Regulation (GDPR) which takes effect in May 2018. It begins by outlining how GDPR compliance was previously viewed, with most companies believing they were unprepared. It then discusses key aspects of GDPR including higher fines, strengthened consent requirements, privacy by design, mandatory breach reporting, expanded obligations for processors, and mandatory data protection officers. Finally, it provides recommendations for steps companies can take to prepare such as forming a steering group, training, conducting data discovery and impact assessments, updating policies, and creating breach response plans. The overall message is that early preparation is important to avoid noncompliance under the new, stricter GDPR requirements.
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
This eBook outlines the role marketers and analysts play in helping their companies:
- Govern all existing web and app technologies
- Collect, store and analyze data properly
- Ensure ethical marketing and analytics practices
The document discusses preparations for the General Data Protection Regulation (GDPR) which takes effect in May 2018. It provides an overview of key GDPR requirements such as conducting privacy impact assessments, obtaining explicit consent, data breach notification, and appointing a Data Protection Officer. The presentation recommends organizations undertake a data discovery and gap analysis to assess compliance needs. Penalties for non-compliance under GDPR are also highlighted.
General Data Protection Regulation (GDPR). Emerging-data privacy law set out by the EU, and it’s going to be enforceable from May 25th, 2018. GDPR consists of a long list of regulations for the handling of consumer data.
Data Quality-Driven GDPR: Compliance with ConfidencePrecisely
View this webcast on-demand for key insights on how data quality can help you achieve GDPR compliance with confidence.
In May 2018, the General Data Protection Regulation (GDPR) will take effect, mandating strict new personal data protections to be observed by all organizations operating within the European Union (including the UK), as well as organizations anywhere in the world that holds and processes data on EU/UK residents. Noncompliance can lead to severe financial penalties.
Organizations will also have to prove their GDPR compliance, including documenting what data processing was performed and ensuring it was done correctly. But how can you know that your customer and other personal data are being processed accurately and completely, as intended?
In this webcast, you’ll learn:
• Key requirements of GDPR and potential risks to their organizations
• The critical role of Data Quality in GDPR compliance
• How to address data-related GDPR challenges through a practical, structured approach
This document provides an overview of the General Data Protection Regulation (GDPR) for employees. It defines personal data and special categories of personal data. It outlines the key rights of individuals, including rights to access, rectification, erasure, and objection. It discusses lawful processing of personal data and consequences for non-compliance such as fines. It provides examples of data breaches and emphasizes the importance of following the company's data protection policies and procedures.
The document provides an overview of ethics, legislation, and privacy issues related to big data. It discusses the necessity of regulating big data and the differences between privacy and data protection. It also provides details on the General Data Protection Regulation (GDPR), including its goals, requirements for companies, and individual rights it aims to protect.
The document discusses requirements and challenges around complying with the General Data Protection Regulation (GDPR). It provides an overview of GDPR, how it will apply, relevant technology for compliance including redaction and pseudonymization, and 5 use cases where GDPR intersects with eDiscovery. Text mining technology can help identify personal data for redaction or anonymization to ensure data can be safely transferred. Pseudonymization is encouraged under GDPR to protect personal data.
Fully understand how GDPR affects the life of millions of EU citizens by having in mind the 10 simple facts exposed by Dr. Karsten Kinast
The presentation gives a short glimpse in to the motivation of GDPR, the key changes it brings, and the ongoing compliance on information lifecycle it presumes.
The document provides an overview of the General Data Protection Regulation (GDPR) for marketers. It discusses that GDPR was created to protect the privacy of EU citizens by giving them control over their personal data. Key points include that explicit consent is now required, individuals have the right to access and delete their data, and non-compliance can result in large fines. The document outlines specific considerations for marketers regarding areas like consent, data management, advertising, and event marketing to help ensure compliance with GDPR.
Similar to GDPR - General Data Protection Regulation (20)
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
Discover the benefits of outsourcing SEO to Indiadavidjhones387
"Discover the benefits of outsourcing SEO to India! From cost-effective services and expert professionals to round-the-clock work advantages, learn how your business can achieve digital success with Indian SEO solutions.
HijackLoader Evolution: Interactive Process HollowingDonato Onofri
CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion techniques to enhance the complexity of the threat. HijackLoader, an increasingly popular tool among adversaries for deploying additional payloads and tooling, continues to evolve as its developers experiment and enhance its capabilities.
In their analysis of a recent HijackLoader sample, CrowdStrike researchers discovered new techniques designed to increase the defense evasion capabilities of the loader. The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe. This new approach, called "Interactive Process Hollowing", has the potential to make defense evasion stealthier.
Ready to Unlock the Power of Blockchain!Toptal Tech
Imagine a world where data flows freely, yet remains secure. A world where trust is built into the fabric of every transaction. This is the promise of blockchain, a revolutionary technology poised to reshape our digital landscape.
Toptal Tech is at the forefront of this innovation, connecting you with the brightest minds in blockchain development. Together, we can unlock the potential of this transformative technology, building a future of transparency, security, and endless possibilities.
2. General Data Protection Regulation
Privacy law from European Commission protecting
rights of all EU citizens (28 member states) and
their personal data.
Approved April 2016.
Becomes effective May 25, 2018.
@DeveloperWil #wpsyd
3. Replaces 95/46/EC Directive of Data Protection
(1995) and is more extensive than 2011 Cookie
Law which is being replaced by EU ePrivacy
Regulation (EUePR/EUPR) soon after May 2018.
GDPR and EUPR will compliment each other.
Ref: GDPR Regulation and official PDF
@DeveloperWil #wpsyd
4. Probably the biggest shake up and most
important change in data privacy in the
last 20 years.
This is a BIG DEAL
@DeveloperWil #wpsyd
5. The EU GDPR is a law.
Use the information here as guidance.
Seek your own legal advice for modifying your
business operating policies and procedures.
@DeveloperWil #wpsyd
6. Facebook and Google already hit with $8.8 billion
in lawsuits on day one of GDPR.
“.. accusing the companies of coercing users into
sharing personal data.”
Ref: https://www.theverge.com/2018/5/25/17393766/facebook-
google-gdpr-lawsuit-max-schrems-europe
@DeveloperWil #wpsyd
7. Designed to protect the rights of EU citizens
Essentially impacts everyone with web access
unless you
– Actively block all 28 EU states IP addresses
Highly Impractical
– Actively track and block all EU citizens on the web
Highly Ilegal …unless you work for the NSA :-P
@DeveloperWil #wpsyd
8. “I am an Australian citizen with a WordPress
website – does GDPR affect me?”
Most likely yes it does.
1. If any EU citizen can interact with your website
2. Have establishment in the EU
3. Offer Goods and Services to EU
– EU language translation, offer shipping to an EU
state, using AdWords targeting EU audience
@DeveloperWil #wpsyd
9. • WP community site allowing users to create a
user profile (login); name, email, website
• An eCommerce (WooCommerce, EDD) store that
sells products; virtual = email, physical = address
• WP site that uses analytics software (Google
Analytics, Gtmetrix); IP address, cookies
• WP blog with newsletter subscription and
comments; name, email, IP address
• Firewall plugins; IP address (hacker unlikely to sue!)
@DeveloperWil #wpsyd
10. Data Controller
A business that controls personal data. If you have
collected and now possess personal data, and you
determine how that data is now dealt with
(including giving it to a 3rd party), you are likely
considered a controller under the regulations.
e.g. You, CRM systems, Facebook/Google
@DeveloperWil #wpsyd
11. Data Processor
A 3rd party company that you might give your data
to, who will use or manipulate your data in some
way.
e.g. Mailchimp, Campaign Monitor, Stripe, Paypal
@DeveloperWil #wpsyd
12. Consent
• Freely given: can I refuse/rescind my consent?
• Specific: what is my data being collected for?
• Informed: what are my rights?
• Unambiguous: how is my data being used?
• Statement or clear affirmative action
– Silence, pre-ticked checkbox or inaction does not
equal consent
@DeveloperWil #wpsyd
13. Establishment in the EU
Where you have any real and effective activity, no
matter if it is minimal or substantial, through a
stable arrangement in the EU, you are likely to be
‘established’ under the regulations.
e.g. permanent representation (a person), office.
@DeveloperWil #wpsyd
14. Processing
Any operation which is performed on personal
data, whether or not by automated means, such
as collection, recording, organisation, structuring,
storage, adaptation or alteration, retrieval,
consultation, use, disclosure by transmission,
dissemination or otherwise making available,
alignment or combination, restriction, erasure or
destruction;
@DeveloperWil #wpsyd
15. Data Protection Officer (DPO)
A data protection officer (DPO) is an enterprise
security leadership role required by the GDPR.
Data protection officers are responsible for
overseeing data protection strategy and
implementation to ensure compliance with GDPR.
@DeveloperWil #wpsyd
16. Applies to personal data (Art. 4)
Personally identifiable data (of a natural person –
think a Human Being), identified directly or
indirectly;
name, ID #, location, physical, psychological,
genetic, mental, economic, cultural or social
identity.
@DeveloperWil #wpsyd
17. Applies to any sensitive data (Art. 9)
Processing is prohibited for personal data
revealing racial or ethnic origin, political opinions,
religious or philosophical beliefs, trade union
membership, genetic data, biometric data, health
data, data concerning person’s sex life or sexual
orientation.
Exclusions apply; legal, medical, national security ..
@DeveloperWil #wpsyd
18. Requires that consent is given (Art. 7)
People must be given a true voluntary choice
whether or not they consent to give you their
data.
Need to add checkbox to all data collection forms
[✔]* I give consent to store and process my data
* = required
@DeveloperWil #wpsyd
19. Gives right to be forgotten (Art. 17)
Data controller must securely erase all personal
data they hold on requester without undue delay
When specific criteria are met – see Regulation.
– Data is no longer needed
– Purpose for collection has expired
– Data unlawfully processed …
@DeveloperWil #wpsyd
20. Privacy by design and default (Art. 25)
New “systems” collecting and processing data
must be inherently secure from concept.
You must build privacy and security into any new
apps, programs, websites, procedures etc.
@DeveloperWil #wpsyd
21. Gives right to know what info is being stored
You need to specify what data you will be
collecting and for what purposes up front and
before it has been collected.
Privacy Policy, Cookie Statement, T&C’s
@DeveloperWil #wpsyd
22. Gives right to access held info and data
portability (Art. 20)
You will need to provide all data held on requester
and supply that in a machine readable format for
importing into another system.
CSV, JSON, XSL file.
@DeveloperWil #wpsyd
23. • Notify authorities within 72 hours of data
breach and people whose data was accessed
• Data only used for reasons given at time of
collection and securely deleted after no longer
needed
• Parental consent required to process personal
data of children under 16 (Art. 8)
• Allows national authorities to impose fines on
companies breaching regulation
@DeveloperWil #wpsyd
24. If your business doesn’t comply with GPDR
• Get sanctioned up to 4% of the annual
worldwide turnover or fined up to €20 million
(the higher of the two), per infringement.
• Tiered approach to fines.
e.g. a company can be fined 2% for not having
their records in order, not notifying the
supervising authority and data subject about a
breach, or not conducting an impact
assessment. (Art. 83)
@DeveloperWil #wpsyd
25. Hire a good lawyer
A lawyer will provide you with tailored advice for
your business.
Ask friends and colleagues for recommendations
of lawyer contacts they have had a good
experience with.
Through Sydney Business Chambers
https://www.thechamber.com.au/
@DeveloperWil #wpsyd
Step 1
26. Review all data collection and processing
workflows
Work through entire WP site, document where
data is collected, processed and stored as well as
how long stored for:
– eCommerce check out page
– Payment gateways: Stripe/PayPal
– Email marketing: Mailchimp
– All forms on site: consent check box
– All generated cookies https://www.cookiebot.com/en/cookie-consent/
@DeveloperWil #wpsyd
Step 2
28. Offer data portability
Ability to export all personal data in a transferrable
and importable document. e.g. csv, xml
Update to WordPress 4.9.6 to take advantage of
new data export feature.
@DeveloperWil #wpsyd
Step 4
29. Encrypt your data
1. Encrypt your transferred data (web traffic)
using HTTPS
Going HTTPS has other advantages too.
2. Encrypt your stored data
Not legally required to comply with GDPR but
highly recommended.
@DeveloperWil #wpsyd
Step 5
30. Self-Certify Under Privacy Shield Framework
Consider certifying under the EU-U.S. and Swiss-
U.S. Privacy Shield Frameworks if you are US
Established.
Provides companies on both sides of the Atlantic
with a mechanism to comply with data protection
requirements when transferring personal data
from the European Union and Switzerland to the
United States.
@DeveloperWil #wpsyd
Step 6
31. Check WP themes, plugins, services & APIs
• Contact Forms
– Gravity Forms, NinjaForms, WPForms
• Comment & Marketing Services
– Disqus, Jetpack, Mailchimp, Active Campaign, AWeber
• Analytics, Tracking & Remarketing
– Google Analytics, Hotjar, AdRoll
• eCommerce & Payment Processors
– WooCommerce, Easy Digital Downloads, Stripe, PayPal
• Community Plugins
– LearnDash, bbPress, BuddyPress
• All third-party APIs e.g. Is Google Fonts GDPR compliant?
@DeveloperWil #wpsyd
Step 7
32. v4.9.6 Privacy & Maintenance Release
– Logged out commenters given choice to store data in
a cookie
@DeveloperWil #wpsyd
35. This plugin is meant to assist a Controller, Data
Processor, and Data Protection Officer (DPO) with
efforts to meet the obligations and rights enacted
under the GDPR.
GDPR https://wordpress.org/plugins/gdpr/
@DeveloperWil #wpsyd
36. With Stream, you’re never left in the dark about
WordPress Admin activity.
Every logged-in user action is displayed in an
activity stream and organized for easy filtering by
User, Role, Context, Action or IP address.
Stream https://en-au.wordpress.org/plugins/stream/
@DeveloperWil #wpsyd
37. WordPress’ most comprehensive real time user
activity and monitoring log plugin. It helps
thousands of WordPress administrators and
security professionals keep an eye on what is
happening on their websites.
WP Security Audit Log https://wordpress.org/plugins/wp-security-audit-log/
@DeveloperWil #wpsyd