This document provides an overview of the key aspects of the General Data Protection Regulation (GDPR) that will take effect in May 2018 and practical steps organizations should take to comply. It notes that GDPR strengthens individuals' data privacy rights and outlines rights like access, erasure, and consent. The document advises creating an inventory of personal data held, reviewing data security and access controls, and obtaining renewed explicit consent from individuals. It also covers topics like direct marketing, data sharing, record keeping, and legal bases for processing data other than consent. The overall message is that organizations need to review their data practices and put new procedures in place to comply with GDPR's strengthened privacy requirements.
This presentation covers what you as a business owner need to do in order to be ready and compliant for GDPR. It shows you all of the different lawful basis that you can use for processing personal data, so that you do not have to rely on consent.
If you are in the UK and need to check that you will comply with the General Data Protection Regulations when they come into force in May 2018, this checklist might help. Developed for use in my own business it is shared without liability. Please use it wisely to start the process of complying.
For more information on making your processes and your legal documents simple, especially if you are in the UK construction industry, go to http://500words.co.uk/
For small businesses who feel overwhelmed with all the attention and threatening articles, here is a very easy GDPR-compliance checklist you can go through.
The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. This policy directive was adopted in May 2016 to make Europe fit for the digital age. How does it affect small businesses?
The GDPR brings a lot of extra work for organizations that are considered to process Personal Data. For small businesses who feel overwhelmed with all the attention and threatening articles, here is a very easy GDPR-compliance checklist you can go through.
Bridging the Gap Between Privacy and RetentionInfoGoTo
This slideshare explores the vital connection between privacy and retention and explores some tools and approaches that can help organizations successfully manage them in tandem.
Preparing for the General Data Protection Regulation - 12 steps to take now - from the ICO - more info and resources at https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment-toolkit/
201705
This presentation covers what you as a business owner need to do in order to be ready and compliant for GDPR. It shows you all of the different lawful basis that you can use for processing personal data, so that you do not have to rely on consent.
If you are in the UK and need to check that you will comply with the General Data Protection Regulations when they come into force in May 2018, this checklist might help. Developed for use in my own business it is shared without liability. Please use it wisely to start the process of complying.
For more information on making your processes and your legal documents simple, especially if you are in the UK construction industry, go to http://500words.co.uk/
For small businesses who feel overwhelmed with all the attention and threatening articles, here is a very easy GDPR-compliance checklist you can go through.
The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. This policy directive was adopted in May 2016 to make Europe fit for the digital age. How does it affect small businesses?
The GDPR brings a lot of extra work for organizations that are considered to process Personal Data. For small businesses who feel overwhelmed with all the attention and threatening articles, here is a very easy GDPR-compliance checklist you can go through.
Bridging the Gap Between Privacy and RetentionInfoGoTo
This slideshare explores the vital connection between privacy and retention and explores some tools and approaches that can help organizations successfully manage them in tandem.
Preparing for the General Data Protection Regulation - 12 steps to take now - from the ICO - more info and resources at https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment-toolkit/
201705
Getting to grips with General Data Protection Regulation (GDPR)Zoodikers
Leading employment lawyer Pam Loch, and digital expert Katie King share their advice on how to get to grips with the topic of the moment - GDPR.
They look at who is liable, the impact of Brexit, how it affects marketing and what steps you can take to prepare.
Where are you in in your GDPR journey? Europe's data protection regulation will undergo the greatest change since its creation over 20 years ago. The GDPR is Europe's new framework for data protection laws, replacing the Data Protection Act (DPA).
GDPR ASAP: A Seven-Step Guide to Prepare for the General Data Protection Regu...ObservePoint
This guide will educate you on what GDPR is, who it applies to and what you should do about it in seven steps. As you read through, make some notes about who you feel should be responsible for each step so you can get the ball rolling with each team member.
Data Privacy and Data Protection: Rotary’s Compliance with GDPRRotary International
As stewards of personal data for more than 1.2 million Rotarians and friends of Rotary worldwide, Rotary takes data privacy and protection seriously. To ensure compliance with the European Union's new privacy law, the General Data Protection Regulation (GDPR), we will apply these standards globally. Find out more about these efforts and how they affect data privacy and protection for Rotary.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
This GDPR primer highlights key aspects of the new EU regulation regarding the protection of EU citizens data. It also presents a basic approach and key activities for GDPR preparedness. Useful as a discussion starter with senior management.
GDPR Explained - A Quick Guide for US BusinessesJessica Clark
The US has many different privacy laws. But now there is another law to wade through: GDPR. Although the GDPR mainly affects those living within the European Union (EU), it is important that US businesses pay attention too.
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018.
The European General Data Protection Regulation, better known as GDPR, will take effect on May 25, 2018. When it does, every business, organization, or government agency that collects information on European Union (EU) citizens (in other words, just about everyone) will be forced to radically change how it manages customer data and security. If you don’t, the cost of noncompliance is significant: fines can reach up to €20M ($23.5M) or 4 percent of annual sales, whichever is higher.
GDPR: Is Your Organization Ready for the General Data Protection Regulation?DATUM LLC
The new European GDPR privacy regulations will significantly impact data governance for multinational companies worldwide. This presentation introduces GDPR, its implications, and a six step process for compliance. In May of 2018 the European Union’s General Data Protection Regulation (GDPR) will go into effect and the fines associated with non-compliance are significant with as much as 4% of global sales.
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
The General Data Protection Regulation is the biggest change to the law on data in years. This webinar features Vicky Brown, Deputy General Counsel at WPP, and Paul King, Head of Data at OgilvyOne discussing what it is, why it matters and what companies are doing.
Do You Have a Roadmap for EU GDPR Compliance?Ulf Mattsson
Do You Have a Roadmap for EU GDPR Compliance?
Description : The General Data Protection Regulation (GDPR) goes into effect in 2018 and it will affect any business that handles data, even if it's not based in the European Union.
Are you looking to move and host data for EU citizens? Do you have a roadmap and associated estimated costs for EU GDPR compliance?
Webcast URL : https://www.brighttalk.com/webcast/14723/259741
Cognizant business consulting the impacts of gdpraudrey miguel
In May 2018, GDPR (Global Data Protection Regulation) will come into force in Europe. Conventional wisdom is that GDPR will cause significant legal changes for many organizations and result in yet another regulatory-driven upheaval in technology. But is this an accurate assessment of the likely impact?
Data Protection Officer Dashboard | GDPRCorporater
Data Protection Officers (DPOs) have a very critical role to play in today's organizations, especially with the implementation of GDPR. Data Protection Officer dashboards are an essential aid to DPOs to stay on top of GDPR compliance activities, and to implement and monitor GDPR projects.
The presentation gives insight into the essentials of a DPO dashboard.
Disclosure, Exposure and the "Right to be Forgotten" After Google SpainDavid Erdos
*** N.B. For full working paper see https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3505921 ***
This paper argues that Google’s essentially blanket and unsafeguarded dissemination to webmasters of URLs deindexed under the Google Spain judgment involves the disclosure of the claimant’s personal data, cannot be justified either on the purported basis of their consent or that this is legally required but instead seriously infringes European data protection standards. Disclosure of this data would only be compatible with the initially contextually sensitive context of collection where it was (i) reasonably necessary and explicitly limited to the purposes of checking the legality of the initial decision and/or bona fide research and (ii) was subject to effective safeguards that prevented any unauthorised repurposing or other use. Strict necessity thresholds would need to apply where disclosure involved special category data or was subject to reasoned objection by a data subject and international transfers would require appropriate safeguards as provided by the European Commission’s standard contractual clauses. Disclosing identifiable data on removals to end users would directly and fundamentally undermine a data subject’s rights and, therefore, ipso facto violate purpose limitation and legality, irrespective of a data subject claims rights in data protection, defamation or civil privacy. The public’s legitimate interests in receiving information on personal data removals should be secured through safeguarded scientific research that the search engines should facilitate and promote.
the European Union has introduced a new law, the General Data Protection Regulation or GDPR. This law will include all rules and regulations that govern the use of personal data within the EU.
Getting to grips with General Data Protection Regulation (GDPR)Zoodikers
Leading employment lawyer Pam Loch, and digital expert Katie King share their advice on how to get to grips with the topic of the moment - GDPR.
They look at who is liable, the impact of Brexit, how it affects marketing and what steps you can take to prepare.
Where are you in in your GDPR journey? Europe's data protection regulation will undergo the greatest change since its creation over 20 years ago. The GDPR is Europe's new framework for data protection laws, replacing the Data Protection Act (DPA).
GDPR ASAP: A Seven-Step Guide to Prepare for the General Data Protection Regu...ObservePoint
This guide will educate you on what GDPR is, who it applies to and what you should do about it in seven steps. As you read through, make some notes about who you feel should be responsible for each step so you can get the ball rolling with each team member.
Data Privacy and Data Protection: Rotary’s Compliance with GDPRRotary International
As stewards of personal data for more than 1.2 million Rotarians and friends of Rotary worldwide, Rotary takes data privacy and protection seriously. To ensure compliance with the European Union's new privacy law, the General Data Protection Regulation (GDPR), we will apply these standards globally. Find out more about these efforts and how they affect data privacy and protection for Rotary.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
This GDPR primer highlights key aspects of the new EU regulation regarding the protection of EU citizens data. It also presents a basic approach and key activities for GDPR preparedness. Useful as a discussion starter with senior management.
GDPR Explained - A Quick Guide for US BusinessesJessica Clark
The US has many different privacy laws. But now there is another law to wade through: GDPR. Although the GDPR mainly affects those living within the European Union (EU), it is important that US businesses pay attention too.
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018.
The European General Data Protection Regulation, better known as GDPR, will take effect on May 25, 2018. When it does, every business, organization, or government agency that collects information on European Union (EU) citizens (in other words, just about everyone) will be forced to radically change how it manages customer data and security. If you don’t, the cost of noncompliance is significant: fines can reach up to €20M ($23.5M) or 4 percent of annual sales, whichever is higher.
GDPR: Is Your Organization Ready for the General Data Protection Regulation?DATUM LLC
The new European GDPR privacy regulations will significantly impact data governance for multinational companies worldwide. This presentation introduces GDPR, its implications, and a six step process for compliance. In May of 2018 the European Union’s General Data Protection Regulation (GDPR) will go into effect and the fines associated with non-compliance are significant with as much as 4% of global sales.
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
The General Data Protection Regulation is the biggest change to the law on data in years. This webinar features Vicky Brown, Deputy General Counsel at WPP, and Paul King, Head of Data at OgilvyOne discussing what it is, why it matters and what companies are doing.
Do You Have a Roadmap for EU GDPR Compliance?Ulf Mattsson
Do You Have a Roadmap for EU GDPR Compliance?
Description : The General Data Protection Regulation (GDPR) goes into effect in 2018 and it will affect any business that handles data, even if it's not based in the European Union.
Are you looking to move and host data for EU citizens? Do you have a roadmap and associated estimated costs for EU GDPR compliance?
Webcast URL : https://www.brighttalk.com/webcast/14723/259741
Cognizant business consulting the impacts of gdpraudrey miguel
In May 2018, GDPR (Global Data Protection Regulation) will come into force in Europe. Conventional wisdom is that GDPR will cause significant legal changes for many organizations and result in yet another regulatory-driven upheaval in technology. But is this an accurate assessment of the likely impact?
Data Protection Officer Dashboard | GDPRCorporater
Data Protection Officers (DPOs) have a very critical role to play in today's organizations, especially with the implementation of GDPR. Data Protection Officer dashboards are an essential aid to DPOs to stay on top of GDPR compliance activities, and to implement and monitor GDPR projects.
The presentation gives insight into the essentials of a DPO dashboard.
Disclosure, Exposure and the "Right to be Forgotten" After Google SpainDavid Erdos
*** N.B. For full working paper see https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3505921 ***
This paper argues that Google’s essentially blanket and unsafeguarded dissemination to webmasters of URLs deindexed under the Google Spain judgment involves the disclosure of the claimant’s personal data, cannot be justified either on the purported basis of their consent or that this is legally required but instead seriously infringes European data protection standards. Disclosure of this data would only be compatible with the initially contextually sensitive context of collection where it was (i) reasonably necessary and explicitly limited to the purposes of checking the legality of the initial decision and/or bona fide research and (ii) was subject to effective safeguards that prevented any unauthorised repurposing or other use. Strict necessity thresholds would need to apply where disclosure involved special category data or was subject to reasoned objection by a data subject and international transfers would require appropriate safeguards as provided by the European Commission’s standard contractual clauses. Disclosing identifiable data on removals to end users would directly and fundamentally undermine a data subject’s rights and, therefore, ipso facto violate purpose limitation and legality, irrespective of a data subject claims rights in data protection, defamation or civil privacy. The public’s legitimate interests in receiving information on personal data removals should be secured through safeguarded scientific research that the search engines should facilitate and promote.
the European Union has introduced a new law, the General Data Protection Regulation or GDPR. This law will include all rules and regulations that govern the use of personal data within the EU.
The European Union will introduce the new General Data Protection Regulation for implementation May 2018. This makes it a legal requirement on all businesses owners to comply with the new regulations or face heavy fines. This will still apply to UK companies after Brexit.
Marketing data management | The new way to think about your dataLaurence
Organisations are at a place where opportunity beckons but, all too often, the gesture is obscured by the confusion that surrounds data compliance. Instead of seeing the benefits that can be found in the regulations, such as the General Data Protection Regulation (GDPR), that are being introduced, companies take a retracted view that turns inward, seeing only where these policies cause hindrance rather than the value they can add.
Wherever your business is located in the world, the GDPR will apply if you:
Offer products/services to EU citizens and/or:
Collect personal information from EU citizens
"The EU General Data Protection Regulation: GDPR" - workshop held by Beatrice Masserini (Studio Cassinis, Italy) at the TRA Annual Meeting 2018 in Athens
The EU General Data Protection Regulation (GDPR) is the most important update in data privacy regulation in 20 years. Having added more responsibilities to the Data Protection Act 1998, on the 25th May 2018, it is mandatory that all businesses that handle personal data must be aware of the new rules, so that they are in compliance with the law.
See Details: http://bit.ly/2W3Isnw
The engaging white paper delivers the core facts you need to understand the fundamental nature of the GDPR regulations and what it means for your business and the management of its data.
EU GDPR Lesson 1 - What is the GDPR? Why do we need it?
EU GDPR Lesson 2 - Data Protection by Design and by Default
EU GDPR Lesson 3 - The Right To Be Forgotten
EU GDPR Lesson 4 - Who Does the EU GDPR Apply?
EU GDPR Lesson 5 - What Happens if I Don’t Comply with the EU GDPR?
EU GDPR Lesson 6 - Next Steps - How to Get There?
Over the past few years of monitoring the development of the EU General Data Protection Regulation (GDPR) and its effects on technology, we’ve distilled the parts of the regulation that most affect your business into this practical guide.
Are you ready for the General Data Protection Regulation?
VILT has compiled this Frequently Asked Questions document. Read about what it is and how we can help.
What does GDPR laws mean for Australian businessesiFactory Digital
Chances are that you’ve noticed a deluge of emails and app updates all centred around privacy updates. It’s not that every company on Earth has simultaneously grown very concerned about the issue. Instead, it’s to make sure that they meet the requirements for GDPR compliance.
https://ifactory.com.au/news/what-does-gdpr-laws-mean-australian-businesses
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Imo's common sense guide to GDPR
1. Imo’s common sense guide to GDPR
How to use this document
This is an accumulation of information from different sources (see references at
end), and some advice (such as the age of consent for data protection in Ireland)
may change before the GDPR law comes into effect in May 2018.
Of course you should consult an appropriate professional such as a lawyer rather
than relying on this document. This one’s been created by someone who is just a
small business owner that’s dealt with the practical effects of data protection
regulation for 25 years and has simply read the publicly available material for the
UK and Ireland… but if you don’t have time or funds, then it may help!
What is GDPR?
The new EU general data protection law coming into force in May 2018. It gives
more rights to individuals which will mean charities, clubs and small businesses
need to review their procedures and make some changes. However, it’s not
actually that big a change compared to the data protection you should already
be performing. Which you probably aren’t.
GDPR gives the following rights to individuals:
• The right to be informed that data is held on them.
• The right of access to data held, free of charge, without delay and within one
month.
• The right to rectification of information held.
• The right to erasure of information held on them.
• The right to restrict processing of their information.
• The right to data portability (ie to obtain their own information and take it
“away”).
• The right to object
• Rights in relation to automated decision making and profiling.
What sort of thing will GDPR mean in practice?
Some practical examples of why you need to plan this
• If you send out an email to a group of people, do not put all the email
addresses into the cc: field. Use the bcc (blind copy) field to enter in the list of
emails, unless you can show that all those people have given you explicit
consent to reveal their email addresses to all the other people.
• Data has to be kept safe. Is yours backed up, encrypted? Do you have those
details listed somewhere in a data security policy or procedure? Is one of
your backups held offsite in case of fire, theft or flood?
• Is there a data privacy policy on your website? And a cookies agreement?
2. • Do you have a form for new customers or users? It must request explicit
consent for their data to be held, explain what it’s held for, who by and for
how long, and who people contact if they don’t agree.
• Do you ever text customers notifications or reminders? You must inform
customers or users that you are going to do this, and give an opt-out option
whenever you use it.
• If your premises were broken into and a computer stolen that holds personal
data, you would need to inform the data protection commissioner within 72
hours unless it is anonymized OR encrypted. Do you know what’s on each
computer, and whether it’s encrypted?
• If you receive a request from a data subject who wants to get a copy of all the
data you hold on them and then have it deleted, could you do this within 30
days and free of charge? How would you be sure you’d found all their data?
That’s the law from May.
• What do you know about your Internet security? Do you have a firewall and
malware protection? Is access to data protected eg by passworded accounts?
• How can you be sure all your staff are using strong computer passwords?
• If you sell or pass on an old computer no longer in use, what is your
procedure to ensure there is no personal data accessible from that computer
in future?
• Do you use Paypal to receive payments? This company has restrictive data
policies as part of its terms and conditions that imply customer information
may be passed to third parties in a jurisdiction beyond the EU in a way which
may not comply with GDPR.
Where do you start?
Inventory
Make a list of all the personal data held. Donors, staff, volunteers, members,
customers, users, suppliers, marketing lists, accident book, employment contracts,
Garda vetting, HR records?
• Where did the data come from? Make a list.
• Who do you share it with? Make a list.
• Is it really needed? No? Delete it.
• Is it relevant? If you’re a sports club you may need to know if a member has
asthma but not their PPS number.
• Is it more than two years old? How do you know?
• How do you know you have permission to hold it?
• Is any of the data sensitive eg health-related? Extra rules may apply.
• Is any of the date from underage subjects? How are you verifying ages and
obtaining consent from a parent or guardian when necessary?
3. Access and security
• Who currently has access and under what conditions? How are you limiting
access? Lock and key, password?
• Is the existing data held securely?
• Do you share it with anyone for any reason?
• Is it used only for the purposes that it was originally collected for?
• Where is it held (Cloud? Hard drive?)
• Is it encrypted?
• Is it backed up and is there an offsite backup?
• Who can get access to your internal computer network? What defences
against unauthorized access are in place?
Permission and consent
So now you’ve probably realized a lot of your data is out of date, you don’t know
how you got permission to use it and you can’t show that individuals consented.
This probably means you need to re-permission all the people on your texting
list, for example, before May 2018.
There are important changes to consent with GDPR.
DP Directive (old) definition:
“any freely given specific and informed indication of his wishes by which the data
subject signifies his agreement to personal data relating to him being processed”
GDPR (new) definition:
“any freely given, specific, informed and unambiguous indication of the data
subject's wishes by which he or she, by a statement or by a clear affirmative action,
signifies agreement to the processing of personal data relating to him or her”
In practice, how you request consent (your forms, whether paper or online) now has
to meet these points:
• the name of your organisation and the names of any third parties who will
rely on the consent – consent for categories of third-party organisations will
not be specific enough;
• Why you want the data (the purposes of the processing);
• What you will do with the data (the processing activities); and
• Make the request for consent prominent and separate from your terms and
conditions.
• Explain why you want the data (the purposes of the processing)
• Ask people to positively opt in – don’t use pre-ticked boxes, or any other type
of consent by default.
• If it’s for more than one purpose offer more than one opt-in (granularity).
4. • Let people know they can withdraw their consent at any time without
detriment, and how. It must also be as easy to withdraw consent as it was to
give it.
• Don’t make consent a precondition of a service.
• Where children are involved, verify age and get parental consent as needed.
• Keep a dated record of how you received consent and what the person was
told at the time.
• Clearly inform them of the complaints channel open to anybody unhappy
with how their data has been processed.
• It’s good practice to let people know how long their data will be held for.
WRONG…
Company A provides the following information to individuals:
“Email address (optional):
“We will use this to send you emails about our products and special offers.”
Company A keeps a spreadsheet with ‘consent provided’ against a customer’s name.
They keep the time and date of consent linked to an IP address, with a web link to
your current data-capture form and privacy policy
RIGHT…
Company B uses the following statement instead:
I consent to receive emails about your products and special offers
If the individual ticks the box, they will have explicitly consented to the processing.
They keep a copy of the customer’s signed and dated form that shows they ticked to
provide their consent to the specific processing.
They keep records that include an ID and the data submitted online together with a
timestamp. You also keep a copy of the version of the data-capture form and any
other relevant documents in use at that date.
Under GDPR, consent is not the only legal basis for holding data though it is the most
common. In all cases holding the data must be shown to be necessary. Other legal
bases include:
• Contract - eg if a car insurer needed your make and model of car to give a
quotation.
• Legal obligation - to comply with common law or statutory obligation
• Vital interests - to protect a life
• Public task - in the exercise of official authority or for a task in the public
interest set uot in law
• Legitimate interests - commercia, individual or broader societal interests
balancing the individual's interests
• Special category data - eg health
• Criminal offence data - must have a lawful basis
5. Direct marketing
Some of this is not new to GDPR, but as a lot of people aren’t aware…
https://www.dataprotection.ie/docs/DIRECT_MARKETING_–
%20_A_GENERAL_GUIDE_FOR_DATA_CONTROLLERS/905.htm
Where you have obtained contact details in the context of the sale of a product or
service, you may only use these details for direct marketing by electronic mail if the
following conditions are met:
• the product or service you are marketing is of a kind similar to that which
you sold to the customer at the time you obtained their contact details
• At the time you collected the details, you gave the customer the opportunity
to object, in an easy manner and without charge, to their use for marketing
purposes
• Each time you send a marketing message, you give the customer the right to
object to receipt of further messages
• The sale of the product or service occurred not more than twelve months
prior to the sending of the electronic marketing communication or, where
applicable, the contact details were used for the sending of an electronic
marketing communication in that twelve month period.
NOTE: In relation to 4 above, if the subscriber fails to unsubscribe using the cost free
means provided to them by the direct marketer, they will be deemed to have
remained opted-in to the receipt of such electronic mail for a twelve month period
from the date of issue to them of the most recent marketing electronic mail.
Website privacy policy
https://fortprivacy.ie/gdpr-privacynotices/
Article 13 requires that the privacy notice should include the following information:
• the identity and the contact details of the controller
• the contact details of the data protection officer
• the purposes and legal basis for the processing
• where the processing is based on legitimate interests, details of what these
are
• the recipients or categories of recipients of the personal data
• details of any transfer to a third country and details of the safeguards and the
means by which to obtain a copy of them or where they have been made
available
• the retention periods or the criteria used to determine that period
• details on rights of access to and rectification/deletion of personal data.
Rights to object to processing and the right to data portability
• if processing is based on consent, the right to withdraw consent
• the right to lodge a complaint with the supervisory authority
• details on whether the data subject is obliged to provide the personal data
and the consequences of failure to provide it
6. • details of any automated decision making, including details of the logic used
and potential consequences for the individual
Website privacy policy and cookies template
https://www.nibusinessinfo.co.uk/content/sample-privacy-policy
This privacy policy sets out how [business name] uses and protects any information
that you give [business name] when you use this website.
[business name] is committed to ensuring that your privacy is protected. Should we
ask you to provide certain information by which you can be identified when using
this website, then you can be assured that it will only be used in accordance with
this privacy statement.
[business name] may change this policy from time to time by updating this page.
You should check this page from time to time to ensure that you are happy with any
changes. This policy is effective from [date].
What we collect
We may collect the following information:
name and job title
contact information including email address
demographic information such as postcode, preferences and interests
other information relevant to customer surveys and/or offers
What we do with the information we gather
We require this information to understand your needs and provide you with a
better service, and in particular for the following reasons:
Internal record keeping.
We may use the information to improve our products and services.
We may periodically send promotional emails about new products, special offers or
other information which we think you may find interesting using the email address
which you have provided.
From time to time, we may also use your information to contact you for market
research purposes. We may contact you by email, phone, fax or mail. We may use
the information to customise the website according to your interests.
Security
We are committed to ensuring that your information is secure. In order to prevent
unauthorised access or disclosure, we have put in place suitable physical, electronic
and managerial procedures to safeguard and secure the information we collect
online.
How we use cookies
A cookie is a small file which asks permission to be placed on your computer's hard
drive. Once you agree, the file is added and the cookie helps analyse web traffic or
8. If you believe that any information we are holding on you is incorrect or incomplete,
please write to or email us as soon as possible at the above address. We will
promptly correct any information found to be incorrect.
Another example to adapt
https://www.lawsociety.ie/About-this-Website/Privacy-Policy/
Privacy Policy
This statement relates to our privacy practices in connection with this website.
We are not responsible for the content or privacy practices of other websites. Any
external links to other websites are clearly identifiable as such. Some technical
terms used in this statement are explained at the end of this page.
General statement
The Law Society of Ireland fully respects your right to privacy, and will not collect or
publish any personal information about you through this website without your clear
permission. Any personal information which you volunteer to the Society will be
treated with the highest standards of security and confidentiality, strictly in
accordance with the Data Protection Acts, 1988 - 2003.
Collection and use of personal information
The Law Society of Ireland does not collect any personal data about you on this
website, apart from information which you volunteer (for example by e-mailing us,
by using our online feedback form or by making a credit card booking). Any
information which you provide in this way is not made available to any third parties,
and is used by the Law Society only in line with the purpose for which you provided
it.
Collection and use of technical information
This website uses temporary "session" cookies which enable a visitor’s web browser
to remember which pages on this website have already been visited. If you use the
'Remember me' option when logging in to the Law Society website, a cookie is
placed on your computer with an encrypted id to remember your credentials. No
other information is stored in this cookie. Visitors can use this website with no loss
of functionality if cookies are disabled from the web browser. Technical details in
connection with visits to this website are logged by our internet service provider for
our statistical purposes. No information is collected that could be used by us to
personally identify website visitors. The technical details logged are confined to the
following items:
the IP address of the visitor’s web server
the top-level domain name used (for example .ie, .com, .org, .net)
the previous website address from which the visitor reached us, including any
search terms used
Google analytics which shows the traffic of visitors around this web site (for
example pages accessed and documents downloaded)
11. The policy applies to all personal data processed by the organisation, including
customer data, third party data and employee data.
Draw up policies and procedures to cover:
• Dealing with data breaches
• Requests for data access (eg recording the date that the request is received)
• Requests for data correction
• Requests to have information erased
• Requests to prevent direct marketing contacts
• How you decided you didn’t need to appoint a Data Protection Officer (not
usually necessary but you should specify who in your organization handles
data protection queries).
• Specify retention periods for different types of data held.
• Specify whether any data is being exported to third countries (example: use
of Paypal to receive payments).
• Specify the period for auditing checks and reviews of the policy.
• Review any other existing policites and procedures that may be impacted by
GDPR such as HR, Health and Safety, employment contracts, fundraising,
financial records, Garda vetting, children and vulnerable adults.
• Consider the either data protection rules in the following section.
• Recording how people in your organization have been made aware of the
data protection policy, and of how they may get involved with reviews or
changes to the policies and procedures.
The eight data protection rules (from the previous legislation)
Keep an eye out for updates on the GDPR sites…
Rule 1: Fair obtaining:
At the time when we collect information about individuals, are they made aware of
the uses for that information?
Are people made aware of any disclosures of their data to third parties?
Have we obtained people's consent for any secondary uses of their personal data,
which might not be obvious to them
Can we describe our data-collection practices as open, transparent and up-front?
Rule 2: Purpose specification
Are we clear about the purpose (or purposes) for which we keep personal
information?
Are the individuals on our database also clear about this purpose?
If we are required to register with the Data Protection Commissioner, does our
register entry include a proper, comprehensive statement of our purpose?
[Remember, if you are using personal data for a purpose not listed on your register
entry, you may be committing an offence.]
Has responsibility been assigned for maintaining a list of all data sets and the
purpose associated with each?
13. Are there clear procedures in place for dealing with such requests?
Do these procedures guarantee compliance with the Act's requirements?
Checklist
• Inventory your data
• Record who has access (online and paper) to the data
• Check your data security – backups, online, network
• Figure out who you need to “repermission” regarding their data by May 2018
• Do you need to appoint a data protection officer? (Probably not.)
• Who is going to be responsible for data protection in the organization?
• Revise direct marketing procedures
• Revise website privacy and cookies policy
• Revise your data protection procedures, including subject data access
requests
• Make everyone in the organization aware of the changes and how they can
contribute
• Keep checking for any changes coming up to May 2018 such as age for
parental consent where children are involved.
References
GDPR - http://gdprandyou.ie/gdpr-12-steps/#becoming-aware
https://www.dataprotection.ie/docs/GDPR/1623.htm
https://www.nibusinessinfo.co.uk/content/sample-privacy-policy
https://www.charitiesinstituteireland.ie/our-blog/2016/12/6/general-data-
protection-regulation
https://www.dataprotection.ie/documents/guidance/Charity_Guidance.pdf
http://www.charitytaxreform.com/files/R2.%20Guiding%20Principles%20of%20F
undraisin g%20-%20Feb%202008.pdf
https://www.dataprotection.ie/docs/DIRECT_MARKETING_–
%20_A_GENERAL_GUIDE_FOR_DATA_CONTROLLERS/905.htm
https://www.krestonreeves.com/news-and-events/30/11/2017/general-data-
protection-regulation-gdpr
https://fortprivacy.ie/gdpr-privacynotices/
https://www.dataprotection.ie/documents/guidance/Charity_Guidance.pdf
http://gdprcoalition.ie/infographics/
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-
regulation-gdpr/
Collated and edited by Imogen Bertin 24 February 2018
If you found it helpful, maybe give me a review on Google My Business?
TechAbility https://search.google.com/local/writereview?placeid=ChIJYQ0z_oGHR
EgRMcT8jqT_RUY
Or Facebook page: https://www.facebook.com/TechAbilityIRL/