MyComplianceOffice presents our Oct 26th webinar, “ Prepare Your Firm for GDPR", co-hosted by MCO and Emily Mahoney a Technology Lawyer at Mason Hayes & Curran
Dovetail Software (hr.dovetailsoftware.com) sponsors this informative and important webinar hosting experts Grant D. Petersen (ogletree.com/) and Estella Cohen (trustarc.com/) who shared information with HR practitioners and Organizations that need to be GDPR compliant by May 25, 2018.
Here's the link to view the recording: http://hr.dovetailsoftware.com/dsadmin/2018/01/31/hr-gdpr-preparing-2018-compliance/
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
In this webinar, see the specific impacts of GDPR on B2B companies as they plan, budget, launch and measure success from ABM advertising programs that reach and engage the 500 Million+ citizens of EU countries and the UK. Our panel of experts will cover the IT, Legal, Marketing, Data and Technology Provider side of GDPR compliance. All of these dimensions need to be addressed as you plan for the world of GDPR.
Practical guide for performing a Data Privacy Impact Assessment (DPIA). Great hints to support you in GDPR and mapping how data flows through your organisation and external vendors;
Please reach out if you need PPT/Notes
GDPR what you should know and how to minimize impact on your businessOlivier BARROT
The upcoming General Data Protection Regulation (GDPR) that will be applicable to all data of EU citizens starting May 2018 enforces new data privacy obligations on the management and the retention of personally identifiable information (PII) including data collection, retention, protection, modification and deletion processes.
Learn what are the impacts on your business and how to prepare with IBM solutions
The General Data Protection Regulation and the DAMA DMBOK – Tools you can use for Compliance
Abstract: The General Data Protection Regulation will be the law governing data privacy in Europe in 2018. Surveys show that less than 50% of organisations are aware of the changes within the legislation, and even fewer have any plan for achieving compliance. In this session, Daragh O Brien takes us on a high level overview of the GDPR and how the disciplines of the DMBOK can help compliance.
Notes: DMBOK is an abbreviation for the "Data Management Book of Knowledge" which is published by DAMA International (The Data Management Association)
Dovetail Software (hr.dovetailsoftware.com) sponsors this informative and important webinar hosting experts Grant D. Petersen (ogletree.com/) and Estella Cohen (trustarc.com/) who shared information with HR practitioners and Organizations that need to be GDPR compliant by May 25, 2018.
Here's the link to view the recording: http://hr.dovetailsoftware.com/dsadmin/2018/01/31/hr-gdpr-preparing-2018-compliance/
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
In this webinar, see the specific impacts of GDPR on B2B companies as they plan, budget, launch and measure success from ABM advertising programs that reach and engage the 500 Million+ citizens of EU countries and the UK. Our panel of experts will cover the IT, Legal, Marketing, Data and Technology Provider side of GDPR compliance. All of these dimensions need to be addressed as you plan for the world of GDPR.
Practical guide for performing a Data Privacy Impact Assessment (DPIA). Great hints to support you in GDPR and mapping how data flows through your organisation and external vendors;
Please reach out if you need PPT/Notes
GDPR what you should know and how to minimize impact on your businessOlivier BARROT
The upcoming General Data Protection Regulation (GDPR) that will be applicable to all data of EU citizens starting May 2018 enforces new data privacy obligations on the management and the retention of personally identifiable information (PII) including data collection, retention, protection, modification and deletion processes.
Learn what are the impacts on your business and how to prepare with IBM solutions
The General Data Protection Regulation and the DAMA DMBOK – Tools you can use for Compliance
Abstract: The General Data Protection Regulation will be the law governing data privacy in Europe in 2018. Surveys show that less than 50% of organisations are aware of the changes within the legislation, and even fewer have any plan for achieving compliance. In this session, Daragh O Brien takes us on a high level overview of the GDPR and how the disciplines of the DMBOK can help compliance.
Notes: DMBOK is an abbreviation for the "Data Management Book of Knowledge" which is published by DAMA International (The Data Management Association)
GDPR will replace national data protection laws of all 28 EU member states in May 2018 and is applying to any organization that processes data of EU data subjects.
GDPR – The Practicalities of a New Reality Susan Moran
GDPR is fast becoming the new reality and will bring big implications for all companies in May 2018. As companies begin to prepare for GDPR, part 2 of our GDPR series will introduce you to some key the GDPR Directive and the changes that it will bring with it.
Strengthening current personal data protection regulation (EU 95/46), GDPR lays down rules relating to protection of natural persons with regard to processing and free movement of personal data. It applies to all entities in EU member states processing personal data by automated means and processing which form part of a filing system. Application of GDPR will be supervised in Belgium by the privacy commission.
Presentation to Cyprus Computer Society Records Management event by Christoforos Christoforou, Risk and Strategic Planning Manager at Fileminders http://www.fileminders.com.cy/
Agenda:
1. Introduction to the General Data Protection Regulation (GDPR )
2.Data protection: Why all the fuss?
3. How does GDPR affect your business?
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]TrustArc
Watch the webinar on-demand: https://info.trustarc.com/building-pia-dpia-program-webinar.html
DPIA/PIA guidance, tips for success and case studies from the field.
The GDPR mandates Privacy by Design and requires documented Data Protection Impact Assessments (DPIAs) for high risk processing. How can you build this into a sustainable program across your business? Having a good understanding of what DPIA/PIAs are and how to implement them can be the key to embedding privacy in the heart of your organization as well as achieving GDPR compliance.
Watch this webinar on-demand to:
- Hear PIA best practices
- Review GDPR compliance requirements
- Receive a range of tips and tools to help streamline and embed the process
- Hear how Volvo Financial Services has approached assessments across their organization
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
Post US Election Privacy Updates & ImplicationsTrustArc
The United States election on November 3rd will impact the future use of personal information for organizations doing business with US citizens. From presidential results to state propositions, there will be many privacy ramifications, and how we move forward to embrace the new changes is a topic that will bring many perspectives.
Join us as we discuss the implications of the US election, including California’s Proposition 24 which would expand the provisions of the CCPA and what the next administration’s role will be in helping shape the new framework for EU-US data transfers.
-Privacy issues that were included or arose in the 2020 election
-Implications of election outcomes on privacy laws or priorities
-What to watch for in 2021
Cyber Security & Data Protection Considerations for GDPR,
GDPR Overview,
Data Centric Quick Wins,
Streamlining with Technology,
Monitor and Measure GDPR Risks,
www.3grc.co.uk
Our administrative and public law seminar covered:
- a review of the last 12 months in FOIA and a case law update
- scope of prerogative powers - what are they and what is the scope of them; the topic is very much in the news at the moment due to Brexit
- non EU treaty obligations of relevance to administrative law
- procurement in 2016 and beyond - current trends, updates and the impact of Brexit
- case law update on various areas of public law, including judicial review.
An overview of the principles of GDPR and some tips to implement it in your organization. I would be more than happy to share my views with stakeholders in your company.
How to Manage Vendors and Third Parties to Minimize Privacy RiskTrustArc
The scope of vendor or third-party requirements has significantly grown due to the global pandemic we’re living in. Not only are you working to ensure your vendor management efforts will result in compliance with GDPR, CCPA and other privacy regulations, now you must consider privacy risks associated with COVID-19.
Regulations have specific provisions that address vendors and extend companies’ data privacy obligations throughout their supply chains. Organizations need to be able to collect, maintain and track critical data for ongoing vendor management in order to properly evaluate, monitor and track their status.
This webinar will provide:
-Overview of privacy laws and regulations (i.e., CCPA, GDPR) and corresponding vendor and third-party requirements
-Summary of vendor management processes and how they can be supplemented to specifically address data privacy and security risks
-Best practices for managing data privacy in your vendor network
-Guidance on how to build & manage your vendor privacy management program with practical solutions
For more information visit https://www.brightpay.ie or https://www.thesaurus.ie
Given recent cyber-attacks, an updated security process is definitely required to protect the personal data that we manage. GDPR is not a new concept, it is simply a data protection process that is being upgraded to protect all individuals. Essentially, GDPR is an overhaul of the way we process, manage and store individual’s personal data.
This webinar will uncover the ins and outs of the impact of GDPR on your payroll processing, highlighting the biggest areas of concern including emailing payslips, employee consent and your legal obligation.
We will walk you through some important steps to achieve GDPR compliance by examining the following topics:
Agenda
What does GDPR mean for your payroll processing?
- Understanding GDPR
- The contract between accountants & clients
- Template Data Processor Agreement
- Proof of compliance
- Securely storing employee data
Payslips & GDPR Compliance
- Employee consent
- Emailing payslips
- Recommended self-service access
Breaching GDPR
- Data breach plan of action
- Non-compliance and penalties
BrightPay & GDPR
- BrightPay Connect - online self-service portal
- Enhanced security measures
25th May 2018 marks the enforcement date of EU’s General Data Protection Regulation. This new regulation strives to increase privacy for individuals and penalize businesses in breach. The complexity organizations face in managing consumer data is driving the growth of privacy tech solutions that decisively address a slew of privacy compliance challenges.
Be careful what you wish for! How the GDPR even now it has been finalised may not solve the key problems of rthe tech community of what is personal data and what is anonymised/pseudonymous.
GDPR will replace national data protection laws of all 28 EU member states in May 2018 and is applying to any organization that processes data of EU data subjects.
GDPR – The Practicalities of a New Reality Susan Moran
GDPR is fast becoming the new reality and will bring big implications for all companies in May 2018. As companies begin to prepare for GDPR, part 2 of our GDPR series will introduce you to some key the GDPR Directive and the changes that it will bring with it.
Strengthening current personal data protection regulation (EU 95/46), GDPR lays down rules relating to protection of natural persons with regard to processing and free movement of personal data. It applies to all entities in EU member states processing personal data by automated means and processing which form part of a filing system. Application of GDPR will be supervised in Belgium by the privacy commission.
Presentation to Cyprus Computer Society Records Management event by Christoforos Christoforou, Risk and Strategic Planning Manager at Fileminders http://www.fileminders.com.cy/
Agenda:
1. Introduction to the General Data Protection Regulation (GDPR )
2.Data protection: Why all the fuss?
3. How does GDPR affect your business?
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]TrustArc
Watch the webinar on-demand: https://info.trustarc.com/building-pia-dpia-program-webinar.html
DPIA/PIA guidance, tips for success and case studies from the field.
The GDPR mandates Privacy by Design and requires documented Data Protection Impact Assessments (DPIAs) for high risk processing. How can you build this into a sustainable program across your business? Having a good understanding of what DPIA/PIAs are and how to implement them can be the key to embedding privacy in the heart of your organization as well as achieving GDPR compliance.
Watch this webinar on-demand to:
- Hear PIA best practices
- Review GDPR compliance requirements
- Receive a range of tips and tools to help streamline and embed the process
- Hear how Volvo Financial Services has approached assessments across their organization
To register for upcoming/on-demand webinars visit: https://www.trustarc.com/events/webinar-schedule/
Post US Election Privacy Updates & ImplicationsTrustArc
The United States election on November 3rd will impact the future use of personal information for organizations doing business with US citizens. From presidential results to state propositions, there will be many privacy ramifications, and how we move forward to embrace the new changes is a topic that will bring many perspectives.
Join us as we discuss the implications of the US election, including California’s Proposition 24 which would expand the provisions of the CCPA and what the next administration’s role will be in helping shape the new framework for EU-US data transfers.
-Privacy issues that were included or arose in the 2020 election
-Implications of election outcomes on privacy laws or priorities
-What to watch for in 2021
Cyber Security & Data Protection Considerations for GDPR,
GDPR Overview,
Data Centric Quick Wins,
Streamlining with Technology,
Monitor and Measure GDPR Risks,
www.3grc.co.uk
Our administrative and public law seminar covered:
- a review of the last 12 months in FOIA and a case law update
- scope of prerogative powers - what are they and what is the scope of them; the topic is very much in the news at the moment due to Brexit
- non EU treaty obligations of relevance to administrative law
- procurement in 2016 and beyond - current trends, updates and the impact of Brexit
- case law update on various areas of public law, including judicial review.
An overview of the principles of GDPR and some tips to implement it in your organization. I would be more than happy to share my views with stakeholders in your company.
How to Manage Vendors and Third Parties to Minimize Privacy RiskTrustArc
The scope of vendor or third-party requirements has significantly grown due to the global pandemic we’re living in. Not only are you working to ensure your vendor management efforts will result in compliance with GDPR, CCPA and other privacy regulations, now you must consider privacy risks associated with COVID-19.
Regulations have specific provisions that address vendors and extend companies’ data privacy obligations throughout their supply chains. Organizations need to be able to collect, maintain and track critical data for ongoing vendor management in order to properly evaluate, monitor and track their status.
This webinar will provide:
-Overview of privacy laws and regulations (i.e., CCPA, GDPR) and corresponding vendor and third-party requirements
-Summary of vendor management processes and how they can be supplemented to specifically address data privacy and security risks
-Best practices for managing data privacy in your vendor network
-Guidance on how to build & manage your vendor privacy management program with practical solutions
For more information visit https://www.brightpay.ie or https://www.thesaurus.ie
Given recent cyber-attacks, an updated security process is definitely required to protect the personal data that we manage. GDPR is not a new concept, it is simply a data protection process that is being upgraded to protect all individuals. Essentially, GDPR is an overhaul of the way we process, manage and store individual’s personal data.
This webinar will uncover the ins and outs of the impact of GDPR on your payroll processing, highlighting the biggest areas of concern including emailing payslips, employee consent and your legal obligation.
We will walk you through some important steps to achieve GDPR compliance by examining the following topics:
Agenda
What does GDPR mean for your payroll processing?
- Understanding GDPR
- The contract between accountants & clients
- Template Data Processor Agreement
- Proof of compliance
- Securely storing employee data
Payslips & GDPR Compliance
- Employee consent
- Emailing payslips
- Recommended self-service access
Breaching GDPR
- Data breach plan of action
- Non-compliance and penalties
BrightPay & GDPR
- BrightPay Connect - online self-service portal
- Enhanced security measures
25th May 2018 marks the enforcement date of EU’s General Data Protection Regulation. This new regulation strives to increase privacy for individuals and penalize businesses in breach. The complexity organizations face in managing consumer data is driving the growth of privacy tech solutions that decisively address a slew of privacy compliance challenges.
Be careful what you wish for! How the GDPR even now it has been finalised may not solve the key problems of rthe tech community of what is personal data and what is anonymised/pseudonymous.
Getting to grips with General Data Protection Regulation (GDPR)Zoodikers
Leading employment lawyer Pam Loch, and digital expert Katie King share their advice on how to get to grips with the topic of the moment - GDPR.
They look at who is liable, the impact of Brexit, how it affects marketing and what steps you can take to prepare.
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...Harrison Clark Rickerbys
Slideshow from GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Directors, IT Directors & Ops Directors, on 7th March 2018 at Hilton Puckrup Hall
Introduction to EU General Data Protection Regulation: Planning, Implementati...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data.The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-eu-general-data-protection-regulation-planning-implementation-and-compliance-2021/
This breakfast club focused on the new Data Protection regime covering what the new regime will entail and what to be thinking about now in order to be ready for the new regulations.
https://www.brownejacobson.com/sectors-and-services/sectors/public-sector
For more information visit https://www.brightpay.co.uk
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Employers process large amounts of personal data, not least in relation to their customers and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How to prepare for GDPR
How we are working to help you
Introduction to EU General Data Protection Regulation: Planning, Implementat...Financial Poise
The GDPR changed the way the world collects, stores, and sends personal data. The GDPR is a broad EU regulation that requires businesses to protect the personal data of EU citizens, whether the business itself is in the EU or elsewhere. Since its implementation in 2018, companies that collect data on EU citizens must comply with strict rules for the protection of personal data or face heavy fines for non-compliance. This webinar will provide an overview of GDPR’s applicability and requirements, as well as how your organization may meet those standards.
Gdpr demystified - making sense of the regulationJames Mulhern
Slightly out dated introduction to GDPR, that tries to move away from the headlines on fines and emphasises the global nature of the regulation, the numerous forms of lawful processing and the absolute need to manage privacy and be transparent. Goes on to show how using public cloud can help solve part of the problem.
General Data Protection Regulation (GDPR) tidal wave that has hit, are you ready? Is your organization prepared for the extensive privacy requirements GDPR puts forth for any organization handling EU Data Subjects' personal Data? At this point, organizations must have a complete inventory of personal data and have conducted a DPIA against it. A handful of supervisory authorities have issued compliance guidelines, but your organizations must be able to assess compliance with this ambiguous regulation at any time.
Many aspects of GDPR define the distinction between a data collector and a data processor, their respective responsibilities and compliance requirements. Those responsibilities will have an effect on the contracts you negotiate with third parties, the way in which you evaluate the risks involved with establishing a business relationship and the policies you develop to maintain compliance to the regulations.
Join this webinar to learn:
*More information about GDPR and what the industry is experiencing to date
*What minimum requirements you should have had in place by May 25, 2018
*What you should plan to do for the next 12-18 months if you are not completely ready
*What the SEC Privacy Shield program is and why you should self-certify
*How to continuously monitor vendor risk KPIs
General Data Protection Regulation: what do you need to do to get prepared? -...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Helena Wootton looks at the things you need to do to get prepared for the new data protection regulation.
http://qonex.com/east-midlands-cyber-security-forum/
A webinar co hosted by MyComplianceOffice and the President of ONTALA, Linda Tuck Chapman. Linda is a recognized expert in third-party lifecycle and risk management. Outsourcing governance and third-party optimization
In this webinar co-hosted with international tax expert Selva Ozelli we learn how to improve your company's compliance with foreign corrupt practices Act (FCPA), and third party due diligence/risk management, AND guard against FCPA and tax penalties.
You can watch full recordings of the webinar here; https://mco.mycomplianceoffice.com/mco-webinar/is-this-bribe-tax-deductible
Best Practices to Achieve an Effective FCPA Compliance ProgramMyComplianceOffice
In this age of global business, it is imperative to have an effective FCPA compliance program. In this webinar co-hosted with Paul Murdock of MCG Consulting we touched on:
-The Foreign Corrupt Practices Act compliance
-How to build an effective FCPA Compliance program
-Learn how to prepare your program to 'protect' your company
To watch video recordings of this webinar visit; https://mco.mycomplianceoffice.com/mco-webinar/best-practices-to-achieve-an-effective-fcpa-compliance-program
The Evolving Regulatory Landscape: Insights for Compliance OfficersMyComplianceOffice
This webinar was co-hosted with Todd Cipperman and took place on Nov 17th 2016. In it we assess the most impactful regulatory developments of 2016, review results of Cipperman Compliance's recent CCS survey of financial industry C-Suite opinion leaders, and Todd gives you his take on the fluid regulatory environment.
Watch recordings from the webinar here; https://mco.mycomplianceoffice.com/mco-webinar/the-evolving-regulatory-landscape-practical-insights-for-compliance-officers
This webinar provided a mid-year review of financial regulatory priorities, with a focus on SEC and FINRA as well as a discussion on industry events from 2017 that have contributed to and shaped on-going compliance priorities.
Watch recordings from the webinar here; https://mco.mycomplianceoffice.com/mco-webinar/sec-finra-2017-priorities-a-midyear-update
Ready your Organisation: Senior Managers and Certification RegimeMyComplianceOffice
The UK’s Senior Managers and Certification Regime (SMCR) came into force for banks, other deposit-takers and PRA-regulated investment firms in March 2016. The regime is expected to be brought into effect for the rest of the UK financial services industry in 2018.
Watch recordings of the webinar here; https://mco.mycomplianceoffice.com/mco-webinar/ready-your-firm-senior-managers-and-certification-regime-fundamentals
In this age of global business operations and opportunities, it is a business imperative to have an effective FCPA Compliance Program. In this webinar co-hosted with Paul Murdock of MCG Consulting we explore and discuss Foreign Corrupt Practices Act compliance and actions to achieve a FCPA Compliance Program.
For a full video of the recording visit: https://mco.mycomplianceoffice.com/mco-webinar/foreign-corrupt-practices-act-fcpa-compliance-webinar
WINDING UP of COMPANY, Modes of DissolutionKHURRAMWALI
Winding up, also known as liquidation, refers to the legal and financial process of dissolving a company. It involves ceasing operations, selling assets, settling debts, and ultimately removing the company from the official business registry.
Here's a breakdown of the key aspects of winding up:
Reasons for Winding Up:
Insolvency: This is the most common reason, where the company cannot pay its debts. Creditors may initiate a compulsory winding up to recover their dues.
Voluntary Closure: The owners may decide to close the company due to reasons like reaching business goals, facing losses, or merging with another company.
Deadlock: If shareholders or directors cannot agree on how to run the company, a court may order a winding up.
Types of Winding Up:
Voluntary Winding Up: This is initiated by the company's shareholders through a resolution passed by a majority vote. There are two main types:
Members' Voluntary Winding Up: The company is solvent (has enough assets to pay off its debts) and shareholders will receive any remaining assets after debts are settled.
Creditors' Voluntary Winding Up: The company is insolvent and creditors will be prioritized in receiving payment from the sale of assets.
Compulsory Winding Up: This is initiated by a court order, typically at the request of creditors, government agencies, or even by the company itself if it's insolvent.
Process of Winding Up:
Appointment of Liquidator: A qualified professional is appointed to oversee the winding-up process. They are responsible for selling assets, paying off debts, and distributing any remaining funds.
Cease Trading: The company stops its regular business operations.
Notification of Creditors: Creditors are informed about the winding up and invited to submit their claims.
Sale of Assets: The company's assets are sold to generate cash to pay off creditors.
Payment of Debts: Creditors are paid according to a set order of priority, with secured creditors receiving payment before unsecured creditors.
Distribution to Shareholders: If there are any remaining funds after all debts are settled, they are distributed to shareholders according to their ownership stake.
Dissolution: Once all claims are settled and distributions made, the company is officially dissolved and removed from the business register.
Impact of Winding Up:
Employees: Employees will likely lose their jobs during the winding-up process.
Creditors: Creditors may not recover their debts in full, especially if the company is insolvent.
Shareholders: Shareholders may not receive any payout if the company's debts exceed its assets.
Winding up is a complex legal and financial process that can have significant consequences for all parties involved. It's important to seek professional legal and financial advice when considering winding up a company.
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselThomas (Tom) Jasper
Military Commissions Trial Judiciary, Guantanamo Bay, Cuba. Notice of the Chief Defense Counsel's detailing of LtCol Thomas F. Jasper, Jr. USMC, as Detailed Defense Counsel for Abd Al Hadi Al-Iraqi on 6 August 2014 in the case of United States v. Hadi al Iraqi (10026)
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptxOmGod1
Victims of crime have a range of rights designed to ensure their protection, support, and participation in the justice system. These rights include the right to be treated with dignity and respect, the right to be informed about the progress of their case, and the right to be heard during legal proceedings. Victims are entitled to protection from intimidation and harm, access to support services such as counseling and medical care, and the right to restitution from the offender. Additionally, many jurisdictions provide victims with the right to participate in parole hearings and the right to privacy to protect their personal information from public disclosure. These rights aim to acknowledge the impact of crime on victims and to provide them with the necessary resources and involvement in the judicial process.
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxanvithaav
These slides helps the student of international law to understand what is the nature of international law? and how international law was originated and developed?.
The slides was well structured along with the highlighted points for better understanding .
ASHWINI KUMAR UPADHYAY v/s Union of India.pptxshweeta209
transfer of the P.I.L filed by lawyer Ashwini Kumar Upadhyay in Delhi High Court to Supreme Court.
on the issue of UNIFORM MARRIAGE AGE of men and women.
Introducing New Government Regulation on Toll Road.pdfAHRP Law Firm
For nearly two decades, Government Regulation Number 15 of 2005 on Toll Roads ("GR No. 15/2005") has served as the cornerstone of toll road legislation. However, with the emergence of various new developments and legal requirements, the Government has enacted Government Regulation Number 23 of 2024 on Toll Roads to replace GR No. 15/2005. This new regulation introduces several provisions impacting toll business entities and toll road users. Find out more out insights about this topic in our Legal Brief publication.
3. 3
10 themes
• Territorial Scope
• Financial exposure
• Consent
• Transparency
• Data protection impact assessments
• Data protection officer
• Security
• Data processors
• Accountability
• Data subject rights
4. 4
Data Protection reform - background
• Current data protection rules:
• based upon 1995 EU Directive
• implemented separately in national laws
• not fully harmonised
• ‘GDPR’ = General Data Protection Regulation
• will apply directly in all Member States
• replaces 1995 Directive
• comes into effect 25 May 2018
5. 5
Data Protection principles
• Same basic concepts and principles but generally tighter controls and
greater emphasis on data subject rights
• Fair, lawful and transparent processing
• Purpose limitation
• Data minimisation
• Accuracy
• Data retention
• Data security
• Accountability
6. How many of you are based in
the EU or outside the EU?
7. 7
1 – Expanded Territorial Scope
• Territorial scope significantly expanded under GDPR to cover:
• offering goods or services to EU-based individuals; and
• “monitoring the behaviour” of EU-based individuals.
• GDPR will directly apply to FS firms and fintechs “established” in EU
• GDPR may directly apply to:
• FS firms and fintech established outside EU, i.e. Singapore if they target or offer services to EU-based individuals
8. 8
2 – Increased financial exposure
• Current rules across the EU differ – DPC cannot directly impose fines
• Significant fines due under GDPR:
o up to €10m or 2% of total worldwide annual turnover =
breaches of obligations of controller
o up to €20m or 4% of total worldwide annual turnover =
breaches of obligations including the basic principles for processing (inc. consent), the data subjects’ rights
and data transfers
• GDPR contains a list of factors for determining level of fine (repeat offenders etc.)
• Data subject claims:
o explicit right to compensation for damage, both material and non-material (pecuniary loss?)
o possible joint and several liability
10. 10
3 - Narrower interpretation of consent
• Consent is more tightly defined
― a statement or clear affirmative act required
― distinct consent for each operation
• Must prove you obtained consent
• Consent separate from terms and conditions
• Must be as easy to withdraw as it is to give it
11. 11
4 - Increased transparency
• Must have transparent, clear, concise and easily accessible
privacy policy
• Intelligible language adapted to data subjects
• More information, e.g.:
― legal basis
― any specific legitimate interest relied upon
― how long you will keep data
― profiling, logic involved and effects
― implement appropriate technical / organisational measures
• Notice for further processing
12. 12
5 -Data Protection Impact Assessments
• Must do a documented DPIA if high risk processing, eg
― systematic and extensive automated evaluation with legal effect / similarly significant affects DS
― large scale processing of sensitive data
― evaluation or scoring, including profiling and predicting
• Where appropriate, seek views of data subjects representatives
• Exclusion if based upon law that specifically regulates processing operations and DPIA already carried out for that law
• May have to seek relevant data protection commissioner opinion if DPIA shows high risks not mitigated
13. 13
6 - Data Protection Officer
• Financial institutions/Fintechs may need to appoint a DPO
• large scale processing of sensitive data; or
• by virtue of processing, requires regular and systematic monitoring of data subjects on a large scale
• Must be expert in data protection laws and practices
• Report directly to highest management level; be properly involved with all activities dealing with personal data
• Must provide DPO with sufficient resources
• Can be group DPO
• Can perform other tasks provided no conflict of interest
• Protected role – cannot be removed or penalised for performing tasks
• Can be outsourced
14. 14
7 - Security
• New security obligations: optional?
o Pseudonymisation and encryption
o Confidentiality, integrity, availability and resilience of IT systems
o Restore availability and access
o Testing of security measures
15. 15
7 - Security breach
• Notify DPC without undue delay and, where feasible, within 72 hours, unless unlikely to result in a risk
• Processor must notify controller without undue delay
• Must notify data subjects if likely to result in a high risk to privacy / rights (with some exceptions)
• Must document breaches
• Should have security breach response plan in place
• Dual notification requirement may exist depending on the security breach – NCSC & DPC
16. 16
8 – Data processors
• Obligations for data processing agreements significantly expanded
• The contract must now include:
• the subject matter and duration of the processing
• the nature and purposes of the processing
• the type of personal data
• the categories of data subjects
• Additional obligatory provisions include that the processor:
• makes information available to demonstrate compliance
• contributes to audits and inspections
• assists the controller regarding access requests, DPIAs and security breaches
17. What is the correct definition of personal
data under the GDPR?
18. 18
9 - Accountability
• DC / DP must document all processing activities, e.g.:
― categories of data subjects, recipients and data
― data transfers (including details of safeguards)
― retention / erasure period
― general description of security measures (if possible)
• DC also must document purposes and (indirectly) legal bases
― AML Documentation
• Should be consistent with privacy policy
• Privacy by design/default
19. 19
10 - Data subject rights
• Right of restriction
• accuracy contested or processing unlawful
• no longer needed for original purpose, but necessary to establish, exercise or defend legal rights
• pending verification where individual objects
• Right to be erasure – ‘right to be forgotten’
• Variety of situations where individuals can request erasure
• Subject access requests
• Changes to cost, timelines and ability to refuse requests (Right to charge or refuse request if “manifestly unfounded or excessive”)
• Right to data portability
• Provide certain data in a machine-readable format
• only applies if legitimised based upon consent or performance of a contrac
• Right of rectification
20. 20
10 - Data subject rights
• Right to object
― applies if use legitimate interest or public interest test
― must then show overriding compelling legitimate grounds
• Must inform data subject of right to object
― explicitly brought to their attention
― present clearly and separately from other information
21. 21
Key points
• Core principles broadly the same, but tighter controls
• Greater accountability and shift in burden of proof
• Increased records and compliance burden
• Increased financial exposure
• Broader data subject rights
• 7 months to get it right, but time to start preparing is now
22. 22
What to do now – step 1 (what are we doing)?
• Data mapping exercise
― data flows and disclosures
― purpose and legitimisation mapping
• Audit of data transfers (remember Brexit)
• Audit of data related contracts
• GDPR gap analysis and prioritisation
23. 23
What to do now – Step 2 (moving forward)?
• Use gap analysis to decide on key action points
• Create internal accountability records
• Update internal / external policies & contracts
• Create any necessary new policies and templates, eg
― privacy by design / default playbook
― DPIA protocol and templates
― security breach response plan
• Appoint DPO
• Education
27. 27
MCO Platform
• Manage by alerts not reports
• Dashboards deliver greater oversight
• Custom questionnaire builder
• Continuous updates to the software
• Enhanced control
• 100% data capture
• 24/7/365 support
• Scalable into the future
As we’ve seen at the start of the webinar, poor management of your risk and compliance program can be very expensive for the organization and indeed for the individuals concerned! MyComplianceOffice has been developed and refined to help you synchronize the demands of the regulators with the needs of the organization, and we do this through a range of integrated software modules that will automate and control your risk and compliance program.
Risk and compliance management is a tough job and it is not easy to keep an organization compliant; one look at the fines tells us all about that. MCO can help you to automate your third party and vendor risk management program, your employee compliance program, your firms trading, and your customer management. This covers a very broad range of activities from employee trade management to gifts and entertainment and outside business activities. From vendor on-boarding to risk assessments and on-going due diligence. It is our job to enhance you reputation through better risk and compliance management across the board.
If that sounds like something that you can benefit from, please let us know.