SlideShare a Scribd company logo

Product management gdpr focus and strategy ankita kapoor-24 april 2018

A
Ankita Kapoor

Here is a quick study on GDPR from a Product Managers perspective and an example backlog for starters. As most of you would be aware, GDPR is replacing the data protection directive of 1995 for EU. In general, there are six data protection principles set out in the GDPR that each processing activity must comply with. It is bound to change the way we capture, use and store data across the world. Note: It is only from product perspective and is not a legal advise.

Technology
1 of 10
Download to read offline
PRODUCT MANAGEMENT – GDPR FOCUS & STRATEGY Ankita Kapoor
› IMPACT OF GDPR ON BUSINESSES › GDPR SDLC › PRODUCT MANAGER’S STRATEGY FOR GDPR › KEY PODUCT FEATURES FOR GDPR › EXAMPLE GDPR PRODUCT BACKLOG AGENDA Ankita Kapoor
IMPACT OF GDPR ON BUSINESSES GDPR Compliance – Benefits › No additional spending on Customer Acquisition Cost (CAC) and Customer Retention Cost (CRC) › Competitive edge over businesses who aren’t compliant or marketing enough › Expansion of customers base around the world because of additional trust › Availability of consented and dependable customer data › Intelligent digital marketing campaigns and hyper-personalization GDPR Non-compliance – Loss › Loss of EU customer base worldwide › Loss of revenue and profits from the EU region › Fines of up to 4% of annual global turnover, or 20 million EURO Ankita Kapoor
GDPR SDLC › Privacy by Design and Default › Threat Modelling › Secure Development Lifecycle › Dynamic Testing › Penetration Testing › Configuration Guidelines Design Development Testing Release Ankita Kapoor
PRODUCT MANAGER’S STRATEGY FOR GDPR › Interface with the Legal team and DPO › Fresh look at Customer and Customer Data › Understanding what data 3rd Party Service Providers/Vendors have › GDPR Compliant Product Backlog › GDPR focused Non-functional Documentation › Configuration Guidelines for every Release / Production › Testing is the key! Ankita Kapoor
MAIN PRODUCT FEATURES FOR GDPR Right to data portability – Import/ export Right to access and accuracy Erasure (right to be forgotten) Redefine customer data mapping Vendor onboarding and complianceRight to restrict processing Security and encryption Consent management platform Ankita Kapoor
EXAMPLE GDPR PRODUCT BACKLOG # Epics Stories 1 Redefine customer data mapping › Create new database system for storing and accessing data › Interface for internal users to interact with data and retrieve it 2 Right to access and accuracy › Interface for customers to view data › Interface for customers to request for rectification 3 Right to data portability – Import customer data › Create central repository to host data from different data storage locations › Define mapping, file extensions, sources › Interface for internal users to view and process data 4 Right to data portability – Export customer data › Convert imported data into a human readable format › Define file structure and extension › Interface for internal users to process the request › Interface for customers to request data Ankita Kapoor
# Epics Stories 5 Erasure (right to be forgotten) › Impact on internal applications and customer facing applications › Impact on backend/database › Auto-delete once data is no longer required › Exempted data – what cannot be deleted (UI and DB handling) 6 Right to restrict processing › Add ‘data private’ option – impact of blocking and suppressing data 7 Consent management platform › Robust cookie policy – detailed consent form for customers › Add ‘opt-in’ option › Update agreement policies in all applications 8 Vendor onboarding and compliance › Checklist of compliance and necessary certificates › Awareness program, DIY tutorials videos and support team › Interface for processing customer requests (to view, edit, delete or port customer data) EXAMPLE GDPR PRODUCT BACKLOG (CONTD…) Ankita Kapoor
# Epics Stories 9 Workspace setting center › Interface for team collaboration and administrator › Data consolidation from different departments 10 Register of data processing activities › Audit trails and change logs to be maintained – DB and UI 11 Login and password policies › Revisit login and password policies › Evaluate different options like cryptography hash functions etc. 12 Security and encryption › Revisit data security and encryption layer through out the application 13 Marketing GDPR › Mention GDPR compliance on all possible places in the application 14 Technical Debt › Assessment and scoping for the same Ankita Kapoor EXAMPLE GDPR PRODUCT BACKLOG (CONTD…)
THANK YOU! Ankita Kapoor

Recommended

Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
ForgeRock
 
Partner enablement GDPR
Partner enablement GDPRPartner enablement GDPR
Partner enablement GDPR
Juan Niekerk
 
#GDPR Compliance - Data Minimization via ArchivePod
#GDPR Compliance - Data Minimization via ArchivePod#GDPR Compliance - Data Minimization via ArchivePod
#GDPR Compliance - Data Minimization via ArchivePod
Garet Keller
 
Partner enablement GDPR
Partner enablement GDPRPartner enablement GDPR
Partner enablement GDPR
Juan Niekerk
 
Establishing sustainable GDPR compliance
Establishing sustainable GDPR complianceEstablishing sustainable GDPR compliance
Establishing sustainable GDPR compliance
Cloudera, Inc.
 
Analyst Webinar: Best Practices In Enabling Data-Driven Decision Making
Analyst Webinar: Best Practices In Enabling Data-Driven Decision MakingAnalyst Webinar: Best Practices In Enabling Data-Driven Decision Making
Analyst Webinar: Best Practices In Enabling Data-Driven Decision Making
Denodo
 
Auditing With Automation
Auditing With Automation Auditing With Automation
Auditing With Automation
Mukund Narayan Mishra
 
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for complianceGDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
Cloudera, Inc.
 

Recommended

Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
ForgeRock
 
Partner enablement GDPR
Partner enablement GDPRPartner enablement GDPR
Partner enablement GDPR
Juan Niekerk
 
#GDPR Compliance - Data Minimization via ArchivePod
#GDPR Compliance - Data Minimization via ArchivePod#GDPR Compliance - Data Minimization via ArchivePod
#GDPR Compliance - Data Minimization via ArchivePod
Garet Keller
 
Partner enablement GDPR
Partner enablement GDPRPartner enablement GDPR
Partner enablement GDPR
Juan Niekerk
 
Establishing sustainable GDPR compliance
Establishing sustainable GDPR complianceEstablishing sustainable GDPR compliance
Establishing sustainable GDPR compliance
Cloudera, Inc.
 
Analyst Webinar: Best Practices In Enabling Data-Driven Decision Making
Analyst Webinar: Best Practices In Enabling Data-Driven Decision MakingAnalyst Webinar: Best Practices In Enabling Data-Driven Decision Making
Analyst Webinar: Best Practices In Enabling Data-Driven Decision Making
Denodo
 
Auditing With Automation
Auditing With Automation Auditing With Automation
Auditing With Automation
Mukund Narayan Mishra
 
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for complianceGDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
Cloudera, Inc.
 
Monitoring in the DevOps Era
Monitoring in the DevOps EraMonitoring in the DevOps Era
Monitoring in the DevOps Era
Mike Kavis
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
Informatica
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
Informatica
 
Entry Points – How to Get Rolling with Big Data Analytics
Entry Points – How to Get Rolling with Big Data AnalyticsEntry Points – How to Get Rolling with Big Data Analytics
Entry Points – How to Get Rolling with Big Data Analytics
Inside Analysis
 
Mark logic Industrialize Your Data IOT Berlin Sept 2019
Mark logic Industrialize Your Data IOT Berlin Sept 2019Mark logic Industrialize Your Data IOT Berlin Sept 2019
Mark logic Industrialize Your Data IOT Berlin Sept 2019
Matt Turner
 
GDPR- The Buck Stops Here
GDPR- The Buck Stops HereGDPR- The Buck Stops Here
GDPR- The Buck Stops Here
Kellyn Pot'Vin-Gorman
 
Data Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
Data Con LA 2022 - Practical Solutions to Complex Supply Chain ProblemsData Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
Data Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
Data Con LA
 
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
Jeff Kelly
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020
Privacera
 
How Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceHow Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR compliance
Cloudera, Inc.
 
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
Denodo
 
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
JK Tech
 
Improving Agility While Widening Profit Margins Using Data Virtualization
Improving Agility While Widening Profit Margins Using Data VirtualizationImproving Agility While Widening Profit Margins Using Data Virtualization
Improving Agility While Widening Profit Margins Using Data Virtualization
Denodo
 
Klarna Tech Talk - Mind the Data!
Klarna Tech Talk - Mind the Data!Klarna Tech Talk - Mind the Data!
Klarna Tech Talk - Mind the Data!
Jeffrey T. Pollock
 
Medical Device UDI Compliance in the Cloud
Medical Device UDI Compliance in the CloudMedical Device UDI Compliance in the Cloud
Medical Device UDI Compliance in the Cloud
KPIT
 
Denodo DataFest 2016: ROI Justification in Data Virtualization
Denodo DataFest 2016: ROI Justification in Data VirtualizationDenodo DataFest 2016: ROI Justification in Data Virtualization
Denodo DataFest 2016: ROI Justification in Data Virtualization
Denodo
 
Accelerating the Data to Value Journey
Accelerating the Data to Value JourneyAccelerating the Data to Value Journey
Accelerating the Data to Value Journey
Denodo
 
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
Amazon Web Services
 
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance
 
CASE STUDY: SCHUBERG PHILIS
CASE STUDY: SCHUBERG PHILISCASE STUDY: SCHUBERG PHILIS
CASE STUDY: SCHUBERG PHILIS
ForgeRock
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
TopCSSGallery
 

More Related Content

Similar to Product management gdpr focus and strategy ankita kapoor-24 april 2018

Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
Informatica
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
Informatica
 
Entry Points – How to Get Rolling with Big Data Analytics
Entry Points – How to Get Rolling with Big Data AnalyticsEntry Points – How to Get Rolling with Big Data Analytics
Entry Points – How to Get Rolling with Big Data Analytics
Inside Analysis
 
Mark logic Industrialize Your Data IOT Berlin Sept 2019
Mark logic Industrialize Your Data IOT Berlin Sept 2019Mark logic Industrialize Your Data IOT Berlin Sept 2019
Mark logic Industrialize Your Data IOT Berlin Sept 2019
Matt Turner
 
Data Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
Data Con LA 2022 - Practical Solutions to Complex Supply Chain ProblemsData Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
Data Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
Data Con LA
 
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
Denodo
 
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
JK Tech
 
Improving Agility While Widening Profit Margins Using Data Virtualization
Improving Agility While Widening Profit Margins Using Data VirtualizationImproving Agility While Widening Profit Margins Using Data Virtualization
Improving Agility While Widening Profit Margins Using Data Virtualization
Denodo
 
Klarna Tech Talk - Mind the Data!
Klarna Tech Talk - Mind the Data!Klarna Tech Talk - Mind the Data!
Klarna Tech Talk - Mind the Data!
Jeffrey T. Pollock
 
Denodo DataFest 2016: ROI Justification in Data Virtualization
Denodo DataFest 2016: ROI Justification in Data VirtualizationDenodo DataFest 2016: ROI Justification in Data Virtualization
Denodo DataFest 2016: ROI Justification in Data Virtualization
Denodo
 
Accelerating the Data to Value Journey
Accelerating the Data to Value JourneyAccelerating the Data to Value Journey
Accelerating the Data to Value Journey
Denodo
 
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
Amazon Web Services
 

Similar to Product management gdpr focus and strategy ankita kapoor-24 april 2018 (20)

Monitoring in the DevOps Era
Monitoring in the DevOps EraMonitoring in the DevOps Era
Monitoring in the DevOps Era
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer ExperiencesCustomer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
 
Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences Customer-Centric Data Management for Better Customer Experiences
Customer-Centric Data Management for Better Customer Experiences
 
Entry Points – How to Get Rolling with Big Data Analytics
Entry Points – How to Get Rolling with Big Data AnalyticsEntry Points – How to Get Rolling with Big Data Analytics
Entry Points – How to Get Rolling with Big Data Analytics
 
Mark logic Industrialize Your Data IOT Berlin Sept 2019
Mark logic Industrialize Your Data IOT Berlin Sept 2019Mark logic Industrialize Your Data IOT Berlin Sept 2019
Mark logic Industrialize Your Data IOT Berlin Sept 2019
 
GDPR- The Buck Stops Here
GDPR- The Buck Stops HereGDPR- The Buck Stops Here
GDPR- The Buck Stops Here
 
Data Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
Data Con LA 2022 - Practical Solutions to Complex Supply Chain ProblemsData Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
Data Con LA 2022 - Practical Solutions to Complex Supply Chain Problems
 
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020
 
How Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR complianceHow Cloudera SDX can aid GDPR compliance
How Cloudera SDX can aid GDPR compliance
 
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
Logical Data Fabric: Maturing Implementation from Small to Big (APAC)
 
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
[Webinar] - How to Future-proof Your ERP Applications with Intelligent Automa...
 
Improving Agility While Widening Profit Margins Using Data Virtualization
Improving Agility While Widening Profit Margins Using Data VirtualizationImproving Agility While Widening Profit Margins Using Data Virtualization
Improving Agility While Widening Profit Margins Using Data Virtualization
 
Klarna Tech Talk - Mind the Data!
Klarna Tech Talk - Mind the Data!Klarna Tech Talk - Mind the Data!
Klarna Tech Talk - Mind the Data!
 
Medical Device UDI Compliance in the Cloud
Medical Device UDI Compliance in the CloudMedical Device UDI Compliance in the Cloud
Medical Device UDI Compliance in the Cloud
 
Denodo DataFest 2016: ROI Justification in Data Virtualization
Denodo DataFest 2016: ROI Justification in Data VirtualizationDenodo DataFest 2016: ROI Justification in Data Virtualization
Denodo DataFest 2016: ROI Justification in Data Virtualization
 
Accelerating the Data to Value Journey
Accelerating the Data to Value JourneyAccelerating the Data to Value Journey
Accelerating the Data to Value Journey
 
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
Accelerate AI/ML Adoption with Intel Processors and C3IoT on AWS (AIM386-S) -...
 
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
 
CASE STUDY: SCHUBERG PHILIS
CASE STUDY: SCHUBERG PHILISCASE STUDY: SCHUBERG PHILIS
CASE STUDY: SCHUBERG PHILIS
 

Recently uploaded

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
panagenda
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
DianaGray10
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
Muhammad Subhan
 
CORS (Kitworks Team Study 양다윗 발표자료 240510)
CORS (Kitworks Team Study 양다윗 발표자료 240510)CORS (Kitworks Team Study 양다윗 발표자료 240510)
CORS (Kitworks Team Study 양다윗 발표자료 240510)
Wonjun Hwang
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 

Recently uploaded (20)

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
CORS (Kitworks Team Study 양다윗 발표자료 240510)
CORS (Kitworks Team Study 양다윗 발표자료 240510)CORS (Kitworks Team Study 양다윗 발표자료 240510)
CORS (Kitworks Team Study 양다윗 발표자료 240510)
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfFrisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 

Product management gdpr focus and strategy ankita kapoor-24 april 2018

  • 1. PRODUCT MANAGEMENT – GDPR FOCUS & STRATEGY Ankita Kapoor
  • 2. › IMPACT OF GDPR ON BUSINESSES › GDPR SDLC › PRODUCT MANAGER’S STRATEGY FOR GDPR › KEY PODUCT FEATURES FOR GDPR › EXAMPLE GDPR PRODUCT BACKLOG AGENDA Ankita Kapoor
  • 3. IMPACT OF GDPR ON BUSINESSES GDPR Compliance – Benefits › No additional spending on Customer Acquisition Cost (CAC) and Customer Retention Cost (CRC) › Competitive edge over businesses who aren’t compliant or marketing enough › Expansion of customers base around the world because of additional trust › Availability of consented and dependable customer data › Intelligent digital marketing campaigns and hyper-personalization GDPR Non-compliance – Loss › Loss of EU customer base worldwide › Loss of revenue and profits from the EU region › Fines of up to 4% of annual global turnover, or 20 million EURO Ankita Kapoor
  • 4. GDPR SDLC › Privacy by Design and Default › Threat Modelling › Secure Development Lifecycle › Dynamic Testing › Penetration Testing › Configuration Guidelines Design Development Testing Release Ankita Kapoor
  • 5. PRODUCT MANAGER’S STRATEGY FOR GDPR › Interface with the Legal team and DPO › Fresh look at Customer and Customer Data › Understanding what data 3rd Party Service Providers/Vendors have › GDPR Compliant Product Backlog › GDPR focused Non-functional Documentation › Configuration Guidelines for every Release / Production › Testing is the key! Ankita Kapoor
  • 6. MAIN PRODUCT FEATURES FOR GDPR Right to data portability – Import/ export Right to access and accuracy Erasure (right to be forgotten) Redefine customer data mapping Vendor onboarding and complianceRight to restrict processing Security and encryption Consent management platform Ankita Kapoor
  • 7. EXAMPLE GDPR PRODUCT BACKLOG # Epics Stories 1 Redefine customer data mapping › Create new database system for storing and accessing data › Interface for internal users to interact with data and retrieve it 2 Right to access and accuracy › Interface for customers to view data › Interface for customers to request for rectification 3 Right to data portability – Import customer data › Create central repository to host data from different data storage locations › Define mapping, file extensions, sources › Interface for internal users to view and process data 4 Right to data portability – Export customer data › Convert imported data into a human readable format › Define file structure and extension › Interface for internal users to process the request › Interface for customers to request data Ankita Kapoor
  • 8. # Epics Stories 5 Erasure (right to be forgotten) › Impact on internal applications and customer facing applications › Impact on backend/database › Auto-delete once data is no longer required › Exempted data – what cannot be deleted (UI and DB handling) 6 Right to restrict processing › Add ‘data private’ option – impact of blocking and suppressing data 7 Consent management platform › Robust cookie policy – detailed consent form for customers › Add ‘opt-in’ option › Update agreement policies in all applications 8 Vendor onboarding and compliance › Checklist of compliance and necessary certificates › Awareness program, DIY tutorials videos and support team › Interface for processing customer requests (to view, edit, delete or port customer data) EXAMPLE GDPR PRODUCT BACKLOG (CONTD…) Ankita Kapoor
  • 9. # Epics Stories 9 Workspace setting center › Interface for team collaboration and administrator › Data consolidation from different departments 10 Register of data processing activities › Audit trails and change logs to be maintained – DB and UI 11 Login and password policies › Revisit login and password policies › Evaluate different options like cryptography hash functions etc. 12 Security and encryption › Revisit data security and encryption layer through out the application 13 Marketing GDPR › Mention GDPR compliance on all possible places in the application 14 Technical Debt › Assessment and scoping for the same Ankita Kapoor EXAMPLE GDPR PRODUCT BACKLOG (CONTD…)