The document discusses the General Data Protection Regulation (GDPR) which takes effect in May 2018. It provides an overview of the GDPR and its key requirements, including data subject rights, security obligations, accountability, and potential fines for noncompliance. It then discusses technical and architectural preparedness, offering a framework for GDPR compliance. Finally, it outlines initial steps organizations can take, such as data mapping, discovery, and risk assessment.
MindMap AVG Louwers Advocaten V 4.0 (EN)Huub de Jong
This document outlines the key aspects of the General Data Protection Regulation (GDPR), including processing principles such as privacy by design and data minimization. It discusses structuring data through anonymization and pseudonymization as well as profiling. Cross-border data transfers must follow models like EC model clauses or Binding Corporate Rules. The roles of controllers and processors are defined along with their responsibilities regarding records, breaches, and agreements. Data subjects' rights include access, rectification, objection and erasure. Enforcement is through national authorities and the European Data Protection Board, with fines of up to 20 million euros or 4% of annual global turnover for violations.
Understand what GDPR is and how it affects US companies.
- Take the 3-Question Test to see if it really applies to you
- Follow a 4-part framework for updating your privacy policy
- Learn why your CRM may be a problem
- Get a full checklist on how to become compliant today
The document provides an overview of the General Data Protection Regulation (GDPR). It begins with an outline of key GDPR terms, principles, rights of data subjects, and responsibilities of controllers and processors. It then discusses governance topics like the data protection officer and data protection impact assessments. The document outlines the GDPR timeline from 2016 to 2018 and compares GDPR to the EU-US Privacy Shield framework. It ends by discussing how companies are prioritizing GDPR compliance and questions to consider regarding readiness.
The document summarizes proposed changes to data protection regulations in the European Union. The key points are:
1) The proposed General Data Protection Regulation aims to standardize data protection laws across EU states through a single set of rules and increased individual rights and enforcement.
2) The regulation proposes stricter obligations for organizations around data documentation, security, privacy by design, and appointing data protection officers. It also strengthens individual rights like the "right to be forgotten."
3) Non-compliance could result in fines of up to 2% of global annual turnover. Organizations are advised to review their data processing and protection practices in preparation for the new regulations.
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
In this webinar, see the specific impacts of GDPR on B2B companies as they plan, budget, launch and measure success from ABM advertising programs that reach and engage the 500 Million+ citizens of EU countries and the UK. Our panel of experts will cover the IT, Legal, Marketing, Data and Technology Provider side of GDPR compliance. All of these dimensions need to be addressed as you plan for the world of GDPR.
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
This document provides an overview of the EU General Data Protection Regulation (GDPR) which takes effect on May 25, 2018. It discusses the issues with how organizations currently manage data and how GDPR aims to better protect consumer data. Key points include expanded definitions of personal data, increased rights for data subjects, higher fines for non-compliance, and new requirements for consent, transparency, accountability, and breach notification. It outlines four steps businesses need to take, including reviewing policies, establishing a legal basis for processing, demonstrating compliance, and considering appointing a data protection officer.
The document discusses the General Data Protection Regulation (GDPR) which takes effect in May 2018. It provides an overview of the GDPR and its key requirements, including data subject rights, security obligations, accountability, and potential fines for noncompliance. It then discusses technical and architectural preparedness, offering a framework for GDPR compliance. Finally, it outlines initial steps organizations can take, such as data mapping, discovery, and risk assessment.
MindMap AVG Louwers Advocaten V 4.0 (EN)Huub de Jong
This document outlines the key aspects of the General Data Protection Regulation (GDPR), including processing principles such as privacy by design and data minimization. It discusses structuring data through anonymization and pseudonymization as well as profiling. Cross-border data transfers must follow models like EC model clauses or Binding Corporate Rules. The roles of controllers and processors are defined along with their responsibilities regarding records, breaches, and agreements. Data subjects' rights include access, rectification, objection and erasure. Enforcement is through national authorities and the European Data Protection Board, with fines of up to 20 million euros or 4% of annual global turnover for violations.
Understand what GDPR is and how it affects US companies.
- Take the 3-Question Test to see if it really applies to you
- Follow a 4-part framework for updating your privacy policy
- Learn why your CRM may be a problem
- Get a full checklist on how to become compliant today
The document provides an overview of the General Data Protection Regulation (GDPR). It begins with an outline of key GDPR terms, principles, rights of data subjects, and responsibilities of controllers and processors. It then discusses governance topics like the data protection officer and data protection impact assessments. The document outlines the GDPR timeline from 2016 to 2018 and compares GDPR to the EU-US Privacy Shield framework. It ends by discussing how companies are prioritizing GDPR compliance and questions to consider regarding readiness.
The document summarizes proposed changes to data protection regulations in the European Union. The key points are:
1) The proposed General Data Protection Regulation aims to standardize data protection laws across EU states through a single set of rules and increased individual rights and enforcement.
2) The regulation proposes stricter obligations for organizations around data documentation, security, privacy by design, and appointing data protection officers. It also strengthens individual rights like the "right to be forgotten."
3) Non-compliance could result in fines of up to 2% of global annual turnover. Organizations are advised to review their data processing and protection practices in preparation for the new regulations.
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
In this webinar, see the specific impacts of GDPR on B2B companies as they plan, budget, launch and measure success from ABM advertising programs that reach and engage the 500 Million+ citizens of EU countries and the UK. Our panel of experts will cover the IT, Legal, Marketing, Data and Technology Provider side of GDPR compliance. All of these dimensions need to be addressed as you plan for the world of GDPR.
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
This document provides an overview of the EU General Data Protection Regulation (GDPR) which takes effect on May 25, 2018. It discusses the issues with how organizations currently manage data and how GDPR aims to better protect consumer data. Key points include expanded definitions of personal data, increased rights for data subjects, higher fines for non-compliance, and new requirements for consent, transparency, accountability, and breach notification. It outlines four steps businesses need to take, including reviewing policies, establishing a legal basis for processing, demonstrating compliance, and considering appointing a data protection officer.
GDPR what you should know and how to minimize impact on your businessOlivier BARROT
The upcoming General Data Protection Regulation (GDPR) that will be applicable to all data of EU citizens starting May 2018 enforces new data privacy obligations on the management and the retention of personally identifiable information (PII) including data collection, retention, protection, modification and deletion processes.
Learn what are the impacts on your business and how to prepare with IBM solutions
The document discusses the General Data Protection Regulation (GDPR) which will replace data protection laws in the EU in May 2018. It will fundamentally change how companies manage personal data, imposing fines up to 20 million Euros for noncompliance. The document outlines key terms like personal data, sensitive personal data, data controllers and processors. It provides questions companies should ask themselves to assess readiness and an example roadmap for a company to implement a GDPR compliance program.
Quick Introduction to the EU GDPR by Sami ZahranDr. Sami Zahran
This document introduces a GDPR remediation programme to help organizations achieve compliance with the new General Data Protection Regulation (GDPR) that takes effect in May 2018. It discusses the motivation for GDPR including updating outdated privacy laws for the digital age. The programme will assess key areas like individuals' rights, consent, data transfers, and accountability. It will be a corporate-wide change effort governed by control boards at the corporate and business unit levels. Project managers and teams will implement new procedures, processes, technologies, roles, and training needed by the fixed deadline.
For more information visit https://brightpay.co.uk
All organisations, regardless of size, will have had to introduce or update existing policies regarding personal data in order to comply with the new regulations.
This webinar will look at the GDPR, how it may affect your business and what we have learned from the GDPR 5 months on. We will also have a look at how BrightPay can help your organisation utilise the new regulations for the benefit of you, your customers and youremployees.
Essentially, GDPR is an overhaul of the way we process, manage and store individual’s personal data, and that includes your employee’s personal payroll and HR information. We will take you through the impact of GDPR on your payroll processing, highlighting the biggest areas of concern including emailing payslips, employee consent and your legal obligations with regards to payroll, HR and Employment law.
The webinar will include a demonstration of how our BrightPay Connect add-on can help you work towards GDPR compliance by offering remote online access to accountants, employers and employees. We will take a brief look at our Bright Contracts software, which as well as providing the user with the facility to create and customise Contracts of Employment and Company Handbooks, now has a new feature which enables the user to create an Employee Privacy Policy which is a requirement under GDPR.
We will also unveil our new timesheet rapid input feature. Our exciting new timesheet feature directly connects to the BrightPay payroll and allows clients to import timesheet hours from a CSV or directly input hours for each employee on the BrightPay connect employer dashboard. For accountants and payroll bureaus, clients can easily use the timesheet upload for rapid input of employee’s hours eliminating possible errors. The timesheet feature also allows bureaus to easily run the payroll before sending it back to your payroll client for final approval and validation.
Ready for the GDPR, Ready for the Digital EconomyRay ABOU
The GDPR is a new EU law that gives EU residents greater control over their personal data and how companies collect, store, and use it. It requires companies to obtain explicit consent, provide access and correction rights to individuals, report data breaches, and face fines of up to 4% of global revenue for noncompliance. Key changes include strengthened data subject rights, security requirements, data governance policies, and processes to ensure compliance. To prepare, companies should evaluate their data systems and usage, implement governance policies and training, and establish processes to audit, monitor and respond to data requests and potential breaches.
Preparing for general data protection regulations (gdpr) within the hous...Stephanie Vasey
This document provides an overview of key aspects of complying with the General Data Protection Regulation (GDPR), including:
- Demonstrating compliance through maintaining records of processing activities, implementing security measures, and appointing a data protection officer.
- The role and responsibilities of data protection officers to advise on compliance, monitor activities, and act as a point of contact.
- Responsibilities of controllers and processors around security, joint controllership, and contracts with processors.
- Requirements around breach notification to supervisory authorities and data subjects in certain circumstances.
- Steps for preparing for the GDPR through guidance from the Information Commissioner's Office on privacy notices, data portability, and identifying lead authorities
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
The document discusses preparing organizations for compliance with the EU General Data Protection Regulation (GDPR). It provides an overview of key GDPR requirements, such as obtaining consent for personal data use, implementing privacy by design, and responding to data breaches. The document recommends developing a GDPR action plan that includes conducting privacy impact assessments and audits. Overall, the summary emphasizes the need for organizations to understand how they use personal data and ensure they can meet GDPR requirements for data protection.
Presentation to Cyprus Computer Society Records Management event by Christoforos Christoforou, Risk and Strategic Planning Manager at Fileminders http://www.fileminders.com.cy/
Agenda:
1. Introduction to the General Data Protection Regulation (GDPR )
2.Data protection: Why all the fuss?
3. How does GDPR affect your business?
If you are in the UK and need to check that you will comply with the General Data Protection Regulations when they come into force in May 2018, this checklist might help. Developed for use in my own business it is shared without liability. Please use it wisely to start the process of complying.
For more information on making your processes and your legal documents simple, especially if you are in the UK construction industry, go to http://500words.co.uk/
The Practical Impact of the General Data Protection RegulationGhostery, Inc.
The document provides an overview of the General Data Protection Regulation (GDPR) and its impact on digital advertising. It discusses GDPR's aim to give individuals more control over their personal data and create a single set of privacy rules across the EU. The GDPR will increase obligations for companies, including strengthened consent requirements, data subject rights, and accountability measures. It will also allow for fines of up to 20 million euros or 4% of global revenue. The document also summarizes Ghostery's privacy tools and an industry initiative to enhance ad transparency and user control in compliance with the GDPR.
The document provides a summary of the key aspects of the General Data Protection Regulation (GDPR) in 3 pages. It discusses the basic principles of GDPR, how it may impact technology systems, and software tools that can help with compliance. Some of the main topics covered include the definition of personal and sensitive data, data subject rights, privacy by design, security requirements, and obligations for controllers and processors. The summary emphasizes the need for businesses to review their data protection practices and ensure they are prepared to comply with GDPR requirements that take effect in May 2018.
In this Story, we follow Sophie in her life and job. In her new job, she meets Marco, who chose Microsoft Solutions to be as compliant as possible with GDPR.
If you want to hear the story behind the slides, feel free to get in touch via www.thedataprotectionoffice.eu
The General Data Protection Regulation (GDPR) is an EU law that sets new standards for data protection and privacy for all individuals within the EU and regulates the export of personal data outside the EU. It requires companies to gain consent for data collection, provides rights for data access and portability for individuals, and increases fines for non-compliance up to 4% of global revenue. The GDPR also mandates appointment of data protection officers, principles of privacy by design, rights to be forgotten, and data breach notification within 72 hours.
What is the new data protection regulation GDPR and why should you care? Jesp...Exove
What is the new data protection regulation GDPR and why should you care? by Jesper Nevalainen, Bird & Bird
Exove and Bird & Bird seminar on Nov 23rd 2016: "GDPR - Practical Effects on Digital Business - juridical, technical, and customer point of view"
Strengthening current personal data protection regulation (EU 95/46), GDPR lays down rules relating to protection of natural persons with regard to processing and free movement of personal data. It applies to all entities in EU member states processing personal data by automated means and processing which form part of a filing system. Application of GDPR will be supervised in Belgium by the privacy commission.
GDPR – The Practicalities of a New Reality Susan Moran
GDPR is fast becoming the new reality and will bring big implications for all companies in May 2018. As companies begin to prepare for GDPR, part 2 of our GDPR series will introduce you to some key the GDPR Directive and the changes that it will bring with it.
The document provides an overview and agenda for a conference on achieving compliance with the General Data Protection Regulation (GDPR). It discusses key aspects of GDPR compliance including identifying personal data, data subject rights, security requirements, international data transfers, and remedies for non-compliance. Various vendors also present on how their products can help organizations meet GDPR requirements through features such as digital consent management and customizable reporting on personal data. An example case study highlights how one company used DocuSign to address challenges around manual processes, GDPR readiness, and security of personal information.
The document discusses the transition from the Data Protection Act 1998 to the new General Data Protection Regulation (GDPR) that takes effect in May 2018. Some key points include:
- The GDPR has a wider territorial scope and applies to any organization that offers goods/services to individuals in the EU or monitors their behavior.
- Organizations must comply with new requirements for lawful processing of personal data, rights of data subjects, data protection officers, security breaches, and accountability.
- Non-compliance will result in significant fines of up to 20 million euros or 4% of global annual turnover, focusing minds on implementing a GDPR compliance strategy by the May 2018 deadline.
GDPR what you should know and how to minimize impact on your businessOlivier BARROT
The upcoming General Data Protection Regulation (GDPR) that will be applicable to all data of EU citizens starting May 2018 enforces new data privacy obligations on the management and the retention of personally identifiable information (PII) including data collection, retention, protection, modification and deletion processes.
Learn what are the impacts on your business and how to prepare with IBM solutions
The document discusses the General Data Protection Regulation (GDPR) which will replace data protection laws in the EU in May 2018. It will fundamentally change how companies manage personal data, imposing fines up to 20 million Euros for noncompliance. The document outlines key terms like personal data, sensitive personal data, data controllers and processors. It provides questions companies should ask themselves to assess readiness and an example roadmap for a company to implement a GDPR compliance program.
Quick Introduction to the EU GDPR by Sami ZahranDr. Sami Zahran
This document introduces a GDPR remediation programme to help organizations achieve compliance with the new General Data Protection Regulation (GDPR) that takes effect in May 2018. It discusses the motivation for GDPR including updating outdated privacy laws for the digital age. The programme will assess key areas like individuals' rights, consent, data transfers, and accountability. It will be a corporate-wide change effort governed by control boards at the corporate and business unit levels. Project managers and teams will implement new procedures, processes, technologies, roles, and training needed by the fixed deadline.
For more information visit https://brightpay.co.uk
All organisations, regardless of size, will have had to introduce or update existing policies regarding personal data in order to comply with the new regulations.
This webinar will look at the GDPR, how it may affect your business and what we have learned from the GDPR 5 months on. We will also have a look at how BrightPay can help your organisation utilise the new regulations for the benefit of you, your customers and youremployees.
Essentially, GDPR is an overhaul of the way we process, manage and store individual’s personal data, and that includes your employee’s personal payroll and HR information. We will take you through the impact of GDPR on your payroll processing, highlighting the biggest areas of concern including emailing payslips, employee consent and your legal obligations with regards to payroll, HR and Employment law.
The webinar will include a demonstration of how our BrightPay Connect add-on can help you work towards GDPR compliance by offering remote online access to accountants, employers and employees. We will take a brief look at our Bright Contracts software, which as well as providing the user with the facility to create and customise Contracts of Employment and Company Handbooks, now has a new feature which enables the user to create an Employee Privacy Policy which is a requirement under GDPR.
We will also unveil our new timesheet rapid input feature. Our exciting new timesheet feature directly connects to the BrightPay payroll and allows clients to import timesheet hours from a CSV or directly input hours for each employee on the BrightPay connect employer dashboard. For accountants and payroll bureaus, clients can easily use the timesheet upload for rapid input of employee’s hours eliminating possible errors. The timesheet feature also allows bureaus to easily run the payroll before sending it back to your payroll client for final approval and validation.
Ready for the GDPR, Ready for the Digital EconomyRay ABOU
The GDPR is a new EU law that gives EU residents greater control over their personal data and how companies collect, store, and use it. It requires companies to obtain explicit consent, provide access and correction rights to individuals, report data breaches, and face fines of up to 4% of global revenue for noncompliance. Key changes include strengthened data subject rights, security requirements, data governance policies, and processes to ensure compliance. To prepare, companies should evaluate their data systems and usage, implement governance policies and training, and establish processes to audit, monitor and respond to data requests and potential breaches.
Preparing for general data protection regulations (gdpr) within the hous...Stephanie Vasey
This document provides an overview of key aspects of complying with the General Data Protection Regulation (GDPR), including:
- Demonstrating compliance through maintaining records of processing activities, implementing security measures, and appointing a data protection officer.
- The role and responsibilities of data protection officers to advise on compliance, monitor activities, and act as a point of contact.
- Responsibilities of controllers and processors around security, joint controllership, and contracts with processors.
- Requirements around breach notification to supervisory authorities and data subjects in certain circumstances.
- Steps for preparing for the GDPR through guidance from the Information Commissioner's Office on privacy notices, data portability, and identifying lead authorities
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
The document discusses preparing organizations for compliance with the EU General Data Protection Regulation (GDPR). It provides an overview of key GDPR requirements, such as obtaining consent for personal data use, implementing privacy by design, and responding to data breaches. The document recommends developing a GDPR action plan that includes conducting privacy impact assessments and audits. Overall, the summary emphasizes the need for organizations to understand how they use personal data and ensure they can meet GDPR requirements for data protection.
Presentation to Cyprus Computer Society Records Management event by Christoforos Christoforou, Risk and Strategic Planning Manager at Fileminders http://www.fileminders.com.cy/
Agenda:
1. Introduction to the General Data Protection Regulation (GDPR )
2.Data protection: Why all the fuss?
3. How does GDPR affect your business?
If you are in the UK and need to check that you will comply with the General Data Protection Regulations when they come into force in May 2018, this checklist might help. Developed for use in my own business it is shared without liability. Please use it wisely to start the process of complying.
For more information on making your processes and your legal documents simple, especially if you are in the UK construction industry, go to http://500words.co.uk/
The Practical Impact of the General Data Protection RegulationGhostery, Inc.
The document provides an overview of the General Data Protection Regulation (GDPR) and its impact on digital advertising. It discusses GDPR's aim to give individuals more control over their personal data and create a single set of privacy rules across the EU. The GDPR will increase obligations for companies, including strengthened consent requirements, data subject rights, and accountability measures. It will also allow for fines of up to 20 million euros or 4% of global revenue. The document also summarizes Ghostery's privacy tools and an industry initiative to enhance ad transparency and user control in compliance with the GDPR.
The document provides a summary of the key aspects of the General Data Protection Regulation (GDPR) in 3 pages. It discusses the basic principles of GDPR, how it may impact technology systems, and software tools that can help with compliance. Some of the main topics covered include the definition of personal and sensitive data, data subject rights, privacy by design, security requirements, and obligations for controllers and processors. The summary emphasizes the need for businesses to review their data protection practices and ensure they are prepared to comply with GDPR requirements that take effect in May 2018.
In this Story, we follow Sophie in her life and job. In her new job, she meets Marco, who chose Microsoft Solutions to be as compliant as possible with GDPR.
If you want to hear the story behind the slides, feel free to get in touch via www.thedataprotectionoffice.eu
The General Data Protection Regulation (GDPR) is an EU law that sets new standards for data protection and privacy for all individuals within the EU and regulates the export of personal data outside the EU. It requires companies to gain consent for data collection, provides rights for data access and portability for individuals, and increases fines for non-compliance up to 4% of global revenue. The GDPR also mandates appointment of data protection officers, principles of privacy by design, rights to be forgotten, and data breach notification within 72 hours.
What is the new data protection regulation GDPR and why should you care? Jesp...Exove
What is the new data protection regulation GDPR and why should you care? by Jesper Nevalainen, Bird & Bird
Exove and Bird & Bird seminar on Nov 23rd 2016: "GDPR - Practical Effects on Digital Business - juridical, technical, and customer point of view"
Strengthening current personal data protection regulation (EU 95/46), GDPR lays down rules relating to protection of natural persons with regard to processing and free movement of personal data. It applies to all entities in EU member states processing personal data by automated means and processing which form part of a filing system. Application of GDPR will be supervised in Belgium by the privacy commission.
GDPR – The Practicalities of a New Reality Susan Moran
GDPR is fast becoming the new reality and will bring big implications for all companies in May 2018. As companies begin to prepare for GDPR, part 2 of our GDPR series will introduce you to some key the GDPR Directive and the changes that it will bring with it.
The document provides an overview and agenda for a conference on achieving compliance with the General Data Protection Regulation (GDPR). It discusses key aspects of GDPR compliance including identifying personal data, data subject rights, security requirements, international data transfers, and remedies for non-compliance. Various vendors also present on how their products can help organizations meet GDPR requirements through features such as digital consent management and customizable reporting on personal data. An example case study highlights how one company used DocuSign to address challenges around manual processes, GDPR readiness, and security of personal information.
The document discusses the transition from the Data Protection Act 1998 to the new General Data Protection Regulation (GDPR) that takes effect in May 2018. Some key points include:
- The GDPR has a wider territorial scope and applies to any organization that offers goods/services to individuals in the EU or monitors their behavior.
- Organizations must comply with new requirements for lawful processing of personal data, rights of data subjects, data protection officers, security breaches, and accountability.
- Non-compliance will result in significant fines of up to 20 million euros or 4% of global annual turnover, focusing minds on implementing a GDPR compliance strategy by the May 2018 deadline.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
The document discusses the General Data Protection Regulation (GDPR) which regulates how companies handle personal data of EU citizens. It provides an overview of GDPR including key events leading to its adoption and how it strengthens data protection rights. It highlights some notable differences between GDPR and the previous UK Data Protection Act. The document also outlines an approach for companies to become GDPR compliant including conducting a data assessment, updating policies and processes, and appointing a data protection officer if needed. It notes both the penalties for non-compliance and opportunities that GDPR presents organizations.
For more information visit https://www.brightpay.co.uk
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Employers process large amounts of personal data, not least in relation to their customers and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How to prepare for GDPR
How we are working to help you
This document provides an overview of Polar's approach to complying with the General Data Protection Regulation (GDPR). It discusses Polar's commitment to privacy, what GDPR is, some of the key challenges of implementation, and the processes and reviews Polar has put in place. The director introduces himself and his role at Polar, and then covers key aspects of GDPR including data subject rights, the definitions of controllers and processors, lawful bases for processing, and requirements around consent, documentation, accountability, and security.
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
The General Data Protection Regulation is the biggest change to the law on data in years. This webinar features Vicky Brown, Deputy General Counsel at WPP, and Paul King, Head of Data at OgilvyOne discussing what it is, why it matters and what companies are doing.
MyComplianceOffice presents our Oct 26th webinar, “ Prepare Your Firm for GDPR", co-hosted by MCO and Emily Mahoney a Technology Lawyer at Mason Hayes & Curran
The document discusses how Acronis solutions help organizations comply with the GDPR through features that allow for privacy impact assessments, data access governance, secure backup storage, data breach response, and data deletion in accordance with data subject rights like access, rectification, erasure and portability. It outlines how Acronis Backup, Storage, Backup Cloud and Disaster Recovery Service provide control over data location, strong encryption, easy data access and modification, fast recovery, and logging to meet GDPR requirements.
The GDPR will directly apply across the EU from May 2018, replacing the previous data protection directive. It expands the scope of regulations and increases accountability for organizations. Individual rights are also enhanced, including rights to access, rectify, and erase personal data. Non-compliance can result in fines of up to 20 million euros or 4% of annual global turnover. Organizations should begin compliance projects now to assess risks, strengthen policies, and appoint data protection officers. The GDPR aims to harmonize data protection and modernize rules for an increasingly digital world.
Getting to grips with General Data Protection Regulation (GDPR)Zoodikers
Leading employment lawyer Pam Loch, and digital expert Katie King share their advice on how to get to grips with the topic of the moment - GDPR.
They look at who is liable, the impact of Brexit, how it affects marketing and what steps you can take to prepare.
For more information visit https://www.brightpay.co.uk
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Employers process large amounts of personal data, not least in relation to their customers and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How to prepare for GDPR
How we are working to help you
General Data Protection Regulation (GDPR) Implications for Canadian Firmsaccenture
The General Data Protection Regulation (GDPR) represents significant challenges for financial institutions to comply with the new data processing and record keeping requirements. This Accenture Finance & Risk presentation explores the impact of GDPR on Canadian firms, including lessons learned from our work with clients and knowledge gained that can be used for an effective GDPR journey.
EU GDPR(general data protection regulation)RAKESH S
The document discusses the key aspects and requirements of the European Union's General Data Protection Regulation (GDPR) which takes effect in May 2018. It overviews the goals of the GDPR to give citizens control over their personal data and simplify regulations for international business. Some key points covered include territorial scope and application to non-EU organizations, data subject rights, security breach notification requirements, appointing a data protection officer, and strategies for implementing GDPR compliance.
EMMA’s EMEA Regional Director Joseph Yammine explains how the EU’s General Data Protection Regulation applies to the Health Care Industry and how you can prepare your team to follow the regulation and avoid any data breaches.
The document discusses key aspects of preparing for and complying with the EU General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018. It outlines some of the major changes and requirements introduced by the GDPR, including its expanded territorial reach, new obligations for data processors, strengthened consent requirements, increased penalties for non-compliance, and the role of supervisory authorities. The document emphasizes that organizations must conduct assessments, secure resources and budgets, and implement technologies and processes to ensure they have a defensible position and are prepared to address the challenges and opportunities created by the GDPR.
On 25 May 2018 the new General Data Protection Regulation (GDPR) will come into force, replacing all existing data protection regulations.
Payroll bureaus process large amounts of personal data in relation to their customers, their customers’ employees, and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
BrightPay hosted a free CPD accredited webinar alongside Bright Contracts where we discussed everything that accountants, bookkeepers and payroll bureaus need to know about GDPR.
For more information visit https://www.brightpay.co.uk
With the deadline for the General Data Protection Regulation, or GDPR, compliance looming (it takes effect May 25, 2018), it’s more important than ever to make sure you’re on board. Listen in to our webinar recording to understand how to make sure you're in full compliance.
Impact of GDPR on Third Party and M&A SecurityEQS Group
GDPR impact has been dissected and examined to death - however, M&A activities, as well as third-party security posture, can be greatly affected as well, and this aspect has not been very often pursued. This session hopes to be useful for that.
The Countdown is on: Key Things to Know About the GDPRCase IQ
The EU’s General Data Protection Regulation (GDPR) comes into effect on May 25th. This powerful legislation strengthens data privacy laws in Europe and has implications for companies all over the world that store, process or transfer the information of the EU’s citizens.
Failure to comply with the regulation can expose a company to fines based on global revenue and reputation damage, yet many companies are struggling to comply in time.
Join information security expert and CEO/Founder of AsTech Consulting, Greg Reber, as he walks participants through a plan for GDPR compliance.
LawBite is a UK-based online legal platform launched in 2013, headquartered in London. LawBite uses legal technology to streamline legal services for small and medium sized businesses (SMEs), providing access to legal document templates as well as a network of lawyers based in the UK and internationally.
The GDPR came into force on 25 May 2018. The changes that the GDPR makes to Data Protection legislation are far reaching and the GDPR introduces a number of new legal concepts.
The interactive webinar will provide you with details on the key changes that you need to be aware of under GDPR including:
1. Background to the GDPR
2. Key changes under GDPR
3. GDPR Data Protection Principles
4. Data Processing
5. Obtaining consent
6. Rights of data subjects
7. International data transfers
8. Data breaches
9. Data processors and data protection officers
10. What your organisation should be doing now
The webinar contains a 45 minute presentation with a Q&A at the end.
Similar to Scott Appleton: GDPR - Big Bang or Data Evolution? (20)
The Future of Criminal Defense Lawyer in India.pdfveteranlegal
https://veteranlegal.in/defense-lawyer-in-india/ | Criminal defense Lawyer in India has always been a vital aspect of the country's legal system. As defenders of justice, criminal Defense Lawyer play a critical role in ensuring that individuals accused of crimes receive a fair trial and that their constitutional rights are protected. As India evolves socially, economically, and technologically, the role and future of criminal Defense Lawyer are also undergoing significant changes. This comprehensive blog explores the current landscape, challenges, technological advancements, and prospects for criminal Defense Lawyer in India.
सुप्रीम कोर्ट ने यह भी माना था कि मजिस्ट्रेट का यह कर्तव्य है कि वह सुनिश्चित करे कि अधिकारी पीएमएलए के तहत निर्धारित प्रक्रिया के साथ-साथ संवैधानिक सुरक्षा उपायों का भी उचित रूप से पालन करें।
Receivership and liquidation Accounts
Being a Paper Presented at Business Recovery and Insolvency Practitioners Association of Nigeria (BRIPAN) on Friday, August 18, 2023.
This document briefly explains the June compliance calendar 2024 with income tax returns, PF, ESI, and important due dates, forms to be filled out, periods, and who should file them?.
Genocide in International Criminal Law.pptxMasoudZamani13
Excited to share insights from my recent presentation on genocide! 💡 In light of ongoing debates, it's crucial to delve into the nuances of this grave crime.
Guide on the use of Artificial Intelligence-based tools by lawyers and law fi...Massimo Talia
This guide aims to provide information on how lawyers will be able to use the opportunities provided by AI tools and how such tools could help the business processes of small firms. Its objective is to provide lawyers with some background to understand what they can and cannot realistically expect from these products. This guide aims to give a reference point for small law practices in the EU
against which they can evaluate those classes of AI applications that are probably the most relevant for them.
Sangyun Lee, 'Why Korea's Merger Control Occasionally Fails: A Public Choice ...Sangyun Lee
Presentation slides for a session held on June 4, 2024, at Kyoto University. This presentation is based on the presenter’s recent paper, coauthored with Hwang Lee, Professor, Korea University, with the same title, published in the Journal of Business Administration & Law, Volume 34, No. 2 (April 2024). The paper, written in Korean, is available at <https://shorturl.at/GCWcI>.
Lifting the Corporate Veil. Power Point Presentationseri bangash
"Lifting the Corporate Veil" is a legal concept that refers to the judicial act of disregarding the separate legal personality of a corporation or limited liability company (LLC). Normally, a corporation is considered a legal entity separate from its shareholders or members, meaning that the personal assets of shareholders or members are protected from the liabilities of the corporation. However, there are certain situations where courts may decide to "pierce" or "lift" the corporate veil, holding shareholders or members personally liable for the debts or actions of the corporation.
Here are some common scenarios in which courts might lift the corporate veil:
Fraud or Illegality: If shareholders or members use the corporate structure to perpetrate fraud, evade legal obligations, or engage in illegal activities, courts may disregard the corporate entity and hold those individuals personally liable.
Undercapitalization: If a corporation is formed with insufficient capital to conduct its intended business and meet its foreseeable liabilities, and this lack of capitalization results in harm to creditors or other parties, courts may lift the corporate veil to hold shareholders or members liable.
Failure to Observe Corporate Formalities: Corporations and LLCs are required to observe certain formalities, such as holding regular meetings, maintaining separate financial records, and avoiding commingling of personal and corporate assets. If these formalities are not observed and the corporate structure is used as a mere façade, courts may disregard the corporate entity.
Alter Ego: If there is such a unity of interest and ownership between the corporation and its shareholders or members that the separate personalities of the corporation and the individuals no longer exist, courts may treat the corporation as the alter ego of its owners and hold them personally liable.
Group Enterprises: In some cases, where multiple corporations are closely related or form part of a single economic unit, courts may pierce the corporate veil to achieve equity, particularly if one corporation's actions harm creditors or other stakeholders and the corporate structure is being used to shield culpable parties from liability.
What are the common challenges faced by women lawyers working in the legal pr...lawyersonia
The legal profession, which has historically been male-dominated, has experienced a significant increase in the number of women entering the field over the past few decades. Despite this progress, women lawyers continue to encounter various challenges as they strive for top positions.
Matthew Professional CV experienced Government LiaisonMattGardner52
As an experienced Government Liaison, I have demonstrated expertise in Corporate Governance. My skill set includes senior-level management in Contract Management, Legal Support, and Diplomatic Relations. I have also gained proficiency as a Corporate Liaison, utilizing my strong background in accounting, finance, and legal, with a Bachelor's degree (B.A.) from California State University. My Administrative Skills further strengthen my ability to contribute to the growth and success of any organization.
Business law for the students of undergraduate level. The presentation contains the summary of all the chapters under the syllabus of State University, Contract Act, Sale of Goods Act, Negotiable Instrument Act, Partnership Act, Limited Liability Act, Consumer Protection Act.
Defending Weapons Offence Charges: Role of Mississauga Criminal Defence LawyersHarpreetSaini48
Discover how Mississauga criminal defence lawyers defend clients facing weapon offence charges with expert legal guidance and courtroom representation.
To know more visit: https://www.saini-law.com/
3. OVERVIEW
Moore Law
• What’s the fuss?
• Big Bang Theory?
• Reality = Evolution?
• Accountability
• Compliance / Privacy by Design
• Demonstrating Consent
• ‘Appropriate’ Measures
• Opportunities (& Competitive Edge)
Contacts
4. What’s the Fuss?
“GDPR affects anyone holding data on EU citizens.
A survey of 1350 companies around the world by
cybersecurity firm NTT found that a lot of them
have no clue about this yet, even Europeans
seemed unaware. The Brits were the worst. 39% of
UK companies realised that they were subject to
the regulation.” TheRegister.co.uk
‘Personal Data' – Employees, clients, users / suppliers
Presumption of application to businesses
Enhanced enforcement / fines for data protection
breaches
Deadline for implementation = 25 May 2018
5. Big Bang Theory?
1995 EU Data Protection Directive –>DPA 98
Applies broadly to the collection and processing of data able
to identify living individuals (filing system) = ‘Person Data”
DPA 98 introduced 6 x Data Principles:
Lawfulness, fairness and transparency
Purpose limitation
Data Minimisation
Accuracy
Storage Limitation
Integrity & Confidentiality
Definitions: ‘Data Controller’ / ‘Data Processor’ / ‘Sensitive
Personal Data’/ ‘Consent’
Roles: Data Protection Officer (DPO)
6. Reality = Evolution
GDPR = accepts the world has moved and extends the existing Principles:
• All EU-based businesses
• Any business targeting EU citizens (USA, Australia, etc)
• All EU citizens
Regulation vs Directive
• GDPR = Direct Effect
• No domestic Member State law required
• Intended to promote greater harmonisation and consistency across EU in
terms of application and interpretation
Reverses DPA 98 position
• Register with Information Commissioner’s Office (ICO) –> inference of
application
• DPA 98 -> Data Protection Bill (Post-Brexit)
7. Accountability
Accountability
• Move away from mere lip service. Businesses have to demonstrate
(ongoing) compliance, often in written form:
• Internal policies and processes that are GDPR-compliant
• Implementation of the policies and processes
• Effective internal compliance measures.
• External controls & contracting (model clauses)
Demonstrable protections for specific types of data / subjects:
• Sensitive Personal Data (genetic, biometric)
• Children (16+ / 13+)
Introduces new concepts
• Data Protection Risk Assessment
• Pseudonymisation (vs anonymisation) to better protect data
8. Compliance/
Privacy by Design
Day-to-day compliance –> Obligation to justify data position to Regulator (ICO)
• What is the purpose the data will be used for
• Retained solely to fulfil the stated purpose
• Where it will be stored (UK / EU / EEA)
• Not keep for longer than necessary (2 years?)
• Uphold data subjects rights (right of access / right to be forgotten / data
portability)
• Data Controllers and Data Processers are treated equally (previous focus on DCs)
• Data Controllers required to perform due diligence on Data Processers (supply chain)
• DPO requirement (or justify why not have one)
Breaches – Obligation to Report
Regulator will look at what has happened, why, and whether ‘appropriate’ measures
put in place to safeguard data.
ICO extended powers £500,000 -> €20,000,000 / 4% Global Turnover (+ PR DAMAGE)
9. Specific (6) justifications for collecting data: performance of
contract / compliance with legal obligation / vital interests / public
interest / legitimate interests of DC / consent
• Implied consent no longer valid – ICO / pre-checked boxes /
‘continue to use our site accept our Ts&Cs’
Have to be able to prove actual consent: ‘freely given, specific,
informed & unambiguous’
Children: must be able to demonstrate steps to show capability
• GDPR @ 16+
• Member State discretion @ 13+ (UK)
Death of Data
• Reassess sign-up / consent processes -> compliant
• Death of data – can’t rely on past consent for post May 2018
Demonstrating Consent
10. Must be able to demonstrate ‘appropriate technical and
organisational measures’ for data compliance / protection
• Demonstrate how and why collect personal data
• ‘Consent’ / Privacy Policy / Terms & Conditions / Terms of Use
Internal processes
• Data risk Impact Assessment / Data Use Policy / Data Retention
Policy / Employment Contracts
Awareness of GDPR principles - Staff training / DPO (qualified)
Contractual Relationships - GDPR model clauses incorporated
Breach Obligations
• Requirement to log breaches
• Report to the Regulator (and potentially data subjects) within 72
hours of a notifiable breach
‘Appropriate’ Measures
11. GDPR is a reality
Brexit – GDPR continue to apply if businesses target EU will apply
• -> Data Protection Bill
• -> UK require an ‘equivalent’ regime
Businesses need to assess own situation / audit
• how & why collect data (consent, etc) / how protect data / enforcement
policies (internal & external) / supplier terms.
Case Studies
• Clients wanting to get their house in order – Compliance = Biz Dev
• Breach = costly (£££) + PR / Reputational risk
Bigger businesses doing GDPR due diligence:
• expect their supply chains to have ‘adequate’ measures in place
• want to see policies (privacy / data protection / data retention)
• expect awareness of GDPR implications
• practical importance of new concepts – i.e. pseudonymisation
Opportunities
(& Competitive Edge)
12. Scott Appleton
scottappleton@moore-law.co.uk
T 01237 704789
M 07557 447054
@TalkingLawyer
Editor's Notes
DPO – scale of collection / processing / size / dealing with sensitive data / public body (+ adequately qualified -> reporting to Senior Management). Justify why not.
CONSIDER IF THERE IS SCOPE OR TIME TO EXPLORE REVOCATION, INVALIDITY AND GROUNDS FOR OPPOSITION. THIS WILL LIKELY FALL UNDER THE DUE DILIGENCE CATEGORY ABOVE. IT IS IMPORTANT FOR CLIENTS TO APPRECIATE THAT TRADEMARK APPLICATIONS CAN SOMETIMES DRAW ATTENTION FROM MUCH LARGER RIGHTS HOLDERS WITH DEEPER POCKETS WHO ARE AGGRESSIVE ABOUT PURSUING INFRINGERS. SMALLER ORGANISATIONS OPERATING UNDER THE RADAR MAY HAVE HITHERTO GONE UNNOTICED BUT APPLYING FOR A REGISTERED TRADEMARK MAY BRING YOU TO THEIR ATTENTION. ALSO THE POINT SHOULD BE MADE THAT IT IS NOT UNUSUAL TO BE SURPRISED BY A CAUTIOUS EXAMINER’S VIEW WHICH MIGHT INCLUDE NOTIFICATION WHERE IT WOULD NOT SEEM TO BE MERITED.
Ketchup – more sales / bigger bottles = easier to use
112 iteration
1991 – 95 $13m
Licensing NASA / HEINZ etc
Patent Box - JCL (80% sales on patented driver)