This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
Norfolk Chamber delivered a morning conference based around the European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. Delegates heared from a variety of GDPR expert speakers from legal, marketing, IT and Data Protection perspectives.
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
Everything you Need to Know about The Data Protection Officer Role HackerOne
Data privacy and security expert, Debra Farber, presents on the emerging role of the Data Protection Officer (DPO). When the EU's General Data Protection Regulation (GDPR) becomes enforceable on May 25, 2018, companies around the world who process the personal data of EU residents will be required by law to appoint an independent DPO who has specific responsibilities and data protection knowledge.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
Norfolk Chamber delivered a morning conference based around the European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. Delegates heared from a variety of GDPR expert speakers from legal, marketing, IT and Data Protection perspectives.
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
Everything you Need to Know about The Data Protection Officer Role HackerOne
Data privacy and security expert, Debra Farber, presents on the emerging role of the Data Protection Officer (DPO). When the EU's General Data Protection Regulation (GDPR) becomes enforceable on May 25, 2018, companies around the world who process the personal data of EU residents will be required by law to appoint an independent DPO who has specific responsibilities and data protection knowledge.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
Privacy by Design and by Default + General Data Protection Regulation with Si...Peter Procházka
My presentation for SUG Hungary presented on 26.06.2018 with topic Privacy by Design and by Default and General Data Protection Regulation with Sitecore
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
Presented on PHPID Online Learning 35.
Komunitas PHP Indonesia
Title: Enabling Data Governance - The Journey through Data Trust, Ethics, and Quality
Eryk B. Pratama
Global IT & Cybersecurity Advisor
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
We now have to obey the law and comply with GDPR, ensuring people's data are securely stored, we track who has access to it and if the client requests to review, update or remove their data, we should do so in an automated fashion. But, are you there yet? Chances are, there's still a long way to go.
In this talk I will address some of the challenges we solved in greenfield projects as well in old, legacy applications. We introduced "privacy by design" as just another "by design" mantra we already had build in our workflow and as we worked on the project, we applied it everywhere when we saw user data (personal or not) was processed. This ensured that all data was handled and treated the same way and allowed the business to reorient themselves again to be creative in approaching their customers.
70% of employees have access to data they should not…and that’s going to be a problem when GDPR takes affect in May 2018.
A strong data governance program ensures that you have the policies, standards, and controls in place to protect data effectively and access it for decision making. Data governance may become one of the most important functions of your data integration architecture when it comes to data agility.
Watch this on-demand webinar describing practical steps to data governance:
- Map personal data elements to data fields across systems using metadata
- Create workflows for data stewardship and manage end user computing
- Establish a data lake with native data quality for consent processing
- Track and manage data with audit trails and data lineage
Privacy by Design - taking in account the state of the artJames Mulhern
Establishing transparency and building trust provide an opportunity to develop greater, more meaningful relationships with data subjects i.e people, customers, colleagues... in turn this can lead to more effective and valuable services that help transform organisations.
A "Privacy by design" approach can help achieve this but it doesn't happen by accident and transformation doesn't occur over night. So a deliberate approach that looks beyond May 2018 and compliance is required.
Presentation to representatives from the technology and Local Government sectors at TechUK, the UK's trade association for the technology.
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
Presented at CDEF 16th Meetup at 18 August 2022.
Title:
Privacy-ready Data Protection Program Implementation
Topics:
- Why data protection is important
- Data Privacy Program Domain
- Operationalize Data Privacy Program
- Privacy-aligned Information Security Framework
- Roadmap to Protect Personal Data
- Privacy Management Technology
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
Presented at APTIKNAS (Indonesia ICT Business Association) DKI Jakarta regular webinar.
Title:Data Loss Prevention: Fundamental Concept in Enabling DLP System
2 July 2020
Making Data Classification Work for You - 18 Things to Consider When Choosing Data Classification Solutions.
For more information, please visit: http://www.secureislands.com/solutions-classification/
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?PECB
Due to an increase in the collection of consumer data, high-profile data breaches have become common.
Currently, there are 128 countries all over the world that have already put in place regulations to secure the protection of data and privacy.
The webinar covers:
Data protection, a global development
Introduction to the GDPR, ePrivacy & ISO/IEC 27701
GDPR & ISO/IEC 27701mapping
ePrivacy & ISO/IEC 27701 mapping
Recorded Webinar: https://youtu.be/oVhIoHAGGwk
Find out more about ISO training and certification services
Training: https://pecb.com/whitepaper/iso-27001-information-technology--security-techniques-information-security--management-systems---requirements
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701
Webinars: https://pecb.com/webinars
Articles: https://pecb.com/article
Whitepapers: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
Originally presented at PRIMMA mobile privacy workshop, Imperial College London, 23 Sep 2010. Updated version given at Security and Privacy in Implantable Medical Devices workshop, EPFL, 1 April 2011, and a German Academy of Engineering conference in Berlin on 26 March 2012. Compact version given at Urban Prototyping conference, Imperial College London, 9 April 2013. Updated with ENISA privacy engineering report for 3rd Latin American Data Protection conference in Medellin, 28-29 May 2015.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
Privacy by Design and by Default + General Data Protection Regulation with Si...Peter Procházka
My presentation for SUG Hungary presented on 26.06.2018 with topic Privacy by Design and by Default and General Data Protection Regulation with Sitecore
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
Enabling Data Governance - Data Trust, Data Ethics, Data QualityEryk Budi Pratama
Presented on PHPID Online Learning 35.
Komunitas PHP Indonesia
Title: Enabling Data Governance - The Journey through Data Trust, Ethics, and Quality
Eryk B. Pratama
Global IT & Cybersecurity Advisor
This Presentation explains what GDPR is and the impact it'll have for Companies who process data of EU Citizens.
This Guide explains the principles of GDPR, Consent, User Rights and also explains how to implement GDPR in your organization.
Originally appeared at
http://backlinkme.net/definitive-guide-for-general-data-protection-regulation-gdpr-compliance/
We now have to obey the law and comply with GDPR, ensuring people's data are securely stored, we track who has access to it and if the client requests to review, update or remove their data, we should do so in an automated fashion. But, are you there yet? Chances are, there's still a long way to go.
In this talk I will address some of the challenges we solved in greenfield projects as well in old, legacy applications. We introduced "privacy by design" as just another "by design" mantra we already had build in our workflow and as we worked on the project, we applied it everywhere when we saw user data (personal or not) was processed. This ensured that all data was handled and treated the same way and allowed the business to reorient themselves again to be creative in approaching their customers.
70% of employees have access to data they should not…and that’s going to be a problem when GDPR takes affect in May 2018.
A strong data governance program ensures that you have the policies, standards, and controls in place to protect data effectively and access it for decision making. Data governance may become one of the most important functions of your data integration architecture when it comes to data agility.
Watch this on-demand webinar describing practical steps to data governance:
- Map personal data elements to data fields across systems using metadata
- Create workflows for data stewardship and manage end user computing
- Establish a data lake with native data quality for consent processing
- Track and manage data with audit trails and data lineage
Privacy by Design - taking in account the state of the artJames Mulhern
Establishing transparency and building trust provide an opportunity to develop greater, more meaningful relationships with data subjects i.e people, customers, colleagues... in turn this can lead to more effective and valuable services that help transform organisations.
A "Privacy by design" approach can help achieve this but it doesn't happen by accident and transformation doesn't occur over night. So a deliberate approach that looks beyond May 2018 and compliance is required.
Presentation to representatives from the technology and Local Government sectors at TechUK, the UK's trade association for the technology.
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
Presented at CDEF 16th Meetup at 18 August 2022.
Title:
Privacy-ready Data Protection Program Implementation
Topics:
- Why data protection is important
- Data Privacy Program Domain
- Operationalize Data Privacy Program
- Privacy-aligned Information Security Framework
- Roadmap to Protect Personal Data
- Privacy Management Technology
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
Presented at APTIKNAS (Indonesia ICT Business Association) DKI Jakarta regular webinar.
Title:Data Loss Prevention: Fundamental Concept in Enabling DLP System
2 July 2020
Making Data Classification Work for You - 18 Things to Consider When Choosing Data Classification Solutions.
For more information, please visit: http://www.secureislands.com/solutions-classification/
ISO/IEC 27701, GDPR, and ePrivacy: How Do They Map?PECB
Due to an increase in the collection of consumer data, high-profile data breaches have become common.
Currently, there are 128 countries all over the world that have already put in place regulations to secure the protection of data and privacy.
The webinar covers:
Data protection, a global development
Introduction to the GDPR, ePrivacy & ISO/IEC 27701
GDPR & ISO/IEC 27701mapping
ePrivacy & ISO/IEC 27701 mapping
Recorded Webinar: https://youtu.be/oVhIoHAGGwk
Find out more about ISO training and certification services
Training: https://pecb.com/whitepaper/iso-27001-information-technology--security-techniques-information-security--management-systems---requirements
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701
Webinars: https://pecb.com/webinars
Articles: https://pecb.com/article
Whitepapers: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
Originally presented at PRIMMA mobile privacy workshop, Imperial College London, 23 Sep 2010. Updated version given at Security and Privacy in Implantable Medical Devices workshop, EPFL, 1 April 2011, and a German Academy of Engineering conference in Berlin on 26 March 2012. Compact version given at Urban Prototyping conference, Imperial College London, 9 April 2013. Updated with ENISA privacy engineering report for 3rd Latin American Data Protection conference in Medellin, 28-29 May 2015.
25 May 2018, the General Data Protection Regulation (GDPR) deadline, is less than 6 months away.
As the attention on the regulation is at the top, there is now a growing concern for any organization that is affected by.
We would like to invite you to join our webinar to share with you our approach and help your organization and you document repository to be compliant with GDPR.
During the webinar, our special guests, George Parapadakis – Business Solutions Strategy, Alfresco and Bart van Bouwel – Managing Partner, CDI-Partners, will provide you with:
- How to implement GDPR in your document repository
- How the Alfresco Digital Business Platform can help your organization to be compliant with GDPR
- Xenit approach: a managed shared drive
-Xenit demonstration
-Top tips to start preparing for the GDPR.
Intellectual Property for Start-Ups and Small Businesses: A Top 10 and Q & A Series. Wednesday, February 20th @ 11:45 - 1:15 - Presented by Jill Link. Location: Bozeman Public Library - Large Community Room
ICIC 2014 The Information World Doesn’t Stop at Patents! Dr. Haxel Consult
Patent information is valuable when it comes to evaluating specific companies in terms of technology and innovation. But this information alone is sometimes not enough: a broad patent portofolio doesn’t equate with a healthy company; an absence of patents doesn’t equate with a poor company; … What other types of information are available to help us understand or predict a company strategy? The goal of this presentation is both to highlight that it is possible to broaden the work scope of the Information Analyst, and that each type of information has limitation.
On the 25th May 2018, all businesses across Europe and the UK will face dramatic changes to Data Privacy Laws. With fines of up to 4% of revenue for noncompliance, GDPR has huge potential for disruption if not adhered to.
The GDPRforum was held on 24th November 2017 to gain valuable insight from Data Privacy experts, teach people how to prepare for the new laws, and how to turn a crisis into an opportunity.
GDPR Speakers:
David Lockie – Pragmatic – Founder
Dan Hedley – Irwin Mitchell – Partner
Gilbert Hill – Independent Privacy Technologist
Ben Westwood – eBay – Senior Privacy Manager & Data Protection Officer UK
Data Quality-Driven GDPR: Compliance with ConfidencePrecisely
View this webcast on-demand for key insights on how data quality can help you achieve GDPR compliance with confidence.
In May 2018, the General Data Protection Regulation (GDPR) will take effect, mandating strict new personal data protections to be observed by all organizations operating within the European Union (including the UK), as well as organizations anywhere in the world that holds and processes data on EU/UK residents. Noncompliance can lead to severe financial penalties.
Organizations will also have to prove their GDPR compliance, including documenting what data processing was performed and ensuring it was done correctly. But how can you know that your customer and other personal data are being processed accurately and completely, as intended?
In this webcast, you’ll learn:
• Key requirements of GDPR and potential risks to their organizations
• The critical role of Data Quality in GDPR compliance
• How to address data-related GDPR challenges through a practical, structured approach
Gegevensbescherming-clausule in (overheids)opdrachtTommy Vandepitte
Voorbeeld van een Nederlandstalige clausule die in een overheidsopdracht of Request for Proposal (RFP) kan worden ingesloten om alle verschillende mogelijke samenwerkingsvormen (joint controller, controller-to-controller of controller-to-processor) af te dekken of dat althans te pogen.
20190131 - Presentation Q&A on legislation's influence (on travel management)Tommy Vandepitte
Presentation given at the event organised by ACTE and BATM on 31 January 2019 addressing a few questions on the payments legislation that are relevant for travel and expense manager.
A presentation given at the legal hackers meetup of 19 June 2018 on common issues with controller-to-processor agreements aka "data processor agreement" (DPA). We revisit the distinction controller v processor. We then look at the directly applicable duties for processors, which do not need to be inserted in a contract. Finally we look at the different mandatory and "forgotten" components of the agreement.
De slides van een presentatie voor makelaars in de verzekeringssector. Gepresenteerd op 12 juni 2018 voor de Kempische Verzekeringskring (https://www.kempischeverzekeringskring.be/activiteit/gdpr-wat-u-als-makelaar-nog-niet-wist/).
As the last speaker on the day after the Data Protection Day, I tried a different approach to the story of data protection and information security. I assembles a selection of movies, series, books (fiction and non-fiction) and games that any staff member should be able to go through themselves - as they please and at their own rhythm - and piece by piece learn about data protection and information security. In a way they can cultivate their own data protection awareness.
Presentation given on the experience of privacy design labs on the LSEC Belgium GDPR event of 30 November 2017.
Event page: https://www.leadersinsecurity.org/events-old/icalrepeat.detail/2017/11/30/186/-/gdpr-plan-to-be-ready-prepare-to-set-change-to-go-session-3-privacy-impact-assessment-scenario-planning-data-loss-management.html?filter_reset=1
Privacy Design lab page: https://sites.google.com/site/pbd20171106
Example of a privacy design jam by Facebook (Berlin 2017) : https://www.facebook.com/facebookbrussels/videos/1419793831400471/
Hoe breng je de nieuwigheden van de Algemene Gegevensbeschermingsverordening (AGV) of General Data Protection Regulation (GDPR) aan bij jouw stad of gemeente? Dit is een voorbeeld van slidedeck.
This is an example of a deck for the decision makers (generally the board of directors) to first explain that data protection is a (reputational, legal, operational) risk that - like any other business risk needs to be managed. Then it allows for some explanation of the status of data protection (law) and the main novelties under the GDPR. It then highlights the main changes required in project mode and (later on, after the handover) in business-as-usual mode.
Extra reference to the Vlerick reference (because published after the publication of this slide deck): http://www.vlerick.com/en/programmes/management-programmes/digital-transformation/digital-transformation-insights/insight-1)
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
This part is on an aspect that overarches all previous ones: monitoring. It touches on both perspectives of staff involvement:
- staff works with the data, processes it, etc. and thus is the agent of the company
- the company, to show accountability, should set up a balanced way of controlling the staff, which per se involves processing personal data of the staff members
The slides come with notes that in short explain the visuals on the slides.
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
This part is on incident management. How should staff react? How can an incident be effectively escalated?
The slides come with notes that in short explain the visuals on the slides.
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
This part is on the acceptable use of the companies (and sometimes also own) means. Each company should add what is appropriate for it.
The slides come with notes that in short explain the visuals on the slides.
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
The part focusses on authentication, and more particularly on passwords.
The slides come with notes that in short explain the visuals on the slides.
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
This part is on authorization and access rights, focussing on the staff's part in that.
The slides come with notes that in short explain the visuals on the slides.
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
This part is on data classification, drilling a bit deeper into confidentiality, integrity, availability (=CIA), privacy (=CAPI), traceability, and retention (=PATRIC), to be amended to meet the specific organisation's setup.
The slides come with notes that in short explain the visuals on the slides.
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
This part is on the concept of data, reasons for protecting data, personal data and data processing.
The slides come with notes that in short explain the visuals on the slides.
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
This part is on the reason why we should live up to the rules of IS/DPP, from a "negative" perspective (what do we want to avoid?) and from a "positive" perspective (what do we want to accomplish?).
The slides come with notes that in short explain the visuals on the slides.
An example of how the staff training on information security, data protection and privacy (IS/DPP) could look.
This is an introduction explaining
- the difference between information security, data protection and privacy,
- the need and usefulness for staff engagement
The slides come with notes that in short explain the visuals on the slides.
This is an example training in the context of IS/DPP, information security, data protection and privacy.
It is a training directed to procurement officers and outsourcing managers.
The generic idea is that procurement officers and outsourcing managers support the inventory and overview of the company or group on third party relationships. By a well implemented governance through procurement officers and outsourcing managers it should be easier to upkeep the overview through the existing processes of managing (most) third party relationships, thus increasing ownership and awareness of information security and privacy.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
Palestine last event orientationfvgnh .pptxRaedMohamed3
An EFL lesson about the current events in Palestine. It is intended to be for intermediate students who wish to increase their listening skills through a short lesson in power point.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
11. - Internal -
International
1. Proactive not Reactive: Preventative, not Remedial;
2. Privacy as the Default setting;
3. Privacy Embedded into Design;
4. Full Functionality: Positive-Sum, not Zero-Sum;
5. End-to-End Security: Full Lifecycle Protection;
6. Visibility and Transparency: Keep it Open;
7. Respect for User Privacy: Keep it User-Centric
12. - Internal -
GDPR angle (art. 25 GDPR)
• Principles (art. 5 GDPR)
o fair
o lawful (also art. 6, 9, 10, 44-29 GDPR + other laws)
o transparency (also art. 13-14 GDPR)
o purpose limitation
o data minimisation
o accuracy / data quality
o storage limitation / retention policy
o confidentiality + integrity / avoid data breaches (also art. 32-34 GDPR)
• Rights of the data subjects (art. 12 -23 GDPR)
• Privacy by default (art. 25 GDPR)
13. - Internal -
Special attention for
Special categories of data (art. 9 + 10 GDPR)
Special category of data subjects: children (art. 8 GDPR)
Third parties (art. 26 + 28 GDPR)
Third countries (art. 44 e.s. GDPR)
18. - Internal -
Look at the entire data lifecycle
Less people can
reach it gatekeepers
Data retention forces at work
Can we legitimately collect / create
the data (for that purpose)? (legal
constraints, contractual constraints,…)
Is the storage secure? Which
functions / roles need access?
Everybody else should be
kept out.
Is the integrity guarded?
Is the availability up to standard?
Can we legitimately use the data for
that purpose?
Is everybody with access bound by
confidentiality?
Can we legitimately share the data
(for that purpose)?
Do we want to share that data?
40. - Internal -
Environment
Physical
Human
Device
Application
Repository
Carrier
Create defense in depth
Risk Assessment
Risk Decision
Controls
Incident
Management
Changes
• In the regulatory environment
• In processes
• In people (JLT)
• In technology
Network
Data
3rd Parties
• 1st line
• 2nd line
• 3rd line
• Impact
• Probability
• Avoid
• Mitigate
• Share
• Accept
Changes
75. That would be GREAT
Soooo… if you could do all that…
Editor's Notes
Determined purpose
Explicited purpose
Legitimate purpose
Only collect data that is adequate, relevant and not excessive (necessary) for the determined purpose.
Different purpose determines different data set.
Consequence: meet the requirements per data set.
the data subject has unambiguously given his consent; or
processing is necessary in order to take steps at the request of the data subject prior to entering into a contract; or processing is necessary for the performance of a contract to which the data subject is party; or
E.g. when a data subject requests a credit, it is legitimate to request, receive and process some personal data on that data subject, to determine whether or not it is opportune to grant a credit or not.
processing is necessary for compliance with a legal obligation to which the controller is subject; or
Note: generally only national legislation is considered as a source of legitimacy under this provision.
E.g. the collection of personal data as imposed by AML regulation (Know-Your-Customer), collection of personal data as imposed by MiFID regulation (Know-Your-Customer: appropriateness / suitability), transferring data to (tax or supervisory) authorities which act under legal investigation powers, …
processing is necessary in order to protect the vital interests of the data subject; or
processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed; or
processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject, and in particular their right to privacy with respect to the processing of personal data.
E.g. processing medical data of a patient in coma to ensure that the necessary treatment is provided.