What You Should Know About Data Privacy- Knobbe Martens Webinar Series for Start-ups

Symptai Consulting Limited

Partner Mauricio Uribe kicked off a two-part, comprehensive discussion on data privacy. The presentation served as an introduction to the topic and provided more general information. Speakers: Mauricio Uribe

Law

Knobbe Practice Webinar Series:
Strategic Considerations for Data
Privacy
Part I
Mauricio A. Uribe
June 6, 2022

© 2022 Knobbe Martens
Key Terms
• Data Privacy
⎼ How data is collected, stored, shared, and used
⎼ Compliance with data protection laws and regulations
• Data Security
⎼ Protecting data from unauthorized access (e.g., external attackers,
malicious insiders, etc.)
⎼ Technology and processes to prevent unauthorized access and use
of data
• Data Rights
⎼ Permissions/consent for use of data
⎼ Identifying and capturing permissions for third-party use of data
3

© 2022 Knobbe Martens
Relevant Data Privacy Law and Regulations
• The U.S. Privacy Act of 1974:
⎼ This Act contains laws that maintain restrictions on data held by government agencies.
• The Gramm-LEACH-Bliley Act (GLBA):
⎼ This Act protects financial nonpublic personal information (NPI).
• Health Insurance Portability and Accountability Act (HIPAA):
⎼ Governs how health information should be collected, shared, and used by covered entities and third
parties.
• Children's Online Privacy Protection Act (COPPA):
⎼ This law protects children's data (age 12 years and below).
• Federal Information Security Management Act (FISMA) of 2002:
⎼ The act directs all agencies to protect sensitive information.
• General Data Privacy Regulation (GDPR):
⎼ This law protects E.U. citizens' personal data.
• California Consumer Privacy Act (CCPA) of 2020:
⎼ This Act restricts how companies collect and use data. It applies to all California consumers.
4

© 2022 Knobbe Martens
Fundamentals of Data Privacy
5

© 2022 Knobbe Martens
Data
Privacy
Rules -
GDPR
6
Lawfulness, fairness and transparency
Purpose limitation
Data minimization
Accuracy
Storage limitation
Integrity and confidentiality (security)
Accountability

© 2022 Knobbe Martens
Data Privacy Rules
• Purpose
⎼ Identify what data you need
⎼Identify the consents that will be required
• Consent
⎼How will consent(s) be acquired?
⎼How will consent(s) be maintained?
• Management
⎼How will data be acquired?
⎼What are the retention policies for the collected data?
⎼How will you identify and discard non-necessary data?
7

© 2022 Knobbe Martens
Data Privacy Rules
• Security/Access
⎼What are the best practices for maintaining data?
⎼What are the best practices for providing access?
• Accountability
⎼How can you audit consents/data rights/security?
⎼How can evaluate and improve?
8

© 2022 Knobbe Martens
Operationalizing Data Privacy
• Assessment Step
⎼ Assessment of people, processes, consents, technology, security
⎼ Result:
o Model of environment
o Assessment of each component
o Roadmap for privacy issues
• Design/Planning Step
⎼ Development of standards for consents, security models, data use
⎼ Result:
o Validation of assessment step
o Implementation plan
9

© 2022 Knobbe Martens
Operationalizing Data Privacy
• Execution Step
⎼ Collect and management consents
⎼ Collect and manage data
⎼ Result:
o Collected data
o Collected data about data
• Evaluation Step
⎼ Assessment of people, processes, consents, technology, security
⎼ Result:
o Update of generated model
o Audits of processes
o Feedback/improvement
10

Mauricio A. Uribe
Mauricio.Uribe@knobbe.com

By embracing the importance of GDPR and leveraging ISO/IEC 27701, you can enhance your data protection practices, achieve compliance, and minimize the risk of penalties. Amongst others, the webinar covers:  Importance of Data Protection  Understanding Data Collection and Challenges  Introduction to GDPR  Key Principles of GDPR  Who does GDPR Apply to and Its Global Implications  Introduction to ISO/IEC 27701  Implementing ISO/IEC 27701  Privacy by Design  Dealing with IT on a Daily Basis  Building Awareness and Training  Audit, Data Discovery, and Risk Assessments Presenters: Mike Boutwell Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects. Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director. Lisa Goldsmith Lisa Goldsmith is the founder of LJ Digital and Data Consultancy. Lisa has over 23 years’ experience of supporting leadership teams in membership, charity, and wider not-for-profit organisations to simplify their IT and digital strategy that allows them to sleep soundly at night, knowing their systems and processes are fit for purpose, GDPR compliant, secure and that they deliver value to staff, members, and stakeholders. Prior to starting her own consultancy, Lisa gained extensive experience working for membership organisations and has knowledge and expertise at all levels of operations from working within careers and qualifications teams, as Membership Manager, as Head of Digital & IT for delivering large-scale digital, IT and GDPR compliance projects and serving on several Senior Leadership Teams. Lisa is also currently a Trustee of the BCLA and Groundwork East. Date: June 27, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/lfJrSLaGDtc Website: https://bit.ly/437GOnG

Privacy Policies: Guide to Protecting User Data

PrivacyCenter.cloud

Preparing your Business for the Data Protection Bill

The Data Protection Bill has been passed into law this bill will change the way we are required to handle personally identifiable data of all Jamaican citizens. Symptai Consulting Ltd. is the only certified training partners of the IAPP - International Association of Privacy Professionals in the English speaking Caribbean. Our team of trained professionals can meet all your privacy needs and help you transition to a state of compliance.

General Data Protection Regulation

BCC - Solutions for IBM Collaboration Software

General Data Protection Regulation (GDPR) tidal wave that has hit, are you ready? Is your organization prepared for the extensive privacy requirements GDPR puts forth for any organization handling EU Data Subjects' personal Data? At this point, organizations must have a complete inventory of personal data and have conducted a DPIA against it. A handful of supervisory authorities have issued compliance guidelines, but your organizations must be able to assess compliance with this ambiguous regulation at any time. Many aspects of GDPR define the distinction between a data collector and a data processor, their respective responsibilities and compliance requirements. Those responsibilities will have an effect on the contracts you negotiate with third parties, the way in which you evaluate the risks involved with establishing a business relationship and the policies you develop to maintain compliance to the regulations. Join this webinar to learn: *More information about GDPR and what the industry is experiencing to date *What minimum requirements you should have had in place by May 25, 2018 *What you should plan to do for the next 12-18 months if you are not completely ready *What the SEC Privacy Shield program is and why you should self-certify *How to continuously monitor vendor risk KPIs

GDPR for your Payroll Bureau

BrightPay Payroll and Auto Enrolment Software

For more information visit https://www.thesaurus.ie or https://www.brightpay.ie The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world. Payroll bureaus process large amounts of personal data, not least in relation to their customers, their customers’ employees, and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated. In this CPD accredited webinar, we will peel back the legislation to outline clearly: What is GDPR and why is it being implemented? Why employers need to take it seriously How it will impact payroll bureaus How to prepare for GDPR How we are working to help you

Privacy issues in data analytics

shekharkanodia

Data has emerged as one of the most important resources of today's world. However, there does not exist clear rules on how to make use of this resource. There are spillover effects and negative externalities in the form of privacy breaches while exploiting this resource. In such a situation, what should be the legal remedy? The law should find a balance between the interests of the customers and the corporations. The customers want safety and privacy, whereas corporations want commercial use of data which risks the customer's interests.

TrustArc Webinar: Challenges & Risks Of Data Graveyards

TrustArc

With the rise of big data, companies now obtain and store many data in massive quantities. As a result, they end up having giant repositories of unused data stored in their servers, also called data graveyards. Storage infrastructure, maintenance costs, compliance with privacy laws, security gaps, and risk of data corruption: risks due to data graveyards are numerous. What can organizations do with a large amount of data? How can you uncover the value of data before storing it? How can you manage the maintenance costs of big data? Join our panel in this webinar as we explore how your company should manage the risks and challenges associated with data graveyards. This webinar will review: - What data graveyards are - How to manage data graveyards risks - How to define data retention periods and stay compliant

Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...

Jadu

GDPR and evolving international privacy regulations

GDPR webinar presentation | LawBite

Clive Rich

LawBite is a UK-based online legal platform launched in 2013, headquartered in London. LawBite uses legal technology to streamline legal services for small and medium sized businesses (SMEs), providing access to legal document templates as well as a network of lawyers based in the UK and internationally. The GDPR came into force on 25 May 2018. The changes that the GDPR makes to Data Protection legislation are far reaching and the GDPR introduces a number of new legal concepts. The interactive webinar will provide you with details on the key changes that you need to be aware of under GDPR including: 1. Background to the GDPR 2. Key changes under GDPR 3. GDPR Data Protection Principles 4. Data Processing 5. Obtaining consent 6. Rights of data subjects 7. International data transfers 8. Data breaches 9. Data processors and data protection officers 10. What your organisation should be doing now The webinar contains a 45 minute presentation with a Q&A at the end.

Anne Cameron - An Introduction to the Data Protection Act for Researcherskclcompbio

IT Perspectives in Implementing Privacy Framework

Shankar Subramaniyan

Introduction to data protection

Rachel Aldighieri

Why We Require GDPR?

Jatin Kochhar

IT6701 Information Management Unit - V

pkaviya

Data Privacy Laws: A Global Overview and Compliance Strategies

ShyamMishra72

GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...

Synopsys Software Integrity Group

Synopsys Security Event Israel Presentation: Taking Your Software to the GDPR...

GDPR Breakfast Briefing for Business Advisors

Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...

Burton Lee

Gdpr action plan

BCS Data Management Specialist Group

ABM Display Advertising Success in the World of GDPR [PPT]

Kwanzoo Inc

In this webinar, see the specific impacts of GDPR on B2B companies as they plan, budget, launch and measure success from ABM advertising programs that reach and engage the 500 Million+ citizens of EU countries and the UK. Our panel of experts will cover the IT, Legal, Marketing, Data and Technology Provider side of GDPR compliance. All of these dimensions need to be addressed as you plan for the world of GDPR.

GDPR: The Regulator's Perspective, Peter Brown, ICO

Trending Topics in ITC Litigation with Knobbe Martens

Advanced Strategies for PTAB Practice: Focus on Petitioners

BrightPay Payroll and Auto Enrolment Software

Similar to What You Should Know About Data Privacy- Knobbe Martens Webinar Series for Start-ups

GDPR Enforcement is here. Are you ready?

SecurityScorecard

GDPR for your Payroll Bureau

Privacy issues in data analytics

shekharkanodia

TrustArc Webinar: Challenges & Risks Of Data Graveyards

TrustArc

Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...

Jadu

GDPR and evolving international privacy regulations

GDPR webinar presentation | LawBite

Clive Rich

Anne Cameron - An Introduction to the Data Protection Act for Researcherskclcompbio

IT Perspectives in Implementing Privacy Framework

Shankar Subramaniyan

Introduction to data protection

Rachel Aldighieri

Why We Require GDPR?

Jatin Kochhar

IT6701 Information Management Unit - V

pkaviya

Data Privacy Laws: A Global Overview and Compliance Strategies

ShyamMishra72

GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...

Synopsys Software Integrity Group

Synopsys Security Event Israel Presentation: Taking Your Software to the GDPR...

GDPR Breakfast Briefing for Business Advisors

Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...

Burton Lee

Gdpr action plan

BCS Data Management Specialist Group

ABM Display Advertising Success in the World of GDPR [PPT]

Kwanzoo Inc

GDPR: The Regulator's Perspective, Peter Brown, ICO

Similar to What You Should Know About Data Privacy- Knobbe Martens Webinar Series for Start-ups (20)

GDPR Enforcement is here. Are you ready?

GDPR for your Payroll Bureau

Privacy issues in data analytics

TrustArc Webinar: Challenges & Risks Of Data Graveyards

Jadu GDPR guide: A easy to follow guide for Digital Service Managers and Webs...

GDPR and evolving international privacy regulations

GDPR webinar presentation | LawBite

Anne Cameron - An Introduction to the Data Protection Act for Researchers

IT Perspectives in Implementing Privacy Framework

Introduction to data protection

Why We Require GDPR?

IT6701 Information Management Unit - V

Data Privacy Laws: A Global Overview and Compliance Strategies

GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...

Synopsys Security Event Israel Presentation: Taking Your Software to the GDPR...

GDPR Breakfast Briefing for Business Advisors

Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...

Gdpr action plan

ABM Display Advertising Success in the World of GDPR [PPT]

GDPR: The Regulator's Perspective, Peter Brown, ICO

More from Knobbe Martens - Intellectual Property Law

Trending Topics in ITC Litigation with Knobbe Martens

Advanced Strategies for PTAB Practice: Focus on Petitioners

Trademarks, the Metaverse, and NFTs, Oh My!

Partners Susan Natland and Jessica Sganga discussed potential trademark and copyright issues in the emerging metaverse, including the surge in popularity of NFTs (non-fungible tokens) and how they may affect intellectual property protections. Get up-to-speed on the “hot” cases in this evolving area and get practical tips on how best to protect your intellectual property from infringement in this virtual space. Speakers: Susan Natland, Jessica Sganga

Intellectual Property Considerations for Designers & Artist

What You Should Know About Responding to IP Threats and Assertions - Knobbe M...

What You Should Know About Responding to IP Threats and Assertions - Knobbe M...

What You Should Know About Open-Source Software and Third-Party Vendors - Kno...

Surfing the Waves of US IP Trends: Tips for Smoothly Riding the Waves in Writ...

What You Should Know About Open-Source Software and Third-Party Vendors - Kno...

Knobbe Practice Webinar Series: Strategic Considerations in Design Patent Fi...

Partners Mauricio Uribe and Vlad Lozan gave an informative presentation on design patent law in the United States. The partners provided best practices for filing and prosecuting design patents in the U.S. and techniques and strategies for including multiple design embodiments in design patent applications. They also discussed how to identify and protect visual elements in computer-related technologies and how to integrate design patents into a holistic intellectual property strategy. Speakers: Mauricio Uribe, Vlad Lozan

What You Should Know About Trade Secrets - Knobbe Martens Webinar Series for ...

What You Should Know About Trade Secrets - Knobbe Martens Webinar Series for ...

Strategic Planning for Capturing and Protecting Intellectual Property - Knobb...

Partners Mauricio Uribe and Paul Stellman continued the two-part, comprehensive discussion of strategic planning for capturing and protecting intellectual property. The presentation focused on a more detailed exploration of the topic, diving into the best intellectual property portfolios and cost deferrable strategies to maximize intellectual property spend. Speakers: Mauricio Uribe and Paul Stellmann

Knobbe Practice Webinar Series: Strategic Considerations for Claim Drafting –...

Partners Mauricio Uribe and Vlad Teplitskiy gave an informative presentation on strategic considerations for claim drafting electrical and telecommunications Inventions. The partners provided illustrative claim drafting examples and best practices for defining claim scope, as well as claim drafting strategies for avoiding or minimizing unintentional functional claiming. Speakers: Mauricio Uribe, Vlad Teplitskiy

Strategic Planning for Capturing and Protecting Intellectual Property - Knobb...

Part II - What You Should Know About Employment and Vendor Agreements – Part...

What You Should Know About Employment and Vendor Agreements - Knobbe Martens ...

Advanced Claiming Strategies for Artificial Intelligence/Machine Learning Inv...

Knobbe Practice Japan Webinar Series Partner Mauricio Uribe provided a detailed discussion focused on advanced patent claim drafting techniques for artificial intelligence technologies and related applications. The discussion covered: claim drafting techniques to capture different aspects of artificial intelligence/machine learning technologies; considerations for detecting infringement and possible alternative trade secret protection in the United States; and considerations for patent subject matter eligibility under Section 101. This was the second and more advanced part of the webinar on understanding and protecting artificial intelligence and machine learning technologies. If you missed the introductory webinar on this topic, you can view the recording here. Speakers: Mauricio Uribe and Kenny Masaki

Part II - What You Should Know About Non-Disclosure Agreements - Knobbe Marte...

What You Should Know About Non-Disclosure Agreements - Knobbe Martens Webina...