SlideShare a Scribd company logo

Would You Lie to Your Physician? Establishing Privacy Compliance within your Marketing Programs

Ensighten
Ensighten

The document discusses privacy and data protection considerations for organizations. It begins by acknowledging that many people lie to their doctors about sensitive personal matters. It then provides three key points: 1. Organizations should treat customer data as their most precious asset and ensure they share common goals and language with legal counsel regarding privacy and data protection. 2. When considering privacy regulations, organizations should understand data as an economic asset, recognize challenges in defining data harms, and minimize privacy-related risks and liability within the data ecosystem. 3. Organizations should start by defining themselves in the data ecosystem, documenting their data flows and obligations, aligning their activities with terms and consent mechanisms, understanding their risks, and documenting/communic

Presentations & Public Speaking
1 of 19
Download to read offline
#agilitytour Would  You  Lie  to  Your   Physician? Presented  by  Aurélie  Pols,  CVO  of  Mind  Your  Privacy  
#agilitytour I  Do!  (Lie  to  My  Doctor) When  it  applies  to  me!     Not  for  what’s  most  dear…  
#agilitytour Risk  Adverse  for  My  Children Ø   My  most  precious  assets   Ø   We  share  common  goals   Ø   And  speak  the  same  language     Could  you  say  the  same  of  your     Legal  Council?  
#agilitytour Consider  Before  Crucifying  the  Rule  of  Law 1.  The  specifics  of  data  as  an  Economic  Asset:   ²   Data  in  infinitely  transferable  without  decay   2.  OPen  forgoQen  LegislaRve  Challenges   ²   Defining  and  recognising  Data  Harms   3.  Related  to  evolving  Privacy  LegislaRon   ²   Compliance  is  a  Risk  Exercise   4.  Minimizing  Privacy  related  Risks   ²   YOUR  liability  within  the  Data  Ecosystem  
#agilitytour I’m  Not  Here  to  Define  Privacy AnalyRcs     Privacy  (&  Data  ProtecRon)  
#agilitytour Fact  Remains:  RACI  Matrices Ø Legal  council  will  be   held  accountable   Ø Legal  council  should   be  consulted   •  Responsible   •  Who  is/will  be  doing  this  task?   •  Who  is  assigned  to  work  on  this  task?  R   •  Accountable   •  Who’s  head  will  roll  if  this  goes  wrong?   •  Who  has  the  authority?  to  take  decision?  A   •  Consulted   •  Anyone  who  can  tell  me  more  about  this  task?   •  Any  stakeholders  already  idenRfied?  C   •  Informed   •  Anyone  whose  work  depends  on  this  task?   •  Who  has  to  be  kept  updated  about  the  progress?  I  
#agilitytour In  a  World  of  Dynamic  RegulaMon Two  fundamental  Data  Privacy  quesRons:   1.  How  far  is  too  far  (for  data  use  &  transparency)?   2.  Who  will  decide  (what  is  acceptable)?  
#agilitytour If  I  Had  1  £  for  Every  Time  I  Heard… 1.  Yes  but  we  don’t  collect  PII   2.  InternaRonal  data  transfers?  Safe  Harbour!  
#agilitytour So  What  to  Do?  1  Rules  Them  All FIPPs:  Fair  informaRon  PracRce  Principles   1.  Transparency   •  NoRce/awareness  &  Purpose  =>  how  transparent?   2.  Choice   •  Consent  =>  opt-­‐in  or  opt-­‐out,  ex-­‐  or  implicit?   3.  InformaRon  Review  &  CorrecRon   •  Access  &  parRcipaRon  in  (data)  accuracy   4.  InformaRon  ProtecRon   •  Data  integrity  &  security   5.  Accountability   •  Enforcement  and  redress:     I.  Self-­‐regulaRon,     II.  Private  remedies  through  civil  acRons  (Germany)   III.  Government  enforcement  (FTC,  European  Data  ProtecRon  Agencies,  …)   Transparency Choice InformaMon   review  &   correcMon InformaMon   protecMon Accountability
#agilitytour There  Is  No  PII  NOC  List
#agilitytour PII  vs.  Risk  Levels DIGITAL  EXHAUST   Low  Risk   OBA   Medium  Risk   (profiling)   HIPAA   HEALTH  DATA   High  Risk   (sensiRve)   Risk  Level   Data  type   InformaRon  Security  Measures   Gehng  closer  to  uniquely  idenRfying  an  individual     FCRA   CREDIT  SCORING   Extremely  High  Risk   (profiling  of  sensiRve  data)   US:  if/then  exercises   PII
#agilitytour Where  to  Start?   1.  Define  yourself   •  Who  are  you  in  the  data  ecosystem?   •  What  are  your  obligaRons?   •  What  is  expected  of  you?   •  (Who  can  find  out?)    
#agilitytour Where  to  Start? 2.  Document  your  Digital  Entanglement   High-­‐level  mock-­‐up  of  exisRng  client.   Next  steps:   ü Terms  &  sovereignRes     ü Data  points  &  access/sharing   ü Purpose  &  Consent   ü Data  retenRon  periods  
#agilitytour Where  to  Start? 3.  Align  your  liabiliOes:   Ø   What  do  the  terms  allow?   Ø   Which  data  points  are  you  collecRng?   Ø   Which  clauses  are  being  used     (InternaRonal  data  transfer   mechanisms:  SafeHarbour)?   Ø   Who  has  access?  Data  sharing   Ø   …  
#agilitytour Where  to  Start? Purpose   Consent   4.  Don’t  drop  the  ball  on  Purpose  and  Consent!   What  happens  if  opt-­‐out  of  email  list,                                              ?   hQps://support.google.com/adwords/answer/ 6276125?hl=en     UK:  OpRcal  Express  bought  “consented”  data   from  Thomas  Cook   See  ICO  PECR:     hQps://ico.org.uk/for-­‐organisaRons/guide-­‐to-­‐ pecr/introducRon/what-­‐are-­‐pecr/  z  
#agilitytour Where  to  Start? 5.  Understand  your  risk   Ø   Of  legal  issues:  fines,  class  acRons   Schleswig-­‐Holstein  DPA  considers  SafeHarbour  clauses  today  unacceptable  +   can’t  be  replaced  by  model  clauses  either  =>  is  this  a  risk  for  your  company?   Ø   Of  customer  backlashes:  unexpected/creepy     data  uses   Target:  using  shopping  behavior  to  define     pregnancy  state  (sensiRve  data)  =>  consent!  
#agilitytour Where  to  Start? 6.  Document,  train  &  communicate   •  If  asked,  be  able  to  show     you’ve  done  your  homework   •  Define  accountability     (data  stewards)  &  escalaRon     procedures   •  Explain  &  ask  for  help:     your  company  is  the  paOent!    
#agilitytour We  All  Hated  the  “Cookie  DirecMve”,  Right? Thank  you  for   listening!   Gracias  por  su   atención!   aurelie@mindyourprivacy.com    
#agilitytour QUESTIONS?

Recommended

Get data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design conceptGet data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design conceptAurélie Pols
 
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamData is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamAurélie Pols
 
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New GreenBig Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New GreenAurélie Pols
 
Data Accountability & Consumer Trust
Data Accountability & Consumer TrustData Accountability & Consumer Trust
Data Accountability & Consumer TrustAurélie Pols
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Amazon Web Services
 
9 Practical Steps 2 GDPR Compliance
9 Practical Steps 2 GDPR Compliance9 Practical Steps 2 GDPR Compliance
9 Practical Steps 2 GDPR ComplianceAndreas Batsis
 
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...Aurélie Pols
 
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...Localogy
 

Recommended

Get data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design conceptGet data without the creepiness factor, the privacy by design concept
Get data without the creepiness factor, the privacy by design conceptAurélie Pols
 
Data is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamData is the new oil, privacy is the new green - Eye4Travel Amsterdam
Data is the new oil, privacy is the new green - Eye4Travel AmsterdamAurélie Pols
 
Big Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New GreenBig Data Big Ideas: Data is the New Oil, Privacy is the New Green
Big Data Big Ideas: Data is the New Oil, Privacy is the New GreenAurélie Pols
 
Data Accountability & Consumer Trust
Data Accountability & Consumer TrustData Accountability & Consumer Trust
Data Accountability & Consumer TrustAurélie Pols
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Amazon Web Services
 
9 Practical Steps 2 GDPR Compliance
9 Practical Steps 2 GDPR Compliance9 Practical Steps 2 GDPR Compliance
9 Practical Steps 2 GDPR ComplianceAndreas Batsis
 
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...
eMetrics Summit Boston 2014 - Big Data for Marketing - Privacy Principles & P...Aurélie Pols
 
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...
2017 PlaceConf: Location & Privacy - What Marketers Must Know (Future of Priv...Localogy
 
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...FLUZO
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyFLUZO
 
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...VINTlabs | The Sogeti Trendlab
 
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ... eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...Aurélie Pols
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016Saira Nayak, JD, CIPP/US/E
 
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceBrussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceAurélie Pols
 
Fundraising Abroad and Data Protection – How to protect your reputation and r...
Fundraising Abroad and Data Protection – How to protect your reputation and r...Fundraising Abroad and Data Protection – How to protect your reputation and r...
Fundraising Abroad and Data Protection – How to protect your reputation and r...Adam Davidson
 
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyA Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyAurélie Pols
 
CHASE 2014 data protection presentation Paul Ticher
CHASE 2014 data protection presentation Paul TicherCHASE 2014 data protection presentation Paul Ticher
CHASE 2014 data protection presentation Paul Ticheramy_hatton
 
Scotland legal update 25 sept
Scotland legal update 25 septScotland legal update 25 sept
Scotland legal update 25 septRachel Aldighieri
 
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyStorm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyAurélie Pols
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018Human Capital Department
 
The Current State of FOI
The Current State of FOIThe Current State of FOI
The Current State of FOIDan Michaluk
 
Web Analytics and Privacy
Web Analytics and Privacy Web Analytics and Privacy
Web Analytics and Privacy Piwik PRO
 
Conducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceConducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceFintan Swanton
 
Hivos and Responsible Data
Hivos and Responsible DataHivos and Responsible Data
Hivos and Responsible DataTom Walker
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018Webkul Software Pvt. Ltd.
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updatedAdvent IM Ltd
 
Clare Sanderon, IG Solutions
Clare Sanderon, IG SolutionsClare Sanderon, IG Solutions
Clare Sanderon, IG SolutionsInvestnet
 
Tag Management : A Key Component of an International Digital Strategy
Tag Management : A Key Component of an International Digital StrategyTag Management : A Key Component of an International Digital Strategy
Tag Management : A Key Component of an International Digital StrategyEnsighten
 
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...Ensighten
 

More Related Content

Similar to Would You Lie to Your Physician? Establishing Privacy Compliance within your Marketing Programs

Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...FLUZO
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyFLUZO
 
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...VINTlabs | The Sogeti Trendlab
 
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ... eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...Aurélie Pols
 
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceBrussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceAurélie Pols
 
Fundraising Abroad and Data Protection – How to protect your reputation and r...
Fundraising Abroad and Data Protection – How to protect your reputation and r...Fundraising Abroad and Data Protection – How to protect your reputation and r...
Fundraising Abroad and Data Protection – How to protect your reputation and r...Adam Davidson
 
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyA Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyAurélie Pols
 
CHASE 2014 data protection presentation Paul Ticher
CHASE 2014 data protection presentation Paul TicherCHASE 2014 data protection presentation Paul Ticher
CHASE 2014 data protection presentation Paul Ticheramy_hatton
 
Scotland legal update 25 sept
Scotland legal update 25 septScotland legal update 25 sept
Scotland legal update 25 septRachel Aldighieri
 
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyStorm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyAurélie Pols
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018Human Capital Department
 
The Current State of FOI
The Current State of FOIThe Current State of FOI
The Current State of FOIDan Michaluk
 
Web Analytics and Privacy
Web Analytics and Privacy Web Analytics and Privacy
Web Analytics and Privacy Piwik PRO
 
Conducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceConducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceFintan Swanton
 
Hivos and Responsible Data
Hivos and Responsible DataHivos and Responsible Data
Hivos and Responsible DataTom Walker
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updatedAdvent IM Ltd
 
Clare Sanderon, IG Solutions
Clare Sanderon, IG SolutionsClare Sanderon, IG Solutions
Clare Sanderon, IG SolutionsInvestnet
 

Similar to Would You Lie to Your Physician? Establishing Privacy Compliance within your Marketing Programs (20)

Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
Smarter comm"The Future of Privacy". Aurélie Pols at IBM Smarter Commerce Glo...
 
A Global Marketer's Guide to Privacy
A Global Marketer's Guide to PrivacyA Global Marketer's Guide to Privacy
A Global Marketer's Guide to Privacy
 
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS...
 
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ... eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
eMetrics Summit Boston 2014 - Big Data Marketing - From Über Creepy to Over ...
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
 
Brussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data ScienceBrussels data science - Privacy Engineering for Big Data & Data Science
Brussels data science - Privacy Engineering for Big Data & Data Science
 
Fundraising Abroad and Data Protection – How to protect your reputation and r...
Fundraising Abroad and Data Protection – How to protect your reputation and r...Fundraising Abroad and Data Protection – How to protect your reputation and r...
Fundraising Abroad and Data Protection – How to protect your reputation and r...
 
A Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer PrivacyA Framework of Purpose and Consent for Data Security and Consumer Privacy
A Framework of Purpose and Consent for Data Security and Consumer Privacy
 
CHASE 2014 data protection presentation Paul Ticher
CHASE 2014 data protection presentation Paul TicherCHASE 2014 data protection presentation Paul Ticher
CHASE 2014 data protection presentation Paul Ticher
 
Scotland legal update 25 sept
Scotland legal update 25 septScotland legal update 25 sept
Scotland legal update 25 sept
 
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee PrivacyStorm on the Horizon: Data Governance & Security vs. Employee Privacy
Storm on the Horizon: Data Governance & Security vs. Employee Privacy
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethics
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
 
The Current State of FOI
The Current State of FOIThe Current State of FOI
The Current State of FOI
 
Web Analytics and Privacy
Web Analytics and Privacy Web Analytics and Privacy
Web Analytics and Privacy
 
Conducting a self-audit of data protection compliance
Conducting a self-audit of data protection complianceConducting a self-audit of data protection compliance
Conducting a self-audit of data protection compliance
 
Hivos and Responsible Data
Hivos and Responsible DataHivos and Responsible Data
Hivos and Responsible Data
 
Things to know about GDPR in 2018
Things to know about GDPR in 2018Things to know about GDPR in 2018
Things to know about GDPR in 2018
 
Employee monitoring updated
Employee monitoring updatedEmployee monitoring updated
Employee monitoring updated
 
Clare Sanderon, IG Solutions
Clare Sanderon, IG SolutionsClare Sanderon, IG Solutions
Clare Sanderon, IG Solutions
 

More from Ensighten

Tag Management : A Key Component of an International Digital Strategy
Tag Management : A Key Component of an International Digital StrategyTag Management : A Key Component of an International Digital Strategy
Tag Management : A Key Component of an International Digital StrategyEnsighten
 
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...Ensighten
 
Beyond The Forecast: Forecasters of Feeling, Influencers of Behavior
Beyond The Forecast: Forecasters of Feeling, Influencers of BehaviorBeyond The Forecast: Forecasters of Feeling, Influencers of Behavior
Beyond The Forecast: Forecasters of Feeling, Influencers of BehaviorEnsighten
 
Scientists & Storytellers: CDW’s Journey Toward 1:1 Marketing
Scientists & Storytellers: CDW’s Journey Toward 1:1 MarketingScientists & Storytellers: CDW’s Journey Toward 1:1 Marketing
Scientists & Storytellers: CDW’s Journey Toward 1:1 MarketingEnsighten
 
Mobile Apps: No Longer a Black Box of Digital Measurement
Mobile Apps: No Longer a Black Box of Digital MeasurementMobile Apps: No Longer a Black Box of Digital Measurement
Mobile Apps: No Longer a Black Box of Digital MeasurementEnsighten
 
How Omni-Channel Data Collection Can Power Marketing Measurement
How Omni-Channel Data Collection Can Power Marketing MeasurementHow Omni-Channel Data Collection Can Power Marketing Measurement
How Omni-Channel Data Collection Can Power Marketing MeasurementEnsighten
 
Using Ensighten to Personalize the Customer Experience
Using Ensighten to Personalize the Customer ExperienceUsing Ensighten to Personalize the Customer Experience
Using Ensighten to Personalize the Customer ExperienceEnsighten
 
Making Your Site Vendor Agnostic via a Modern Data Layer
Making Your Site Vendor Agnostic via a Modern Data LayerMaking Your Site Vendor Agnostic via a Modern Data Layer
Making Your Site Vendor Agnostic via a Modern Data LayerEnsighten
 
Heavyweight Martech Debate
Heavyweight Martech DebateHeavyweight Martech Debate
Heavyweight Martech DebateEnsighten
 
Vision stratégique d’Ensighten
Vision stratégique d’EnsightenVision stratégique d’Ensighten
Vision stratégique d’EnsightenEnsighten
 
Le Tag Management, ingrédient indispensable d’une stratégie digitale internat...
Le Tag Management, ingrédient indispensable d’une stratégie digitale internat...Le Tag Management, ingrédient indispensable d’une stratégie digitale internat...
Le Tag Management, ingrédient indispensable d’une stratégie digitale internat...Ensighten
 
IBM et Ensighten s’associent pour la mise en œuvre d’expériences client conne...
IBM et Ensighten s’associent pour la mise en œuvre d’expériences client conne...IBM et Ensighten s’associent pour la mise en œuvre d’expériences client conne...
IBM et Ensighten s’associent pour la mise en œuvre d’expériences client conne...Ensighten
 
Protéger ses données personnelles dans un environnement multi-device: un enje...
Protéger ses données personnelles dans un environnement multi-device: un enje...Protéger ses données personnelles dans un environnement multi-device: un enje...
Protéger ses données personnelles dans un environnement multi-device: un enje...Ensighten
 
Modernisez votre marketing digital en 4 étapes
Modernisez votre marketing digital en 4 étapesModernisez votre marketing digital en 4 étapes
Modernisez votre marketing digital en 4 étapesEnsighten
 
Rethinking the Consumer Journey
Rethinking the Consumer JourneyRethinking the Consumer Journey
Rethinking the Consumer JourneyEnsighten
 
Hacking Marketing: Marketing Management in a Software World
Hacking Marketing: Marketing Management in a Software WorldHacking Marketing: Marketing Management in a Software World
Hacking Marketing: Marketing Management in a Software WorldEnsighten
 
Building an Effective Data Governance Framework
Building an Effective Data Governance FrameworkBuilding an Effective Data Governance Framework
Building an Effective Data Governance FrameworkEnsighten
 
Enterprise TMS: The Strategic Advantage
Enterprise TMS: The Strategic AdvantageEnterprise TMS: The Strategic Advantage
Enterprise TMS: The Strategic AdvantageEnsighten
 
Tag Management: The Glue that Brings IT and Marketing Together
Tag Management: The Glue that Brings IT and Marketing TogetherTag Management: The Glue that Brings IT and Marketing Together
Tag Management: The Glue that Brings IT and Marketing TogetherEnsighten
 
Changing Human Behavior Through Data-Driven Experiences
Changing Human Behavior Through Data-Driven ExperiencesChanging Human Behavior Through Data-Driven Experiences
Changing Human Behavior Through Data-Driven ExperiencesEnsighten
 

More from Ensighten (20)

Tag Management : A Key Component of an International Digital Strategy
Tag Management : A Key Component of an International Digital StrategyTag Management : A Key Component of an International Digital Strategy
Tag Management : A Key Component of an International Digital Strategy
 
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...
Marketing in the Moment: Trends and Innovations in Real-Time Omni-Channel Mar...
 
Beyond The Forecast: Forecasters of Feeling, Influencers of Behavior
Beyond The Forecast: Forecasters of Feeling, Influencers of BehaviorBeyond The Forecast: Forecasters of Feeling, Influencers of Behavior
Beyond The Forecast: Forecasters of Feeling, Influencers of Behavior
 
Scientists & Storytellers: CDW’s Journey Toward 1:1 Marketing
Scientists & Storytellers: CDW’s Journey Toward 1:1 MarketingScientists & Storytellers: CDW’s Journey Toward 1:1 Marketing
Scientists & Storytellers: CDW’s Journey Toward 1:1 Marketing
 
Mobile Apps: No Longer a Black Box of Digital Measurement
Mobile Apps: No Longer a Black Box of Digital MeasurementMobile Apps: No Longer a Black Box of Digital Measurement
Mobile Apps: No Longer a Black Box of Digital Measurement
 
How Omni-Channel Data Collection Can Power Marketing Measurement
How Omni-Channel Data Collection Can Power Marketing MeasurementHow Omni-Channel Data Collection Can Power Marketing Measurement
How Omni-Channel Data Collection Can Power Marketing Measurement
 
Using Ensighten to Personalize the Customer Experience
Using Ensighten to Personalize the Customer ExperienceUsing Ensighten to Personalize the Customer Experience
Using Ensighten to Personalize the Customer Experience
 
Making Your Site Vendor Agnostic via a Modern Data Layer
Making Your Site Vendor Agnostic via a Modern Data LayerMaking Your Site Vendor Agnostic via a Modern Data Layer
Making Your Site Vendor Agnostic via a Modern Data Layer
 
Heavyweight Martech Debate
Heavyweight Martech DebateHeavyweight Martech Debate
Heavyweight Martech Debate
 
Vision stratégique d’Ensighten
Vision stratégique d’EnsightenVision stratégique d’Ensighten
Vision stratégique d’Ensighten
 
Le Tag Management, ingrédient indispensable d’une stratégie digitale internat...
Le Tag Management, ingrédient indispensable d’une stratégie digitale internat...Le Tag Management, ingrédient indispensable d’une stratégie digitale internat...
Le Tag Management, ingrédient indispensable d’une stratégie digitale internat...
 
IBM et Ensighten s’associent pour la mise en œuvre d’expériences client conne...
IBM et Ensighten s’associent pour la mise en œuvre d’expériences client conne...IBM et Ensighten s’associent pour la mise en œuvre d’expériences client conne...
IBM et Ensighten s’associent pour la mise en œuvre d’expériences client conne...
 
Protéger ses données personnelles dans un environnement multi-device: un enje...
Protéger ses données personnelles dans un environnement multi-device: un enje...Protéger ses données personnelles dans un environnement multi-device: un enje...
Protéger ses données personnelles dans un environnement multi-device: un enje...
 
Modernisez votre marketing digital en 4 étapes
Modernisez votre marketing digital en 4 étapesModernisez votre marketing digital en 4 étapes
Modernisez votre marketing digital en 4 étapes
 
Rethinking the Consumer Journey
Rethinking the Consumer JourneyRethinking the Consumer Journey
Rethinking the Consumer Journey
 
Hacking Marketing: Marketing Management in a Software World
Hacking Marketing: Marketing Management in a Software WorldHacking Marketing: Marketing Management in a Software World
Hacking Marketing: Marketing Management in a Software World
 
Building an Effective Data Governance Framework
Building an Effective Data Governance FrameworkBuilding an Effective Data Governance Framework
Building an Effective Data Governance Framework
 
Enterprise TMS: The Strategic Advantage
Enterprise TMS: The Strategic AdvantageEnterprise TMS: The Strategic Advantage
Enterprise TMS: The Strategic Advantage
 
Tag Management: The Glue that Brings IT and Marketing Together
Tag Management: The Glue that Brings IT and Marketing TogetherTag Management: The Glue that Brings IT and Marketing Together
Tag Management: The Glue that Brings IT and Marketing Together
 
Changing Human Behavior Through Data-Driven Experiences
Changing Human Behavior Through Data-Driven ExperiencesChanging Human Behavior Through Data-Driven Experiences
Changing Human Behavior Through Data-Driven Experiences
 

Recently uploaded

lONG QUESTION ANSWER PAKISTAN STUDIES10.
lONG QUESTION ANSWER PAKISTAN STUDIES10.lONG QUESTION ANSWER PAKISTAN STUDIES10.
lONG QUESTION ANSWER PAKISTAN STUDIES10.lodhisaajjda
 
Lions New Portal from Narsimha Raju Dichpally 320D.pptx
Lions New Portal from Narsimha Raju Dichpally 320D.pptxLions New Portal from Narsimha Raju Dichpally 320D.pptx
Lions New Portal from Narsimha Raju Dichpally 320D.pptxlionnarsimharajumjf
 
LITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORN
LITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORNLITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORN
LITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORNtntlai16
 
Call Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. Mumbai
Call Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. MumbaiCall Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. Mumbai
Call Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. MumbaiPriya Reddy
 
Dreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio IIIDreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio IIINhPhngng3
 
BEAUTIFUL PLACES TO VISIT IN LESOTHO.pptx
BEAUTIFUL PLACES TO VISIT IN LESOTHO.pptxBEAUTIFUL PLACES TO VISIT IN LESOTHO.pptx
BEAUTIFUL PLACES TO VISIT IN LESOTHO.pptxthusosetemere
 
History of Morena Moshoeshoe birth death
History of Morena Moshoeshoe birth deathHistory of Morena Moshoeshoe birth death
History of Morena Moshoeshoe birth deathphntsoaki
 
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINESBIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINESfuthumetsaneliswa
 
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...David Celestin
 
Report Writing Webinar Training
Report Writing Webinar TrainingReport Writing Webinar Training
Report Writing Webinar TrainingKylaCullinane
 
Unlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven Curiosity
Unlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven CuriosityUnlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven Curiosity
Unlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven CuriosityHung Le
 
My Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle BaileyMy Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle Baileyhlharris
 
Ready Set Go Children Sermon about Mark 16:15-20
Ready Set Go Children Sermon about Mark 16:15-20Ready Set Go Children Sermon about Mark 16:15-20
Ready Set Go Children Sermon about Mark 16:15-20rejz122017
 
Digital collaboration with Microsoft 365 as extension of Drupal
Digital collaboration with Microsoft 365 as extension of DrupalDigital collaboration with Microsoft 365 as extension of Drupal
Digital collaboration with Microsoft 365 as extension of DrupalFabian de Rijk
 
Dreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video TreatmentDreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video Treatmentnswingard
 
Introduction to Artificial intelligence.
Introduction to Artificial intelligence.Introduction to Artificial intelligence.
Introduction to Artificial intelligence.thamaeteboho94
 
Uncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac FolorunsoUncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac FolorunsoKayode Fayemi
 
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdfAWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdfSkillCertProExams
 

Recently uploaded (20)

ICT role in 21st century education and it's challenges.pdf
ICT role in 21st century education and it's challenges.pdfICT role in 21st century education and it's challenges.pdf
ICT role in 21st century education and it's challenges.pdf
 
lONG QUESTION ANSWER PAKISTAN STUDIES10.
lONG QUESTION ANSWER PAKISTAN STUDIES10.lONG QUESTION ANSWER PAKISTAN STUDIES10.
lONG QUESTION ANSWER PAKISTAN STUDIES10.
 
Lions New Portal from Narsimha Raju Dichpally 320D.pptx
Lions New Portal from Narsimha Raju Dichpally 320D.pptxLions New Portal from Narsimha Raju Dichpally 320D.pptx
Lions New Portal from Narsimha Raju Dichpally 320D.pptx
 
LITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORN
LITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORNLITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORN
LITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORN
 
Call Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. Mumbai
Call Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. MumbaiCall Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. Mumbai
Call Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. Mumbai
 
Dreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio IIIDreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio III
 
BEAUTIFUL PLACES TO VISIT IN LESOTHO.pptx
BEAUTIFUL PLACES TO VISIT IN LESOTHO.pptxBEAUTIFUL PLACES TO VISIT IN LESOTHO.pptx
BEAUTIFUL PLACES TO VISIT IN LESOTHO.pptx
 
in kuwait௹+918133066128....) @abortion pills for sale in Kuwait City
in kuwait௹+918133066128....) @abortion pills for sale in Kuwait Cityin kuwait௹+918133066128....) @abortion pills for sale in Kuwait City
in kuwait௹+918133066128....) @abortion pills for sale in Kuwait City
 
History of Morena Moshoeshoe birth death
History of Morena Moshoeshoe birth deathHistory of Morena Moshoeshoe birth death
History of Morena Moshoeshoe birth death
 
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINESBIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
 
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
 
Report Writing Webinar Training
Report Writing Webinar TrainingReport Writing Webinar Training
Report Writing Webinar Training
 
Unlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven Curiosity
Unlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven CuriosityUnlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven Curiosity
Unlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven Curiosity
 
My Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle BaileyMy Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle Bailey
 
Ready Set Go Children Sermon about Mark 16:15-20
Ready Set Go Children Sermon about Mark 16:15-20Ready Set Go Children Sermon about Mark 16:15-20
Ready Set Go Children Sermon about Mark 16:15-20
 
Digital collaboration with Microsoft 365 as extension of Drupal
Digital collaboration with Microsoft 365 as extension of DrupalDigital collaboration with Microsoft 365 as extension of Drupal
Digital collaboration with Microsoft 365 as extension of Drupal
 
Dreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video TreatmentDreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video Treatment
 
Introduction to Artificial intelligence.
Introduction to Artificial intelligence.Introduction to Artificial intelligence.
Introduction to Artificial intelligence.
 
Uncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac FolorunsoUncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac Folorunso
 
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdfAWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
 

Would You Lie to Your Physician? Establishing Privacy Compliance within your Marketing Programs

  • 1. #agilitytour Would  You  Lie  to  Your   Physician? Presented  by  Aurélie  Pols,  CVO  of  Mind  Your  Privacy  
  • 2. #agilitytour I  Do!  (Lie  to  My  Doctor) When  it  applies  to  me!     Not  for  what’s  most  dear…  
  • 3. #agilitytour Risk  Adverse  for  My  Children Ø   My  most  precious  assets   Ø   We  share  common  goals   Ø   And  speak  the  same  language     Could  you  say  the  same  of  your     Legal  Council?  
  • 4. #agilitytour Consider  Before  Crucifying  the  Rule  of  Law 1.  The  specifics  of  data  as  an  Economic  Asset:   ²   Data  in  infinitely  transferable  without  decay   2.  OPen  forgoQen  LegislaRve  Challenges   ²   Defining  and  recognising  Data  Harms   3.  Related  to  evolving  Privacy  LegislaRon   ²   Compliance  is  a  Risk  Exercise   4.  Minimizing  Privacy  related  Risks   ²   YOUR  liability  within  the  Data  Ecosystem  
  • 5. #agilitytour I’m  Not  Here  to  Define  Privacy AnalyRcs     Privacy  (&  Data  ProtecRon)  
  • 6. #agilitytour Fact  Remains:  RACI  Matrices Ø Legal  council  will  be   held  accountable   Ø Legal  council  should   be  consulted   •  Responsible   •  Who  is/will  be  doing  this  task?   •  Who  is  assigned  to  work  on  this  task?  R   •  Accountable   •  Who’s  head  will  roll  if  this  goes  wrong?   •  Who  has  the  authority?  to  take  decision?  A   •  Consulted   •  Anyone  who  can  tell  me  more  about  this  task?   •  Any  stakeholders  already  idenRfied?  C   •  Informed   •  Anyone  whose  work  depends  on  this  task?   •  Who  has  to  be  kept  updated  about  the  progress?  I  
  • 7. #agilitytour In  a  World  of  Dynamic  RegulaMon Two  fundamental  Data  Privacy  quesRons:   1.  How  far  is  too  far  (for  data  use  &  transparency)?   2.  Who  will  decide  (what  is  acceptable)?  
  • 8. #agilitytour If  I  Had  1  £  for  Every  Time  I  Heard… 1.  Yes  but  we  don’t  collect  PII   2.  InternaRonal  data  transfers?  Safe  Harbour!  
  • 9. #agilitytour So  What  to  Do?  1  Rules  Them  All FIPPs:  Fair  informaRon  PracRce  Principles   1.  Transparency   •  NoRce/awareness  &  Purpose  =>  how  transparent?   2.  Choice   •  Consent  =>  opt-­‐in  or  opt-­‐out,  ex-­‐  or  implicit?   3.  InformaRon  Review  &  CorrecRon   •  Access  &  parRcipaRon  in  (data)  accuracy   4.  InformaRon  ProtecRon   •  Data  integrity  &  security   5.  Accountability   •  Enforcement  and  redress:     I.  Self-­‐regulaRon,     II.  Private  remedies  through  civil  acRons  (Germany)   III.  Government  enforcement  (FTC,  European  Data  ProtecRon  Agencies,  …)   Transparency Choice InformaMon   review  &   correcMon InformaMon   protecMon Accountability
  • 10. #agilitytour There  Is  No  PII  NOC  List
  • 11. #agilitytour PII  vs.  Risk  Levels DIGITAL  EXHAUST   Low  Risk   OBA   Medium  Risk   (profiling)   HIPAA   HEALTH  DATA   High  Risk   (sensiRve)   Risk  Level   Data  type   InformaRon  Security  Measures   Gehng  closer  to  uniquely  idenRfying  an  individual     FCRA   CREDIT  SCORING   Extremely  High  Risk   (profiling  of  sensiRve  data)   US:  if/then  exercises   PII
  • 12. #agilitytour Where  to  Start?   1.  Define  yourself   •  Who  are  you  in  the  data  ecosystem?   •  What  are  your  obligaRons?   •  What  is  expected  of  you?   •  (Who  can  find  out?)    
  • 13. #agilitytour Where  to  Start? 2.  Document  your  Digital  Entanglement   High-­‐level  mock-­‐up  of  exisRng  client.   Next  steps:   ü Terms  &  sovereignRes     ü Data  points  &  access/sharing   ü Purpose  &  Consent   ü Data  retenRon  periods  
  • 14. #agilitytour Where  to  Start? 3.  Align  your  liabiliOes:   Ø   What  do  the  terms  allow?   Ø   Which  data  points  are  you  collecRng?   Ø   Which  clauses  are  being  used     (InternaRonal  data  transfer   mechanisms:  SafeHarbour)?   Ø   Who  has  access?  Data  sharing   Ø   …  
  • 15. #agilitytour Where  to  Start? Purpose   Consent   4.  Don’t  drop  the  ball  on  Purpose  and  Consent!   What  happens  if  opt-­‐out  of  email  list,                                              ?   hQps://support.google.com/adwords/answer/ 6276125?hl=en     UK:  OpRcal  Express  bought  “consented”  data   from  Thomas  Cook   See  ICO  PECR:     hQps://ico.org.uk/for-­‐organisaRons/guide-­‐to-­‐ pecr/introducRon/what-­‐are-­‐pecr/  z  
  • 16. #agilitytour Where  to  Start? 5.  Understand  your  risk   Ø   Of  legal  issues:  fines,  class  acRons   Schleswig-­‐Holstein  DPA  considers  SafeHarbour  clauses  today  unacceptable  +   can’t  be  replaced  by  model  clauses  either  =>  is  this  a  risk  for  your  company?   Ø   Of  customer  backlashes:  unexpected/creepy     data  uses   Target:  using  shopping  behavior  to  define     pregnancy  state  (sensiRve  data)  =>  consent!  
  • 17. #agilitytour Where  to  Start? 6.  Document,  train  &  communicate   •  If  asked,  be  able  to  show     you’ve  done  your  homework   •  Define  accountability     (data  stewards)  &  escalaRon     procedures   •  Explain  &  ask  for  help:     your  company  is  the  paOent!    
  • 18. #agilitytour We  All  Hated  the  “Cookie  DirecMve”,  Right? Thank  you  for   listening!   Gracias  por  su   atención!   aurelie@mindyourprivacy.com