25 May has come and gone and the GDPR is now effective. Many organizations struggled to comes to terms with the enormity of the task of addressing the regulation and mistakenly saw 25 May as a deadline rather than a milestone in a larger piece of work.
During this presentation Tim Clements will share some insights into the benefits of aligning GDPR with existing organizational strategies, as well as outline some existing standards that can assist in establishing the framework needed to ensure ongoing compliance with GDPR and other applicable laws and regulations.
Furthermore, we will look at the operational aspects of two key GDPR requirements, “Data Protection Impact Assessment” and “Data Protection by Design and by Default”.
Data protection strategy – do you have one?
- Common angles
- Strategy on a page
- When to reload the strategy
Relevant frameworks and standards for data protection (GDPR)
- ISO 27001/2 is important but far from sufficient
- Other frameworks and standards
- Avoiding overlap and duplication
Data protection by Design and by default
- Examples when things go wrong
- Data protection impact assessment (DPIA)
- Mapping privacy risk and privacy harms