GDPR for Identity Architects
-
Upload
prabath-siriwardena -
Category
Education
-
view
209 -
download
0
Transcript of GDPR for Identity Architects
Senior Director - Security Architecture, WSO2
General Data Protection Regulation (GDPR) for Identity Architects
Prabath Siriwardena
GDPR OVERVIEW
14
15
DATA PROTECTION IMPACT ASSESSMENT (DPIA)
● Following activities are required to have a DPIA○ Processing of special categories of personal data at large scale.○ Core business activities consist of systematic monitoring of the data subject at
large scale.○ Monitoring of publicly accessible areas at a large scale
16
17
18
19
DATA PROCESSING RECORD (CONTROLLER)
● Name and contact details of controllers, the representatives, and data protection officer.
● Purposes of processing● Description of the categories of data subjects and categories of personal data.● The categories of recipients to whom the personal data have need or will be
disclosed.● Transfers of personal data to a third country/international organization.● Time limits for the erasure of the different data categories.● General description of the technical and organizational security measures.
20
21
DATA PROCESSING RECORD (PROCESSOR)
● Name and contact details of controllers, the representatives, and data protection officer.
● Categories of processing● Transfers of personal data to a third country/international organization.● General description of the technical and organizational security measures.
22
23
24
25
26
27
28
29
DATA SUBJECT’S RIGHTS
31
32
33
34
35
36
37
IAM DESIGN PRINCIPLES AND
BEST PRACTICES
39
40
41
42
FACEBOOK COOKIE POLICYhttps://www.facebook.com/policies/cookies/
43
GOOGLE COOKIE POLICYhttps://www.google.com/policies/technologies/cookies/
44
45
FACEBOOK DATA USE POLICYhttps://www.facebook.com/full_data_use_policy
46
47
48
49
50
51