Wake Up to the Challenges of the EU General Data Protection Regulation
Transcript of Wake Up to the Challenges of the EU General Data Protection Regulation
In association with: Presented by:
Wake Up to the Challenges of the EU General Data Protection Regulation –
Govern Your Information and Data Now
Presented 24th September, 2015
In association with: Presented by:
About AIIM
AIIM is the Global Community of Information Professionals AIIM believes that the information systems we use at work should be simple, secure, and available anywhere, anytime, and on any device. Our mission is to improve organizational performance by empowering a community of leaders committed to information-driven innovation. Learn more at www.aiim.org
In association with: Presented by:
AIIM Presents:
Wake Up to the Challenges of the EU General Data Protection Regulation – Govern Your Information and Data Now
Host: Theresa Resek Director AIIM
Mike Davis Principal Analyst msmd advisors
John Culkin Director of Information Management Services Crown Records Management
In association with: Presented by:
Introducing our Featured Speaker
Mike Davis
Principal Analyst
msmd advisors
Data Protection
It’s Personal
©msmd advisors 2015 © of all images acknowledged 5
Setting the (EU) scene
• Why do we need data protection legislation? • What do we have now? (did you know we had
some?) • Why do we need a new regulation? • What will GDPR deliver? • What will the new regulation mean for
business?
©msmd advisors 2015 6
Why do we need data protection legislation?
• Personal data is personal • It should be given and used with consent of
the person (data subject) • Data should remain the ‘property’ of the data
subject • Data custodians have a duty to look after
personal data, as any other property they are trusted with
©msmd advisors 2015 7
Why do we need data protection legislation?
©msmd advisors 2015 8
Lots of people thought that their data was truly private
Why do we need data protection legislation?
©msmd advisors 2015 9
This lady didn’t realise that her personal details were being sold on
Why do we need data protection legislation?
©msmd advisors 2015 10
Bank customers believed their personal data, and identities were protected from theft
What do we have now?
• E.g., In the UK the Data Protection Act 1998 (replaced the 1982 Act)
• Country laws based upon two Directives agreed at EU Commission level
©msmd advisors 2015 11
Why do we need a NEW regulation? Current legislation derived from EU directives
• 28 states = 28 laws • Written + rewritten as EU expanded • Do not cover cloud • Do not cover social media • Did not envisage current scale of ‘out of country’ processing
©msmd advisors 2015 12
What will the GDPR deliver?
• Single set of rules for all states • One data protection authority (DPA) for each organisation • ‘Privacy by design’ • Rapid notification of breach(es) • Significant fines for breach • Right to be forgotten
©msmd advisors 2015 13
‘Privacy by design’
• People will have to ‘opt-in’ to data sharing • No more tiny tick boxes • Consent must be explicit and recorded • Encryption is the norm, not the ‘nice to have’ • Only that data which is really necessary to
provide the service is captured, processed and stored
©msmd advisors 2015 14
Rapid notification
©msmd advisors 2015 15
72 hours is the likely maximum to notify regulators, and data subjects of a data breach
The right to be forgotten
©msmd advisors 2015 16
This man wanted his embarrassing past to be removed from search results
Not just EU companies
©msmd advisors 2015 17
It is country of the data subject that counts, NOT where their data is processed
What will the new regulation mean for business?
©msmd advisors 2015 18
What will the new regulation mean for business?
©msmd advisors 2015
If you comply: • Lower administrative overheads • More accurate information upon which to base business decisions • Less scrutiny from regulators • Greater trust from other businesses • Greater trust from customers
19
Thank you
[email protected] www.msmd-advisors.com
responsive, credible , flexible
If you would like more detail, or direction, please contact us
©msmd advisors 2015 20
In association with: Presented by:
Introducing our Sponsor Speaker
John Culkin
Director of Information Management Services
Crown Records Management
WHY COMPANIES MUST WAKE UP TO THE CHALLENGES OF THE EU GENERAL DATA PROTECTION REGULATION By John Culkin Director of Information Management Services Crown Records Management
THE ADVANTAGES OF PREPARING EARLY
1. The job is far bigger than you think it is
2. Good data governance and treating data as an asset can raise profits
3. There is a threat of reputational damage if you are one of the first to be investigated
4. Complying with the Regulation will cost money: most companies will need time to budget
5. Customers and stakeholders will be more comfortable if you are seen to be looking after your data – it’s good PR
6. Finding a Data Protection Officer early can save you money
HERE IS A BASIC GUIDE ON HOW TO START THE PROCESS
1. Begin with a data audit
2. Decide what data to keep
3. Securely destroy unnecessary data
101000101101010010110101001101011010001011010110100011010101101101011010100110101010100010100010110101001011010100110101101000101101001010001101010110110110101001101010100010101010001011011011010100110101010001011010010100101000110101011011010100110101101000100001
4. Set a budget for a Data Protection Officer and oversee the appointment
5. Begin staff training and review your information governance framework
6. Put a clear and effective reporting process in place for data breaches
ARE THERE ANY QUESTIONS
REFERENCES • Crown Record Management
www.crownrms.com • Records Management Perspectives
www.crownrms.com/intl/en-gb/article/why-companies-must-wake-up-to-the-challenges-of-the-eu-general-data-protection-regulation
• To find our more information please contact: [email protected]
THANK YOU
In association with: Presented by:
QUESTIONS?
In association with: Presented by:
AIIM Resources
www.aiim.org/research Download AIIM Studies
aiim.org/training
• Enterprise Content Management Improve customer and staff engagement, ensure compliance, and automate business processes.
• Business Process Management Map, design, and automate operational processes for your organization using a combination of strategies, change management, and technologies.
• Taxonomy & Metadata Optimize navigation, findability, and information discovery through content classification.
• Information Governance Create an information accountability framework that reduces costs, manages risk, and optimizes value.
• Managing Records & eDiscovery with SharePoint 2013 Manage records, ensure compliance, and prepare for civil litigation requests.
• Electronic Records Management Know what to keep and what to discard as volume, variety, and velocity of digital information intensifies.
AIIM Training
In association with: Presented by:
Connect with AIIM
As the Global Community for Information Professionals, join us here
AIIM’s Resource Centers – www.aiim.org/resource-centers
AIIM's Blogging Community – http://community.aiim.org
LinkedIn Group – www.linkedin.com/groups/AIIM-Global-Community-Information-Professionals-3698
Twitter – www.aiim.org/Connect/Twitter
Facebook – www.facebook.com/aiimcommunity
Digital Landfill – http://info.aiim.org/digital-landfill
In association with: Presented by:
Enterprise Content Management (ECM) Business Process Management (BPM) Capture & Scanning Collaboration Content Analytics
Electronic Records Management (ERM) Information Governance Search SharePoint Taxonomy & Metadata Web Content Management
Access Industry Tutorials, Research, Webinars, and Expert Advice Blogs –
all in one place
Visit aiim.org/resource-centers
AIIM Resource Centers
In association with: Presented by:
Survey and Feedback
To take our Survey, click on the link in the Resources tab at the bottom of your screen.
Tell us how we did today, and offer suggestions for topics of future events.
In association with: Presented by:
Upcoming Webinars
October 15th Easing the Transition from Legacy ECM Systems to New Beginnings: it's all in the user interface
Register Today at www.aiim.org/webinars
View our library of Webinars On Demand
www.aiim.org/WebinarsOnDemand
In association with: Presented by: