privacy & data protection

Download Privacy & Data Protection

Post on 11-Apr-2017

53 views

Category:

Law

1 download

Embed Size (px)

TRANSCRIPT

PowerPoint Presentation

The Road Ahead: Practical Implications & Best PracticesPRIVACY & DATA PROTECTIONPhani Krishna, CISA, CISM, CISSP, CAIIB...Head of IT Audit, Essentra Plc.

Disclaimer: The views, opinions, findings, and conclusions or recommendations expressed in this presentation are strictly those of the presenter and are for information purposes only. They do not necessarily reflect the views of Essentra or the other organizations served by the presenter. Essentra or the other organizations served, take no responsibility for any errors or omissions in, or for the correctness of, the information contained in this presentation.Privacy, a noun: A state in which one is not observed or disturbed by other people or The state of being free from public attention

What are we planning to cover?Introduction to Privacy & Data ProtectionPII definition and ScopeData protection Law & RegulationASIA (India)EMEA (EU)Americas (USA)Practical Implications of Privacy & GDPRObjectivesRights of Data subjectsOrganizational RequirementsBest Practices for GDPR complianceAssessmentFramework & ControlsCompliance

What are we planning to cover?Introduction to Privacy & Data ProtectionPII definition and ScopeData protection Law & RegulationASIA (India)EMEA (EU)Americas (USA)Practical Implications of Privacy & GDPRObjectivesRights of Data subjectsOrganizational RequirementsBest Practices for GDPR complianceAssessmentFramework & ControlsCompliance

Privacy & Data Protection

What are we planning to cover?Introduction to Privacy & Data ProtectionPII definition and ScopeData protection Law & RegulationASIA (India)EMEA (EU)Americas (USA)Practical Implications of Privacy & GDPRObjectivesRights of Data subjectsOrganizational RequirementsBest Practices for GDPR complianceAssessmentFramework & ControlsCompliance

PII & Scope

http://www.usan.com/uncategorized/understanding-pii-personally-identifiable-information-in-the-contact-center/Any information that can identify a natural person directly, indirectly or when combined with other available information

What are we planning to cover?Introduction to Privacy & Data ProtectionPII definition and ScopeData protection Law & RegulationASIA (India)EMEA (EU)Americas (USA)Practical Implications of Privacy & GDPRObjectivesRights of Data subjectsOrganizational RequirementsBest Practices for GDPR complianceAssessmentFramework & ControlsCompliance

Data protection Law & RegulationForresters 2016 Data Protection Heat Map- Countries are continuing to move toward the Europe standard for data protection

(from 1 June 2017)Failure to report leakage, damage or loss of personal dataDisclosure of personal information in breach of a lawful contract or without consentSerious or repeated breach of the Australian Privacy PrinciplesPrivacy Directives / EU GDPRPrivacy ShieldIndustry specific such as HIPAA / Privacy act 1974

1980 OECD guidelines on the Protection of Privacy and Trans border flows of Personal Data (updated 2013) Only recommended to member countriesGlobal Privacy Enforcement Network(GPEN)

What are we planning to cover?Introduction to Privacy & Data ProtectionPII definition and ScopeData protection Law & RegulationASIA (India)EMEA (EU)Americas (USA)Practical Implications of Privacy & GDPRObjectivesRights of Data subjectsOrganizational RequirementsBest Practices for GDPR complianceAssessmentFramework & ControlsCompliance

Privacy objectives of General Data Protection Regulation (GDPR)1Protect the Privacy rights2Uniform regulation across EU3Define(widen) the scope of PII4Uniform cross boarder data transfers5Address the online data privacy concerns6Facilitate the economic activities with uniform privacy requirements7Harmonize the regulatory oversight

Rights of Data Subjects

Organizational Requirements

What are we planning to cover?Introduction to Privacy & Data ProtectionPII definition and ScopeData protection Law & RegulationASIA (India)EMEA (EU)Americas (USA)Practical Implications of Privacy & GDPRObjectivesRights of Data subjectsOrganizational RequirementsBest Practices for GDPR complianceAssessmentFramework & ControlsCompliance

Assessment

Framework & Controls

GDPR Compliance Best practices

Discussion

Recommended

View more >