Presentation is loading. Please wait.

Presentation is loading. Please wait.

GDPR Readiness Project

Published byDayna Reynolds Modified over 5 years ago

Similar presentations

Presentation on theme: "GDPR Readiness Project"— Presentation transcript:

1 GDPR Readiness Project
Ron Kemp Director of Corporate IT PCC Finance & IT Conference September 2017

2 Agenda EU GDPR Highlights Impact on PCC IT Requirements Questions

3 EU GDPR Highlights (General Data Protection Regulation)
Why Designed to provide increased privacy for EU individuals Also applies to non-EU companies that process personal data of individuals in the EU Harmonizes data protection law in EU to strengthen and unify data privacy rights When Takes effect on 25 May 2018 All PCC locations will need to comply with the GDPR Impact Provides regulatory authorities greater powers to take action against companies Fines of up to €20million or 4% total worldwide group annual turnover (whichever is higher)

4 Impact on PCC Accountability
Controllers like PCC companies must demonstrate how they comply with data privacy principles and show that personal data is: processed lawfully, fairly and transparently collected and used only for specified and legitimate purposes limited to what is necessary for the specified purpose not retained any longer than is necessary for the specified purpose appropriately secured Data Processing and Privacy by Design and Default - Controllers like PCC companies must enter into agreements with data processors that include specific provisions (whether or not the data processor is a group company) - Controllers must keep records of processing activities, and evidence of measures showing consideration of data protection International Data Transfers Recipients of personal data outside the EEA (including group companies) must have adequate privacy safeguards in place. Adequacy is determined at country level. The EU does not deem the US to be adequate so new protection measures will be required Data Protection Officer / Representatives Organizations should appoint appropriate persons to take responsibility for GDPR compliance so a GDPR responsibility structure will be required

5 How is PCC Addressing the GDPR
- Executive Steering Committee - Working Party Gather Information Access GDPR Readiness Implement Comprehensive Governance Framework

6 Project Management Structure
28 August 2018 Project Management Structure

7 Understand Protected Data
IT Requirements Understand Protected Data -Name of individual, Address , -Telephone number, Date of birth -IP address (only if combined with other information to identify an individual) -indirect reference, e.g. unique reference number -geolocation information -financial information Examples -Data backup and retention, -PRP/PIP data, Employee photos -IP data – Zscaler, Security Appliances, SCCM, ProofPoint Data, Airwatch Data -Common File Shares, Data Location -HR Data, ERP Systems Responsibilities -Where data is stored -Data deletion\retention -Verify appropriate access to data -Security Team Access -eDiscovery Access -3rd Party Contract Compliance

8 Questions

Download ppt "GDPR Readiness Project"

Similar presentations

The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.

The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.
Compliance August 18, 2009. Agenda Outline Status Draft of Answers.

Compliance August 18, Agenda Outline Status Draft of Answers.
The EU General Data Protection Regulation Frank Rankin.

The EU General Data Protection Regulation Frank Rankin.
Data protection—training materials [Name and details of speaker]

Data protection—training materials [Name and details of speaker]
Legal and Compliance Workshop July 28, 2016 Presented by: Lucy Du-Jones, Founder and Managing Director, du-tian.

Legal and Compliance Workshop July 28, 2016 Presented by: Lucy Du-Jones, Founder and Managing Director, du-tian.
Protecting Data, Sharing Information Graham Wakerley: Director

Protecting Data, Sharing Information Graham Wakerley: Director
General Data Protection Regulation (EU 2016/679)

General Data Protection Regulation (EU 2016/679)
GDPR 12 POINTS 679/2016 DATA LEX 2016.

GDPR 12 POINTS 679/2016 DATA LEX 2016.
Data Protection Officer’s Overview of the GDPR

Data Protection Officer’s Overview of the GDPR
General Data Protection Regulations: The Key Changes

General Data Protection Regulations: The Key Changes
Making the Connection ISO Master Class An Overview.

Making the Connection ISO Master Class An Overview.
Ian De Freitas, Partner, Farrer & Co 6 September 2017

Ian De Freitas, Partner, Farrer & Co 6 September 2017
Preparing for a data protection audit 28 September 2017

Preparing for a data protection audit 28 September 2017
Overview General Data Protection Regulation (GDPR)

Overview General Data Protection Regulation (GDPR)
THE NEW GENERAL DATA PROTECTION REGULATION: A EUROPEAN OR A GLOBAL STANDARD? Bart van der Sloot Senior Researcher Tilburg Institute for Law, Technology,

THE NEW GENERAL DATA PROTECTION REGULATION: A EUROPEAN OR A GLOBAL STANDARD? Bart van der Sloot Senior Researcher Tilburg Institute for Law, Technology,
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
Operationele blik op GDPR

Operationele blik op GDPR
GDPR – What’s it all about???

GDPR – What’s it all about???
Data Protection The Current Regime

Data Protection The Current Regime
General Data Protection Regulation (GDPR

General Data Protection Regulation (GDPR

Similar presentations

Ads by Google