SlideShare a Scribd company logo

GDPR: More reasons for information security

Download as PPTX, PDF
Jisc
Jisc

Presentation from the Jisc security conference 2016 www.jisc.ac.uk

Technology
1 of 12
GDPR: More reasons for information security Andrew Cormack (@Janet_LegReg) 11/11/2016
Existing reasons 11/11/2016 GDPR: More reasons for information security 2 Information Security Reliability Confidence Trust ReputationPolicy Workload etc
General data protection regulation (GDPR) 2016/679 11/11/2016 GDPR: More reasons for information security 3 Personal data processing May 2018 » Almost certainly pre-Brexit » Services to EU people covered anyway Becomes UK law automatically
GDPR supports proactive and reactive information security 11/11/2016 GDPR: More reasons for information security 4
Breach notification Unauthorised/accidental loss, alteration, disclosure or access to personal data 11/11/2016 GDPR: More reasons for information security 5 All breaches » Document Risk to rights/freedoms » Report to ICO (72 hour expectation) » Nature; number/type of records/people affected; mitigations High risk to rights/freedoms » Also notify individuals (unless mitigated) » Can take ICO advice
Security and incident response 11/11/2016 GDPR: More reasons for information security 6 Very like security good practice (paper currently with journal reviewers) “Ensuring network and information security … CSIRTs… providers of networks and services… ” (Rec.49) A legitimate interest… (for processing personal data) If necessary/proportionate… Balance of interests test…
Other tools mentioned 11/11/2016 GDPR: More reasons for information security 7 Encryption » Mitigate damage from breaches Data protection by design Exercises » Test readiness » Assist complianceAuthorisation » Reduce riskPseudonyms
New incentives 11/11/2016 GDPR: More reasons for information security 8 Security/incident response clearly lawful Increased public awareness Much bigger fines (€20M/4%) Damages, not just for monetary loss
Opportunities to improve 11/11/2016 GDPR: More reasons for information security 9 Regulator guidance Lessons learned from breaches Compare public notifications NIS Directive => more sharing Cloud security standards etc.
12 steps 11/11/2016 GDPR: More reasons for information security 10 Information Commissioner’s Office, [Preparing for the GDPR, 14/3/16], licensed under the Open Government Licence
Watch these spaces » ICO: › https://ico.org.uk/for-organisations/data-protection-reform/ » Regulation (2016/679/EU): › http://ji.sc/gdpr-text » Me: › http://ji.sc/dataprotection-regulation 11/11/2016 GDPR: More reasons for information security 11
jisc.ac.uk One CastleparkTower Hill Bristol BS2 0JA customerservices@jisc.ac.uk T 020 3697 5800 Except where otherwise noted, this work is licensed under CC-BY-NC-ND Thanks Andrew Cormack Chief Regulatory Adviser, JiscTechnologies Andrew.Cormack@jisc.ac.uk 11/11/2016 GDPR: More reasons for information security 12

Recommended

What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...TrustArc
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowSophos Benelux
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationGhostery, Inc.
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection RegulationRamiro Cid
 
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeTrustArc
 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET
 
Data Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRIT Governance Ltd
 
Data Protection Forum meetup 23052017
Data Protection Forum meetup 23052017 Data Protection Forum meetup 23052017
Data Protection Forum meetup 23052017 John M Walsh
 

Recommended

What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...TrustArc
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowSophos Benelux
 
The Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationThe Practical Impact of the General Data Protection Regulation
The Practical Impact of the General Data Protection RegulationGhostery, Inc.
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection RegulationRamiro Cid
 
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeTrustArc
 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET
 
Data Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRData Flow Mapping and the EU GDPR
Data Flow Mapping and the EU GDPRIT Governance Ltd
 
Data Protection Forum meetup 23052017
Data Protection Forum meetup 23052017 Data Protection Forum meetup 23052017
Data Protection Forum meetup 23052017 John M Walsh
 
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)Nordic APIs
 
Data privacy impact assessment
Data privacy impact assessmentData privacy impact assessment
Data privacy impact assessmentStephen Owen
 
Digital Rights Management
Digital Rights ManagementDigital Rights Management
Digital Rights ManagementSabrina Kirrane
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIKarel Holst
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORIKarel Holst
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...TrustArc
 
EU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information FlowEU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information FlowDavid Erdos
 
Data Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesData Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesAmazon Web Services
 
EU GDPR - 12 Steps To Compliance
EU GDPR - 12 Steps To Compliance EU GDPR - 12 Steps To Compliance
EU GDPR - 12 Steps To Compliance Tom Haynes
 
Dai Davies - GDPR Presentation
Dai Davies - GDPR PresentationDai Davies - GDPR Presentation
Dai Davies - GDPR PresentationSagittarius
 
Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery, Inc.
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeTrustArc
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 
Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Jisc
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Jisc
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher EducationJisc
 
Information security at University of East London: the benefits (and pitfalls...
Information security at University of East London: the benefits (and pitfalls...Information security at University of East London: the benefits (and pitfalls...
Information security at University of East London: the benefits (and pitfalls...Jisc
 
Mitigation starts now
Mitigation starts nowMitigation starts now
Mitigation starts nowJisc
 
Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Jisc
 
Protecting our customers - BT security
Protecting our customers - BT securityProtecting our customers - BT security
Protecting our customers - BT securityJisc
 
Working with students and ISO27001
Working with students and ISO27001Working with students and ISO27001
Working with students and ISO27001Jisc
 
Cyber security training for Non-IT Staff
Cyber security training for Non-IT StaffCyber security training for Non-IT Staff
Cyber security training for Non-IT StaffRajneesh G
 

More Related Content

What's hot

New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)Nordic APIs
 
Data privacy impact assessment
Data privacy impact assessmentData privacy impact assessment
Data privacy impact assessmentStephen Owen
 
Digital Rights Management
Digital Rights ManagementDigital Rights Management
Digital Rights ManagementSabrina Kirrane
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIKarel Holst
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORIKarel Holst
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...TrustArc
 
EU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information FlowEU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information FlowDavid Erdos
 
Data Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesData Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesAmazon Web Services
 
EU GDPR - 12 Steps To Compliance
EU GDPR - 12 Steps To Compliance EU GDPR - 12 Steps To Compliance
EU GDPR - 12 Steps To Compliance Tom Haynes
 
Dai Davies - GDPR Presentation
Dai Davies - GDPR PresentationDai Davies - GDPR Presentation
Dai Davies - GDPR PresentationSagittarius
 
Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery, Inc.
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeTrustArc
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPRTim Hyman LLB
 

What's hot (13)

New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
 
Data privacy impact assessment
Data privacy impact assessmentData privacy impact assessment
Data privacy impact assessment
 
Digital Rights Management
Digital Rights ManagementDigital Rights Management
Digital Rights Management
 
GDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORIGDPR presentation BE-Com - IFORI
GDPR presentation BE-Com - IFORI
 
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI2017 09 13_VOKA The Big Refresh - GDPR - IFORI
2017 09 13_VOKA The Big Refresh - GDPR - IFORI
 
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
Interoperable Solutions for Cross Border Data Transfers – APEC, CBPR, BCR fro...
 
EU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information FlowEU General Data Protection Regulation & Transborder Information Flow
EU General Data Protection Regulation & Transborder Information Flow
 
Data Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud ServicesData Privacy & Compliance Considerations on Using Cloud Services
Data Privacy & Compliance Considerations on Using Cloud Services
 
EU GDPR - 12 Steps To Compliance
EU GDPR - 12 Steps To Compliance EU GDPR - 12 Steps To Compliance
EU GDPR - 12 Steps To Compliance
 
Dai Davies - GDPR Presentation
Dai Davies - GDPR PresentationDai Davies - GDPR Presentation
Dai Davies - GDPR Presentation
 
Ghostery MCM - May 2016
Ghostery MCM - May 2016Ghostery MCM - May 2016
Ghostery MCM - May 2016
 
EU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTeEU Privacy Shield - Understanding the New Framework from TRUSTe
EU Privacy Shield - Understanding the New Framework from TRUSTe
 
The Essential Guide to GDPR
The Essential Guide to GDPRThe Essential Guide to GDPR
The Essential Guide to GDPR
 

Viewers also liked

Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Jisc
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Jisc
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher EducationJisc
 
Information security at University of East London: the benefits (and pitfalls...
Information security at University of East London: the benefits (and pitfalls...Information security at University of East London: the benefits (and pitfalls...
Information security at University of East London: the benefits (and pitfalls...Jisc
 
Mitigation starts now
Mitigation starts nowMitigation starts now
Mitigation starts nowJisc
 
Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Jisc
 
Protecting our customers - BT security
Protecting our customers - BT securityProtecting our customers - BT security
Protecting our customers - BT securityJisc
 
Working with students and ISO27001
Working with students and ISO27001Working with students and ISO27001
Working with students and ISO27001Jisc
 
Cyber security training for Non-IT Staff
Cyber security training for Non-IT StaffCyber security training for Non-IT Staff
Cyber security training for Non-IT StaffRajneesh G
 
Data Security Breach – knowing the risks and protecting your business
Data Security Breach – knowing the risks and protecting your businessData Security Breach – knowing the risks and protecting your business
Data Security Breach – knowing the risks and protecting your businessEversheds Sutherland
 
Data and disadvantaged students - using learning analytics for inclusion
Data and disadvantaged students - using learning analytics for inclusionData and disadvantaged students - using learning analytics for inclusion
Data and disadvantaged students - using learning analytics for inclusionJisc
 
The Assessment Journey
The Assessment JourneyThe Assessment Journey
The Assessment JourneyJisc
 
The Jisc UK ORCID consortium : Workshop 2
The Jisc UK ORCID consortium : Workshop 2The Jisc UK ORCID consortium : Workshop 2
The Jisc UK ORCID consortium : Workshop 2Jisc
 
Jisc UK ORCID Support: onboarding webinar
Jisc UK ORCID Support: onboarding webinarJisc UK ORCID Support: onboarding webinar
Jisc UK ORCID Support: onboarding webinarJisc
 
Cyber Incident Response & Digital Forensics Lecture
Cyber Incident Response & Digital Forensics LectureCyber Incident Response & Digital Forensics Lecture
Cyber Incident Response & Digital Forensics LectureOllie Whitehouse
 
What makes a successful online learner?
What makes a successful online learner?What makes a successful online learner?
What makes a successful online learner?Jisc
 
Tracking research and research systems
Tracking research and research systemsTracking research and research systems
Tracking research and research systemsJisc
 
Connected health cities
Connected health citiesConnected health cities
Connected health citiesJisc
 

Viewers also liked (20)

Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...Data and information governance: getting this right to support an information...
Data and information governance: getting this right to support an information...
 
Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"Cyber Crime - "Who, What and How"
Cyber Crime - "Who, What and How"
 
Role of the CISO in Higher Education
Role of the CISO in Higher EducationRole of the CISO in Higher Education
Role of the CISO in Higher Education
 
Information security at University of East London: the benefits (and pitfalls...
Information security at University of East London: the benefits (and pitfalls...Information security at University of East London: the benefits (and pitfalls...
Information security at University of East London: the benefits (and pitfalls...
 
Mitigation starts now
Mitigation starts nowMitigation starts now
Mitigation starts now
 
Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...Certifying and Securing a Trusted Environment for Health Informatics Research...
Certifying and Securing a Trusted Environment for Health Informatics Research...
 
Protecting our customers - BT security
Protecting our customers - BT securityProtecting our customers - BT security
Protecting our customers - BT security
 
Working with students and ISO27001
Working with students and ISO27001Working with students and ISO27001
Working with students and ISO27001
 
Cyber security training for Non-IT Staff
Cyber security training for Non-IT StaffCyber security training for Non-IT Staff
Cyber security training for Non-IT Staff
 
30 September 2014: Cyber Security Model
30 September 2014: Cyber Security Model30 September 2014: Cyber Security Model
30 September 2014: Cyber Security Model
 
Data Security Breach – knowing the risks and protecting your business
Data Security Breach – knowing the risks and protecting your businessData Security Breach – knowing the risks and protecting your business
Data Security Breach – knowing the risks and protecting your business
 
Data and disadvantaged students - using learning analytics for inclusion
Data and disadvantaged students - using learning analytics for inclusionData and disadvantaged students - using learning analytics for inclusion
Data and disadvantaged students - using learning analytics for inclusion
 
The Assessment Journey
The Assessment JourneyThe Assessment Journey
The Assessment Journey
 
The Jisc UK ORCID consortium : Workshop 2
The Jisc UK ORCID consortium : Workshop 2The Jisc UK ORCID consortium : Workshop 2
The Jisc UK ORCID consortium : Workshop 2
 
Jisc UK ORCID Support: onboarding webinar
Jisc UK ORCID Support: onboarding webinarJisc UK ORCID Support: onboarding webinar
Jisc UK ORCID Support: onboarding webinar
 
Cyber Incident Response & Digital Forensics Lecture
Cyber Incident Response & Digital Forensics LectureCyber Incident Response & Digital Forensics Lecture
Cyber Incident Response & Digital Forensics Lecture
 
What makes a successful online learner?
What makes a successful online learner?What makes a successful online learner?
What makes a successful online learner?
 
Tracking research and research systems
Tracking research and research systemsTracking research and research systems
Tracking research and research systems
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
 
Connected health cities
Connected health citiesConnected health cities
Connected health cities
 

Similar to GDPR: More reasons for information security

The Policy Framework: GDPR and all that
The Policy Framework: GDPR and all thatThe Policy Framework: GDPR and all that
The Policy Framework: GDPR and all thatEUDAT
 
EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017Cliff Ashcroft
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Dione McBride, CISSP, CIPP/E
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis
 
Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Jisc
 
Data_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UKData_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UKSally Hunt
 
Privacy and Data Protection in Research
Privacy and Data Protection in ResearchPrivacy and Data Protection in Research
Privacy and Data Protection in ResearchMarlon Domingus
 
Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India SadanandGahivare
 
Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Agustin Argelich Casals
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2Paul Richards
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2Keith Purves
 
Impact on e-commerce of the GDPR- Etrade Summit 2016
Impact on e-commerce of the GDPR- Etrade Summit 2016Impact on e-commerce of the GDPR- Etrade Summit 2016
Impact on e-commerce of the GDPR- Etrade Summit 2016Bart Van Den Brande
 
Track H - Cristina Dos Santos
Track H - Cristina Dos SantosTrack H - Cristina Dos Santos
Track H - Cristina Dos SantosePSI Platform
 
GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.James Seville
 
An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchMarlon Domingus
 

Similar to GDPR: More reasons for information security (20)

The Policy Framework: GDPR and all that
The Policy Framework: GDPR and all thatThe Policy Framework: GDPR and all that
The Policy Framework: GDPR and all that
 
GDPR (En) JM Tyszka
GDPR (En) JM TyszkaGDPR (En) JM Tyszka
GDPR (En) JM Tyszka
 
EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017EU General Data Protection Regulation - Update 2017
EU General Data Protection Regulation - Update 2017
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
 
Employee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfEmployee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdf
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
 
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
Trivadis TechEvent 2016 Big Data Privacy and Security Fundamentals by Florian...
 
SAP Business One
SAP Business OneSAP Business One
SAP Business One
 
Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44Whats new in ict law - Networkshop44
Whats new in ict law - Networkshop44
 
Data_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UKData_Privacy_Protection_brochure_UK
Data_Privacy_Protection_brochure_UK
 
Privacy and Data Protection in Research
Privacy and Data Protection in ResearchPrivacy and Data Protection in Research
Privacy and Data Protection in Research
 
Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India
 
Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16Patricia Ayojedi V SCTC day Cloud 24 feb16
Patricia Ayojedi V SCTC day Cloud 24 feb16
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2
 
EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2EveryCloud_GDPR_Whitepaper_v2
EveryCloud_GDPR_Whitepaper_v2
 
Impact on e-commerce of the GDPR- Etrade Summit 2016
Impact on e-commerce of the GDPR- Etrade Summit 2016Impact on e-commerce of the GDPR- Etrade Summit 2016
Impact on e-commerce of the GDPR- Etrade Summit 2016
 
Track H - Cristina Dos Santos
Track H - Cristina Dos SantosTrack H - Cristina Dos Santos
Track H - Cristina Dos Santos
 
GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.
 
An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and research
 

More from Jisc

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 

More from Jisc (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 

Recently uploaded

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Recently uploaded (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

GDPR: More reasons for information security

  • 1. GDPR: More reasons for information security Andrew Cormack (@Janet_LegReg) 11/11/2016
  • 2. Existing reasons 11/11/2016 GDPR: More reasons for information security 2 Information Security Reliability Confidence Trust ReputationPolicy Workload etc
  • 3. General data protection regulation (GDPR) 2016/679 11/11/2016 GDPR: More reasons for information security 3 Personal data processing May 2018 » Almost certainly pre-Brexit » Services to EU people covered anyway Becomes UK law automatically
  • 4. GDPR supports proactive and reactive information security 11/11/2016 GDPR: More reasons for information security 4
  • 5. Breach notification Unauthorised/accidental loss, alteration, disclosure or access to personal data 11/11/2016 GDPR: More reasons for information security 5 All breaches » Document Risk to rights/freedoms » Report to ICO (72 hour expectation) » Nature; number/type of records/people affected; mitigations High risk to rights/freedoms » Also notify individuals (unless mitigated) » Can take ICO advice
  • 6. Security and incident response 11/11/2016 GDPR: More reasons for information security 6 Very like security good practice (paper currently with journal reviewers) “Ensuring network and information security … CSIRTs… providers of networks and services… ” (Rec.49) A legitimate interest… (for processing personal data) If necessary/proportionate… Balance of interests test…
  • 7. Other tools mentioned 11/11/2016 GDPR: More reasons for information security 7 Encryption » Mitigate damage from breaches Data protection by design Exercises » Test readiness » Assist complianceAuthorisation » Reduce riskPseudonyms
  • 8. New incentives 11/11/2016 GDPR: More reasons for information security 8 Security/incident response clearly lawful Increased public awareness Much bigger fines (€20M/4%) Damages, not just for monetary loss
  • 9. Opportunities to improve 11/11/2016 GDPR: More reasons for information security 9 Regulator guidance Lessons learned from breaches Compare public notifications NIS Directive => more sharing Cloud security standards etc.
  • 10. 12 steps 11/11/2016 GDPR: More reasons for information security 10 Information Commissioner’s Office, [Preparing for the GDPR, 14/3/16], licensed under the Open Government Licence
  • 11. Watch these spaces » ICO: › https://ico.org.uk/for-organisations/data-protection-reform/ » Regulation (2016/679/EU): › http://ji.sc/gdpr-text » Me: › http://ji.sc/dataprotection-regulation 11/11/2016 GDPR: More reasons for information security 11
  • 12. jisc.ac.uk One CastleparkTower Hill Bristol BS2 0JA customerservices@jisc.ac.uk T 020 3697 5800 Except where otherwise noted, this work is licensed under CC-BY-NC-ND Thanks Andrew Cormack Chief Regulatory Adviser, JiscTechnologies Andrew.Cormack@jisc.ac.uk 11/11/2016 GDPR: More reasons for information security 12

Editor's Notes

  1. ICO reckons “loss or inappropriate alteration of a staff telephone list” doesn’t normally require reporting https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/breach-notification/ Anything that “might leave them open to financial loss” goes to DS https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf
  2. Essential for breach notification Recognised by UK ICO Note Breyer ECJ case supports this under DPD too 
  3. Positive view of all of these
  4. Note ICO has already fined TalkTalk £400K under current £500K max for website open to SQL injection Representative bodies making claims could be a move towards class actions
  5. Children (Art 8) need clear information, additional rules if offering ISS directly to them (need to get consent from adult) DPIAs (Art 35) if high risk to rights and freedoms, e.g. automated monitoring with legal effects, large scale processing of SPD, systematic monitoring of public area on a large scale DPBD for all processing at design and implementation stages DPO (Art 37) for public bodies (?unis?), regular and systematic monitoring on a large scale, core activities processing SPD International: Reg applies to processing by European establishment *or* processing of Europeans’ data. So TNE probably is covered if you’re the DC