Data Privacy, Data Protection, and GDPR. What Does This Mean for Your Organisation?
Join the AIIM community for this exciting Virtual Event to learn what steps other organisations are taking NOW in preparation for data protection – not only for this EU regulation, but for long-term data protection.
In North America, the event runs from 6am - 10am EDT.
A Sneak Peak at Our Agenda... (all times are British Summer Time [GMT])
11:00am - 11:20am Keynote Session: GDPR: A Real World View
In May of 2018, the General Data Protection Regulation (GDPR) will go into force. The intention of GDPR is to strengthen and unify data protection for all individuals within the European Union (EU). As with most regulations of this type, the impact to business organizations extends beyond those based in the EU, to any business transacting business within the EU. In short, GDPR has an international impact on how businesses manage and protect their information and data assets. Lack of compliance could lead to significant sanctions of up to 4% of worldwide turnover, based on the previous financial year. This session is intended to assess the general readiness of business organizations in relation to meeting the compliance requirements of GDPR, as we approach the May 2018 deadline.
11:22am - 11:37am EU’s General Data Protection Regulation: How will this impact how you manage information in your organization?
According to AIIM research, 6% of respondents say they are fully prepared for GDPR; 23% feel they will be fully prepared – which means a lot of organisations around the world have a ways to go. In this session, we’ll break down what you most need to know about GDPR and the most important steps you need to take to prepare. Tick tock – May 2018 will be here sooner than you think!
11:39am - 11:54am Top 5 Questions Lawyers and General Counsel Are Being Asked
In this session, we’ll hear from a partner in the London office of a European law firm, specialising in data protection and information law. She’ll share the top things she’s being asked about GDPR.
11:56am - 12:11pm Top 3 GDPR Myths – and how to deal with them
GDPR is a well-defined regulation, but understanding the regulation and implementing it within a business is often harder to plot. Making this task even harder are a serious of misconceptions, or myths, around GDPR. In this session, we’ll share the top 3 GDPR myths, and explain how to avoid them. We will offer tips on how to determine what YOUR organisation’s key challenges are, and learn ways to prioritise tasks to develop a response plan right for you.
12:13pm - 12:28pm Compliance by Design & Default: The case for a centralized information repository
Much of the collection of personal data that binds directly or indirectly to an individual is static. A centralized repository is an ideal option to embrace “privacy by default”, ensuring the location and quality of data, assisting those accountable for the data, and providing the controls being applied to that data and content while still enabling analytics and reporting. Additionally, it facilitates personal data protection, portability and the data subject’s right to be ‘forgotten’.
12:30pm - 12:45pm A Process-based Approach to GDPR: Lowering the Risk While Keeping It Simple
GDPR is looming and most organizations still haven't taken the first steps toward ensuring compliance. There's a lot of noise and a fair amount of confusion around the topic, so relying on core principles and best practices provides a clear way forward to developing a straightforward and defensible information governance framework to support GDPR compliance prior to the regulation coming into force next year. This session will explore best practices with roots in quality management that consist of simple to implement and track standard operating procedures (SOP) and processes. Perfect compliance is not the goal; the goal is to put in place an easy to implement system of processes and procedures that prove that your organization is diligently following accepted best practices to comply. This includes simple, automated processes for identifying, responding to and correcting any area of non-compliance. Auditability is built in from the ground up. The result is that risk plummets, not only because the chances of non-compliance are minimized, but also because the organization can show and easily prove to auditing authorities that they have a robust and disciplined approach to information governance in general, and to GDPR specifically.
12:47pm - 1:02pm How to Prepare for Data Security Breaches
According to AIIM research, 31% of respondents cite data loss or exposure due to staff negligence or bad practices in the last 12 months; 14% of respondents report exposure or loss of Personally Identifiable Information (PII) on customers or citizens due to data breaches. Yikes! In this session, you’ll learn what you need to do to protect your data to start. You’ll also learn how to put in place clear policies and well-practised procedures to ensure that you can react quickly to any data breach and notify in time where required.
1:02pm - 1:13pm Break
1:15pm - 1:30pm What are we storing? How to Conduct an Information Audit of Personal Data and Content and Form an Action Plan
A comprehensive information audit to identify personal data across all formats - physical records, digital content and line of business application data - is essential for GDPR readiness and compliance. In identifying and profiling personal data you can ensure that it is processed in a secure and compliant manner. It enables the assessment of processing rationale as well as confidentiality, integrity, availability, resilience, retention and disposal aspects. It will also enable an organisation to meet the obligation to maintain records of processing activities under GDPR. This session will cover the scope and objectives of an information audit, the data to be gathered and the process to be followed.
1:32pm - 1:47pm Get Doing Privacy Right now! A case study in implementing GDPR for a global services organization
Knowing what GDPR is and how it effects your organisation are only the first steps to achieving compliance. Organisations must take concrete steps to operationalize the management of processes, stakeholders and information sources that relate to GDPR. Using a case study, Metataxis will describe an overall approach to achieving practical GDPR compliance with the implementation of Active Navigation's file analysis platform. This approach not only delivers short term compliance, but sustained compliance over time, while delivering information management and governance benefits.
1:49pm - 2:04pm The Minimum You Need to Do before GDPR Goes Live: 4 P’s of GDPR Readiness
Being ready for the GDPR takes time and planning and staying in compliance is over time requires considerable attention and supervision. At ASG, we’ve grouped these into the 4 P’s of GDPR readiness. No, not product, price, promotion, placement but Preparation, Production, Performance and Persistence. Ready for “go live”’ takes considerable preparation across the data the organization has captured and the processes it runs. A complete review of everything in order to identify and understand personal data under management is critical. Yet, organizations must also be ready to manage productions that captures consent of data subjects and the applications that process this data. Performance refers to the review and oversight that must take place as the organization is made audit ready. Finally, any organization must have the persistence and the needed reports and monitoring in place to assure compliance over the long term. While preparation of the data estate may seem the most obvious requirement for “GDPR go live” in fact, organizations must be ready across the entire spectrum of compliance related tasks.
2:06pm - 2:21pm EU’s General Data Protection Regulation: How will this impact how you manage information in your organization?
Join our Information Management experts for a virtual event all about GDPR. Here, they will offer a detailed guide on ways to future-proof your business, and achieve GDPR compliance.
Take a look at our GDPR resources we've put together in one convenient location. Cases studies, white papers, webinars and infographics - all there for you to download and be inspired by.
Active Navigation (activenavigation.com) is the leading file analysis technology provider, facilitating compliance with GDPR by helping our clients to analyse, clean, and classify their data. Metataxis (metataxis.com) is an independent consultancy specialising in information management, governance and architecture services. We help companies manage and leverage their data, for GDPR & beyond.