With its 173 recitals and 99 articles, Europe’s revision of the current Data Protection Directive (95/46/EC) into the General Data Protection Regulation (GDPR) induces a shift in the risk equation for data-fueled businesses because of the fines it allows (up to 4% of global turnover). It’s time to step up and understand what this means for your organizations, for your responsibilities as a data controller, and for the partners that support your data practices in light of the May 2018 deadline.
Aurélie Pols walks you through a “5+5 pillars” framework for GDPR readiness, explaining what the GDPR means to data-fueled businesses. You’ll learn how to attribute responsibility to assure compliance and build toward ethical data practices, minimizing risk for your company while fostering trust with your clients as you cover basic global privacy concepts to assure responsible data uses, enshrined within the revised OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data as well as the more US-based Fair Information Practice Principles. Aurélie pays particular attention to the territorial scope (art. 3) of the GDPR, helping you grasp how far your obligations might stretch and whether obligations such as appointing a DPO will be required. Along the way, you’ll explore considerations around personal data, PII, personal information, purpose, choice and consent, and privacy principles, such as lawfulness, fairness, and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability.
The 5+5 pillars of GDPR readiness:
Aurélie Pols is the chief visionary officer of Mind Your Group by Mind Your Privacy and teaches privacy and ethics at IE Business School in Madrid and Solvay Business School in Brussels. Aurélie designs data privacy best practices, documenting data flows in order to limit privacy backlashes and minimizing risk related to ever-increasing data uses while solving for data quality—the most accurate label would probably be "privacy engineer.” She used to follow the money to optimize data trails; now she follows the data to minimize increasing compliance and privacy risks and implement security best practices and ethical data use. Her mantra is: Data is the new oil; Privacy is the new green; Trust is the new currency. She has spent the past 15 years optimizing (digital) data-based decision-making processes. She also cofounded and successfully sold a startup to Digitas LBi (Publicis) and served as data governance and privacy advocate for leading data management platform (DMP) Krux Digital Inc. prior to its acquisition by Salesforce. Aurélie has spoken at various events all over the globe, including SXSW, Strata Data Conference, the IAPP’s Data Protection Congress, Webit, and eMetrics summits, and has written several whitepapers on data privacy and privacy engineering best practices. She is a member of the European Data Protection Supervisor’s (EDPS) Ethics Advisory Group (EAG), cochairs the IEEE’s P7002—Data Privacy Process standard initiative, and serves as a training advisor to the International Association of Privacy Professionals (IAPP).
Comments on this page are now closed.
©2018, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org