“GDPR, which will become law in May 2018, has been referred to as the greatest shake-up of privacy laws for more than a decade.”
Paul Hearns, Editor, TechPro magazine
TechFire’s three-part briefing series on the General Data Protection Regulations (GDPR) concluded on 20 September with a session focused on the question ‘How Do I Stay Safe?‘ and examined the ongoing compliance issues, from continuous monitoring and review to the developing role of the Data Protection Officer.
It also looked at the positives – there is not only an obligation but an opportunity. With compliance comes competitive advantage, as organisations can better utilise the data at their disposal, gain critical insights, and start to win new business.
TechPro editor Paul Hearns moderated the presentation and panel discussion.
Aoife Sexton, lawyer and privacy expert, founder of Frontier Privacy, explored the new relationships and interdependencies of supply chains in light of the regulation, and how existing service provider relationships might be affected, as well as other legal aspects of ongoing compliance.
Sarah Armstrong-Smith, engineer and management consultant, Fujitsu, discussed how users must be educated as to the consequences of non-compliance and why the regulations are necessary. Highlighting the fact that compliance is about more than technology, Armstrong-Smith said that people must know their contribution to the efforts, and its value too. In no doubt as to the value of compliance, Armstrong-Smith said that GDPR is not only an obligation but an opportunity.
Simon Nixon, director, Product Management, Veritas, neatly summarised GDPR obligations with three points.
GDPR in a nutshell:
- Get to grips with what you have and where it’s stored
- Data subjects have to be found to be forgotten
- What you keep you must protect
John Handley, senior programme manager, security governance and risk management, Symantec, used a series of scenarios to work out some of the security implications for organisations.
Tom Hulton, corporate compliance manager at An Post and also chairman of the Association of Data Protection Officers, he spoke not just about An Post’s own experience with GDPR, but also the myriad of new responsibilities coming down the tracks for IT professionals.
Click below for PDF copies of the presentations on the morning.
Corporate Compliance Manager, An Post
Tom Hulton is corporate compliance manager at An Post and also chairman of the Association of Data Protection Officers. With a strong background in corporate law, risk and audit, he will talk about An Post’s journey in GDPR, as well as providing a wider insights from data protection professionals.
Engineer & Management Consultant, Fujitsu
Sarah leads Fujitsu’s Continuity & Resilience practice. She is a business continuity and crisis management specialist which enables her to take a holistic and strategic view of enterprise risk. Her goal is to bridge the gap between the boardroom and the IT department, remembering that IT, however complex and expensive, is just an enabler to help achieve business objectives. She has a diploma in Business Continuity from Coventry University School of Disaster Management, is a Certified Information Privacy Manager; and has helped many organisations across the public and private sector to become more resilient and cyber aware.
Co-Founder & Director, Frontier Privacy
Aoife is a technology and data privacy lawyer with more than 20 years’ international experience, advising emerging and established Irish and international technology companies, particularly those offering data centric products/services such as data analytics, SaaS, cloud computing, and application developers.
She will explore the new relationships and interdependencies of supply chains in light of the regulation, and how existing service provider relationships might be affected, as well as other legal aspects of ongoing compliance.
Security Officer, Symantec
John Handley joined Symantec in summer 2014 as a Security Officer with a focus on bringing a holistic approach to Information Security, combining Thought Leadership with industry best practice and globally accepted standards. With experience in both Irish and global projects through BT, John has wide-ranging experience and has recently gained his MSc for Information Security thesis. He also holds a BSc (Hons) in Software Systems and has a range of significant security credentials:
CISSP (Certified Information Systems Security Professional)
CISA (Certified Information Systems Auditor)
CISM (Certified Information Security Manager)
CRISC (Certified in Risk and Information Systems Control)
CEH (Certified Ethical Hacker)
John will highlight the security concerns around GDPR, the possible risks and their mitigations.
Director Product Management Information Intelligence, Veritas
Simon will talk about maintaining compliance from an information management and information governance perspective, and their importance in providing data privacy.