SlideShare uma empresa Scribd logo

Best Practices to Create a Data Inventory and Meet GDPR Compliance [Webinar Slides]

TrustArc
TrustArc

Watch the FULL webinar on-demand w/ these slides at this link: https://info.truste.com/how-to-create-maintain-data-inventory-webinar.html Where’s your data? Understanding the data flows and data policies and procedures across the Company is the foundation of any privacy and data governance program and essential for GDPR compliance. This new regulatory requirement is forcing many companies to finally tackle this exercise head-on. Not sure where to start? Register now to watch this free on-demand webinar as our speakers: - shared their experiences in creating data inventories for a range of enterprises - provided tips and templates to help set you up for success - reviewed how the data inventory can be used by different teams including privacy, infosec, IT and risk and compliance. - showed the creation of simple data flow maps that can be easily maintained across the organization Watch this webinar to help you understand the tools, resources and methodology companies are using to establish a baseline of data assets and obligations and get on the fast track to GDPR compliance. Make sure to register NOW to watch the on-demand webinar: https://info.truste.com/how-to-create-maintain-data-inventory-webinar.html To register for upcoming other TRUSTe Webinars (upcoming/on-demand) visit: https://www.truste.com/events/privacy-insight-webinar-schedule/

Direito
1 de 16
Baixar para ler offline
1 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Best Practices to Create a Data Inventory & Meet GDPR Compliance January 24, 2017
2 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Today’s Speakers RAY EVERETT Principal Consultant (US), TRUSTe VERONIKA TONRY President, Privacy Know How, former Global Privacy Manager at Chevron and Applied Materials GUY SEREFF Corporate Counsel, Level 3 Communications
3 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 •Welcome & Introductions •Getting Started •Executing •Next Steps •Q&A Today’s Agenda
4 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Getting Started Scoping, Resourcing, Organizational Buy-In Guy Sereff, Corporate Counsel, Level 3 Communications
5 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Determine the organization’s objectives – Compliance with specific frameworks? – Developing a new Privacy Program? – Refreshing an existing Privacy Program? • Identify logical business units Scoping the Data Inventory Project
6 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Identify roles and responsibilities BEFORE any work begins – Project Manager – Business Unit Leads – Subject Matter Experts • Set realistic expectations for the level of effort required to complete the project Resourcing the Data Inventory Project
7 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Data Inventories can be used throughout the organization – Legal and regulatory compliance – Identification of application and storage redundancies – Guide for developing information security framework – Introduction or reinforcement of Privacy by Design concept for application lifecycles – Identification of new data types and uses • Compliance with GDPR is going to be difficult without a current Data Inventory – Privacy Impact Assessment requirements – Demonstrable compliance – Required data processing registries – Compliance requirements for wholly automated decision making – Data subject rights Organizational Buy-In
8 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Veronika Tonry, President, Privacy Know How Execution Discovery, Documentation, and Analysis
9 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 The key to a successful GDPR implementation
10 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Adapt the discovery to your company culture • Intake Process – Do your homework before you interview the organization – Be clear around expectations and define the terminology – Have examples of processes ready – Develop a methodology to execute efficiently • Document to identify risks and make decisions – Identify high risk processing and evaluate impact – Classify your data: Individual information elements + combined data sets – Develop action plans from the analysis and findings Best Practices
11 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Ray Everett, Principal Consultant, TRUSTe Next Steps Turn Findings into Action, Keeping a “Living” Inventory
12 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Inventory should point to many action items – High risk data elements – Data repositories that need monitoring, controls, policies – Access and External Transfers that need monitoring, controls, policies – Vendors/Partners requiring contractual language, reviews/audits, controls • Maps should point to processes that need regular scrutiny – Gaps in controls, policies – Processes that need new/periodic PIAs – Maps should identify vendors who need periodic audits • Inventory and Maps should also – Support the case for resourcing – Identify your Privacy Committee members Translating the Data Inventory into Action
13 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • “Institutionalize” your Map with a Privacy Committee – People ignore documents, they can’t (always) ignore a recurring meeting  – Privacy Committee agenda driven by action items, PIA reviews and Data Inventory updates • Inventory Drives Initial & Recurring Actions – Define and build support for action items – Review progress and results with the Privacy Committee • Integrate Data Map updates into PIA for products/services/vendors – “Bottom-up” updates – Changes to flows may ripple across organization in unexpected ways • Define a Cadence for Review/Refreshment – “Top-down” updates – Keep all stakeholders informed of strategic changes, impacts to their business units “Map Your Team, Team Up on Mapping”
14 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Questions?
15 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 For more information on Data Inventory examples, schedule a consultation: https://www.truste.com/business-products/privacy-consulting/data-inventory- and-classification/contact-us/ Ray Everett reverett@truste.com Veronika Tonry veronika@privacyknowhow.com Guy Sereff guy.sereff@level3.com Contacts
16 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Register now for the next webinar in our 2017 Winter/Spring Webinar Series on February 23 “Privacy Shield Self-Certification– What’s Next?” See http://www.truste.com/insightseries for the 2017 Privacy Insight Series and past webinar recordings. Thank You!

Recomendados

Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]TrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc
 

Recomendados

Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]
Profiling, Big Data & Consent Under the GDPR [TrustArc Webinar Slides]TrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...TrustArc
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesTrustArc
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceTrustArc
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfTrustArc
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...TrustArc
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsTrustArc
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsTrustArc
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...TrustArc
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdfTrustArc
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceTrustArc
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023TrustArc
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustTrustArc
 
The Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowThe Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowTrustArc
 
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdfTrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdfTrustArc
 
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?TrustArc
 
Why Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartWhy Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartTrustArc
 
Data Privacy Perspectives: Get Answers to Your Privacy Questions
Data Privacy Perspectives: Get Answers to Your Privacy QuestionsData Privacy Perspectives: Get Answers to Your Privacy Questions
Data Privacy Perspectives: Get Answers to Your Privacy QuestionsTrustArc
 
TrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc
 
TrustArc Webinar: 2023 Privacy Roadmap
TrustArc Webinar: 2023 Privacy RoadmapTrustArc Webinar: 2023 Privacy Roadmap
TrustArc Webinar: 2023 Privacy RoadmapTrustArc
 
Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxfilippoluciani9
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forRoger Valdez
 

Mais conteúdo relacionado

Mais de TrustArc

Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...TrustArc
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesTrustArc
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceTrustArc
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfTrustArc
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...TrustArc
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsTrustArc
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsTrustArc
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...TrustArc
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdfTrustArc
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceTrustArc
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023TrustArc
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustTrustArc
 
The Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowThe Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowTrustArc
 
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdfTrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdfTrustArc
 
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?TrustArc
 
Why Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartWhy Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartTrustArc
 
Data Privacy Perspectives: Get Answers to Your Privacy Questions
Data Privacy Perspectives: Get Answers to Your Privacy QuestionsData Privacy Perspectives: Get Answers to Your Privacy Questions
Data Privacy Perspectives: Get Answers to Your Privacy QuestionsTrustArc
 
TrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc
 
TrustArc Webinar: 2023 Privacy Roadmap
TrustArc Webinar: 2023 Privacy RoadmapTrustArc Webinar: 2023 Privacy Roadmap
TrustArc Webinar: 2023 Privacy RoadmapTrustArc
 

Mais de TrustArc (20)

Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 States
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy Compliance
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy Certifications
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI Governance
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
 
The Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowThe Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To Know
 
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdfTrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
TrustArc Webinar_ How Data Privacy Demands Impact Your Marketing Team.pdf
 
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?
TrustArc Webinar - Rise of Information Technology: How Does it Impact Privacy?
 
Why Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To StartWhy Your Company Needs A Privacy Culture & Where To Start
Why Your Company Needs A Privacy Culture & Where To Start
 
Data Privacy Perspectives: Get Answers to Your Privacy Questions
Data Privacy Perspectives: Get Answers to Your Privacy QuestionsData Privacy Perspectives: Get Answers to Your Privacy Questions
Data Privacy Perspectives: Get Answers to Your Privacy Questions
 
TrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA ComplianceTrustArc Webinar: DPIA Compliance
TrustArc Webinar: DPIA Compliance
 
TrustArc Webinar: 2023 Privacy Roadmap
TrustArc Webinar: 2023 Privacy RoadmapTrustArc Webinar: 2023 Privacy Roadmap
TrustArc Webinar: 2023 Privacy Roadmap
 

Último

Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxfilippoluciani9
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forRoger Valdez
 
Code_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptCode_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptJosephCanama
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentationKhushdeep Kaur
 
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptxKEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptxRRR Chambers
 
PowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxPowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxca2or2tx
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxelysemiller87
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxRRR Chambers
 
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理Airst S
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理bd2c5966a56d
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhaiShashankKumar441258
 
一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理Airst S
 
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxIBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxRRR Chambers
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYJulian Scutts
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersJillianAsdala
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategyJong Hyuk Choi
 
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理e9733fc35af6
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubham Wadhonkar
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...SUHANI PANDEY
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理Airst S
 

Último (20)

Human Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptxHuman Rights_FilippoLuciani diritti umani.pptx
Human Rights_FilippoLuciani diritti umani.pptx
 
Clarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo forClarifying Land Donation Issues Memo for
Clarifying Land Donation Issues Memo for
 
Code_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.pptCode_Ethics of_Mechanical_Engineering.ppt
Code_Ethics of_Mechanical_Engineering.ppt
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
 
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptxKEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
KEY NOTE- IBC(INSOLVENCY & BANKRUPTCY CODE) DESIGN- PPT.pptx
 
PowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptxPowerPoint - Legal Citation Form 1 - Case Law.pptx
PowerPoint - Legal Citation Form 1 - Case Law.pptx
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
 
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptxMOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
MOCK GENERAL MEETINGS (SS-2)- PPT- Part 2.pptx
 
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
 
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
6th sem cpc notes for 6th semester students samjhe. Padhlo bhai
 
一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理
 
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxIBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
 
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation StrategySmarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
Smarp Snapshot 210 -- Google's Social Media Ad Fraud & Disinformation Strategy
 
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
 
Shubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptxShubh_Burden of proof_Indian Evidence Act.pptx
Shubh_Burden of proof_Indian Evidence Act.pptx
 
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
Independent Call Girls Pune | 8005736733 Independent Escorts & Dating Escorts...
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
 

Best Practices to Create a Data Inventory and Meet GDPR Compliance [Webinar Slides]

  • 1. 1 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Best Practices to Create a Data Inventory & Meet GDPR Compliance January 24, 2017
  • 2. 2 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Today’s Speakers RAY EVERETT Principal Consultant (US), TRUSTe VERONIKA TONRY President, Privacy Know How, former Global Privacy Manager at Chevron and Applied Materials GUY SEREFF Corporate Counsel, Level 3 Communications
  • 3. 3 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 •Welcome & Introductions •Getting Started •Executing •Next Steps •Q&A Today’s Agenda
  • 4. 4 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Getting Started Scoping, Resourcing, Organizational Buy-In Guy Sereff, Corporate Counsel, Level 3 Communications
  • 5. 5 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Determine the organization’s objectives – Compliance with specific frameworks? – Developing a new Privacy Program? – Refreshing an existing Privacy Program? • Identify logical business units Scoping the Data Inventory Project
  • 6. 6 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Identify roles and responsibilities BEFORE any work begins – Project Manager – Business Unit Leads – Subject Matter Experts • Set realistic expectations for the level of effort required to complete the project Resourcing the Data Inventory Project
  • 7. 7 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Data Inventories can be used throughout the organization – Legal and regulatory compliance – Identification of application and storage redundancies – Guide for developing information security framework – Introduction or reinforcement of Privacy by Design concept for application lifecycles – Identification of new data types and uses • Compliance with GDPR is going to be difficult without a current Data Inventory – Privacy Impact Assessment requirements – Demonstrable compliance – Required data processing registries – Compliance requirements for wholly automated decision making – Data subject rights Organizational Buy-In
  • 8. 8 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Veronika Tonry, President, Privacy Know How Execution Discovery, Documentation, and Analysis
  • 9. 9 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 The key to a successful GDPR implementation
  • 10. 10 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Adapt the discovery to your company culture • Intake Process – Do your homework before you interview the organization – Be clear around expectations and define the terminology – Have examples of processes ready – Develop a methodology to execute efficiently • Document to identify risks and make decisions – Identify high risk processing and evaluate impact – Classify your data: Individual information elements + combined data sets – Develop action plans from the analysis and findings Best Practices
  • 11. 11 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Ray Everett, Principal Consultant, TRUSTe Next Steps Turn Findings into Action, Keeping a “Living” Inventory
  • 12. 12 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Inventory should point to many action items – High risk data elements – Data repositories that need monitoring, controls, policies – Access and External Transfers that need monitoring, controls, policies – Vendors/Partners requiring contractual language, reviews/audits, controls • Maps should point to processes that need regular scrutiny – Gaps in controls, policies – Processes that need new/periodic PIAs – Maps should identify vendors who need periodic audits • Inventory and Maps should also – Support the case for resourcing – Identify your Privacy Committee members Translating the Data Inventory into Action
  • 13. 13 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • “Institutionalize” your Map with a Privacy Committee – People ignore documents, they can’t (always) ignore a recurring meeting  – Privacy Committee agenda driven by action items, PIA reviews and Data Inventory updates • Inventory Drives Initial & Recurring Actions – Define and build support for action items – Review progress and results with the Privacy Committee • Integrate Data Map updates into PIA for products/services/vendors – “Bottom-up” updates – Changes to flows may ripple across organization in unexpected ways • Define a Cadence for Review/Refreshment – “Top-down” updates – Keep all stakeholders informed of strategic changes, impacts to their business units “Map Your Team, Team Up on Mapping”
  • 14. 14 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Questions?
  • 15. 15 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 For more information on Data Inventory examples, schedule a consultation: https://www.truste.com/business-products/privacy-consulting/data-inventory- and-classification/contact-us/ Ray Everett reverett@truste.com Veronika Tonry veronika@privacyknowhow.com Guy Sereff guy.sereff@level3.com Contacts
  • 16. 16 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Register now for the next webinar in our 2017 Winter/Spring Webinar Series on February 23 “Privacy Shield Self-Certification– What’s Next?” See http://www.truste.com/insightseries for the 2017 Privacy Insight Series and past webinar recordings. Thank You!