GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud...
Transcript of GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud...
![Page 1: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/1.jpg)
Tiberiu CovaciFull stack tech lead, cloud architectin Canary Islands
With host Andrew BrustMarket Strategy Advisor, Io-TahoeCEO, Blue Badge Insights
GDPR: How European companies have moved towards compliance
![Page 2: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/2.jpg)
For external use
Speaker bios
2
Tiberiu Covaci• Seasoned tech lead in EU markets• Microsoft Regional Director• Cloud architect
Andrew Brust• Covers Big Data and analytics for ZDNet• Strategy Advisor to Io-Tahoe• Data-focused tech career started in 1985
![Page 3: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/3.jpg)
Level set: What is GDPR?
3
![Page 4: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/4.jpg)
For external use
GDPR facts and responsibilities
Effective
May25th2018Penalty:
€20M/$23.5M
or 4% of the
company’s total
global revenue
Most important
change in data
privacy regs in 20
years
DiscoverDiscover and understand both metadata and ‘hidden’, undocumented data across the entire
enterprise
1
2
3
Secure Data governance, security protocols, encrypting/masking, threat protection, data prevention,
policy compliance
DisposeDelete information, identify/consolidate redundant systems, sunset systems
4
![Page 5: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/5.jpg)
For external use
Entities and obligations
Data ControllerData Subject Data Processor Subprocessors
5
![Page 6: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/6.jpg)
For external use
Officers, authorities and boards
6
Data Protection Officer
Employed by Data Controller
Reports into highest leadership level
Must report breaches within 72 hours
Country-level authority(ies)
May set data protection regulations over and
above GDPR
Data Protection Authorities(DPAs)
EU-level governing authority
Comprised of DPA heads
Ensures consistent application of GDPR
European Data Protection Board (EDPB)
![Page 7: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/7.jpg)
For external use
How have European
companies approached GDPR
compliance?
![Page 8: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/8.jpg)
For external use
Previous obligations = current readiness
8
Lax or no previous regulations
Previous regsat national level
Ready for compliance
![Page 9: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/9.jpg)
For external use
Ambiguities
9
Law is general• Much left to interpretation• More specificity on non-compliance penalties than
compliance requirements
Self-assessment is key• And assurance from data processors…• …who may also be self-assessed
Dedication vs. “worry”Privacy by design?
![Page 10: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/10.jpg)
Cloud vs. on-premises
10
![Page 11: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/11.jpg)
For external use 11
Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner Cool Vendor
Io-Tahoe named Cool Vendor in Data Management, 2017Published: 28 April 2017 ID: G00326775
2017
![Page 12: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/12.jpg)
Thank you
12
![Page 13: GDPR: How European companies have moved towards compliance€¦ · Full stack tech lead, cloud architect in Canary Islands With host Andrew Brust Market ... GDPR: How European companies](https://reader034.fdocuments.in/reader034/viewer/2022042221/5ec7ed7621affb08671db335/html5/thumbnails/13.jpg)
This file is private and may contain confidential and proprietary information. If you have received this file in error, please notify us and remove it from your system, and note that you must not copy, distribute or take any action in reliance on it. Any unauthorized use or disclosure of the contents of this file is not permitted and may be unlawful. Io-Tahoe LLC, 111 Broadway, Suite 601, New York, NY 10006. www.io-tahoe.com
Io-Tahoe® is a registered trade mark of Centrica plc. © Io-Tahoe LLC 2018