SlideShare a Scribd company logo

Come cambia la cybersecurity con il regolamento privacy europeo

Giulio Coraggio
Giulio Coraggio

Il regolamento privacy europeo (GDPR) richiede di adottare un nuovo approccio in materia di cyber security a causa del rischio di sanzioni e gli obblighi regolatori applicabili

Law
1 of 23
1 #PrivacyMatters e come il regolamento europeo sui dati personali dovrà cambiare l’approccio alla cyber security Giulio Coraggio Partner - DLA Piper Studio Legale Head of Technology Sector and Global Internet of Things Group giulio.coraggio@dlapiper.com @GiulioCoraggio
la grande “onda” del regolamento privacy sta arrivando…
periodo di conservazione diritto di reclamo base giuridica del trattamento diritto alla portabilità dei dati Registro dei trattamenti la mappatura dei dati deve essere costante
bisogna controllare chi tratta i dati per voi? agenti
l’intera organizzazione aziendale deve cambiare… #PrivacyMatters
e siamo nel bel mezzo della sfida della digitalizzazione
e la parola magica è “profilazione”
dovete crearvi una difesa
il data protection officer non può essere il solo garante interno della privacy
Right to be forgotten e come massimizzarne i benefici?
e siete obbligati a proteggere i dati con misure di sicurezza “appropriate”
e in caso di “data breach”
Privacy by design e by default Security by design Privacy impact assessment Policy interne privacy e cyber risk Data protection officer Polizza assicurativa cyber risk ci sono gli strumenti per proteggersi
#PrivacyMatters prepariamoci al regolamento privacy europeo
1. Mappatura
2. Valutazione Report section Department / team Issue Inherent risk score Action 1.04 Entire business Data sharing takes place around the Group but there is no evidence that this is undertaken on particular terms or that related information is logged or recorded in any way. 20 Ensure all data sharing is clearly tracked through a central privacy clearing team, and regulated under an intra-group data transfer agreement which sets out clear rules and restrictions for onward use and secure processing. If there are processes or agreements in place, refresh these to ensure that all entities, locations, systems and data types are covered. 1.05 Entire business Data sharing with third parties routinely occurs, but disclosures do not appear to be logged or recorded. 20 Develop a data sharing protocol to regulate transfer / receipt of data with third parties. This should be supported by guidance on the contractual safeguards that you expect to be in place to provide assurance that third parties receiving data will only use it for limited purposes prescribed, with the information returned or destroyed at the end of the engagement or when it is no longer needed (whichever is the sooner) and that they understand the3.03 E-commerce Insurance information is stored on separate servers that appear to be more widely accessible by wider business teams. 12 Ensure means of transfer are secure when transferring data within the business or to a third party and that the data is then handled appropriately once received. Gap Analisys report Action plan A. Employee data: recruitment and selection of staff No. Issue What you should be doing to meet baseline GDPR position What you are doing / recommended actions Risk / Impact A1 Fair processing notice You should limit the personal data you collect from application forms etc to the fields necessary to allow you to select staff, carry out any necessary vetting (see below), populating initial e m p l o y m e n t r e c o r d s , registering with relevant tax authorities and checking their immigration status where necessary (or holding this on record for checks to [ Yo u r o u t i n e l y c o l l e c t personal data from potential recruits to support the selection process but you do not present recruits with a standard form privacy policy in the application process] ACTION : [e.g. Prepare standard privacy policy for new r e c r u i t s . I n c o r p o r a t e reference to the policy into Impact - significant Likelihood - likely
3.Cancellazione
Privacy by design e by default Security by design Privacy impact assessment Policy interne privacy e cyber risk Data protection officer Polizza assicurativa cyber risk 4.Attuazione
5.Monitoraggio è un continuo “work in progress”
#PrivacyMatters Giulio Coraggio Partner - DLA Piper Head of Technology Sector and Global Internet of Things Group giulio.coraggio@dlapiper.com @GiulioCoraggio

Recommended

Wearable technologies, privacy and intellectual property rights
Wearable technologies, privacy and intellectual property rightsWearable technologies, privacy and intellectual property rights
Wearable technologies, privacy and intellectual property rightsGiulio Coraggio
 
Wearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemWearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemGiulio Coraggio
 
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...#Privacy Matters - Come il regolamento privacy europeo da un problema può div...
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...Giulio Coraggio
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
GDPR changes affect direct marketing
GDPR changes affect direct marketingGDPR changes affect direct marketing
GDPR changes affect direct marketingSpotler
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]TrustArc
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerCapgemini
 
Developer view on new EU privacy legislation (GDPR)
Developer view on new EU privacy legislation (GDPR)Developer view on new EU privacy legislation (GDPR)
Developer view on new EU privacy legislation (GDPR)Exove
 

Recommended

Wearable technologies, privacy and intellectual property rights
Wearable technologies, privacy and intellectual property rightsWearable technologies, privacy and intellectual property rights
Wearable technologies, privacy and intellectual property rightsGiulio Coraggio
 
Wearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemWearable technologies and remote patient remote monitoring system
Wearable technologies and remote patient remote monitoring systemGiulio Coraggio
 
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...#Privacy Matters - Come il regolamento privacy europeo da un problema può div...
#Privacy Matters - Come il regolamento privacy europeo da un problema può div...Giulio Coraggio
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...Ulf Mattsson
 
GDPR changes affect direct marketing
GDPR changes affect direct marketingGDPR changes affect direct marketing
GDPR changes affect direct marketingSpotler
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]TrustArc
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerCapgemini
 
Developer view on new EU privacy legislation (GDPR)
Developer view on new EU privacy legislation (GDPR)Developer view on new EU privacy legislation (GDPR)
Developer view on new EU privacy legislation (GDPR)Exove
 
Payroll Data & GDPR: What you need to know?
Payroll Data & GDPR: What you need to know?Payroll Data & GDPR: What you need to know?
Payroll Data & GDPR: What you need to know?BrightPay Payroll and Auto Enrolment Software
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPRPaul O'Carroll
 
GDPR Workshop
GDPR WorkshopGDPR Workshop
GDPR WorkshopCurt Lewis
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Karina Matos
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processingTim Gough
 
How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...Giulio Coraggio
 
Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Trish McGinity, CCSK
 
GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing MindsetNetworkIQ
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data GovernanceDATUM LLC
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Sagara Gunathunga
 
GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...Ardoq
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role HackerOne
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacyrajab ssemwogerere
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
GDPR Jan 2018 1
GDPR Jan 2018 1GDPR Jan 2018 1
GDPR Jan 2018 1Jason Chapman
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Kimberly Simon MBA
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uaeRishalHalid1
 
Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceDave James
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsSarah Fane
 

More Related Content

What's hot

Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPRPaul O'Carroll
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Karina Matos
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processingTim Gough
 
How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...Giulio Coraggio
 
Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Trish McGinity, CCSK
 
GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing MindsetNetworkIQ
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data GovernanceDATUM LLC
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataUlf Mattsson
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Sagara Gunathunga
 
GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...Ardoq
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role HackerOne
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) Kimberly Simon MBA
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uaeRishalHalid1
 

What's hot (20)

Payroll Data & GDPR: What you need to know?
Payroll Data & GDPR: What you need to know?Payroll Data & GDPR: What you need to know?
Payroll Data & GDPR: What you need to know?
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
 
GDPR Workshop
GDPR WorkshopGDPR Workshop
GDPR Workshop
 
DAMA Ireland - GDPR
DAMA Ireland - GDPRDAMA Ireland - GDPR
DAMA Ireland - GDPR
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Building a register of data processing
Building a register of data processingBuilding a register of data processing
Building a register of data processing
 
How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...How privacy by design can be the key of your success at the time of the digit...
How privacy by design can be the key of your success at the time of the digit...
 
Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17
 
GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing Mindset
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance
 
Cross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive dataCross border - off-shoring and outsourcing privacy sensitive data
Cross border - off-shoring and outsourcing privacy sensitive data
 
Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019 Privacy by Design as a system design strategy - EIC 2019
Privacy by Design as a system design strategy - EIC 2019
 
GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...GDPR From the Trenches - Real-world examples of how companies are approaching...
GDPR From the Trenches - Real-world examples of how companies are approaching...
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 
GDPR Jan 2018 1
GDPR Jan 2018 1GDPR Jan 2018 1
GDPR Jan 2018 1
 
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
Ardoq in Edinburgh - Events - Building Resilience in a Post-GDPR World (14-au...
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
Data privacy and security in uae
Data privacy and security in uaeData privacy and security in uae
Data privacy and security in uae
 

Similar to Come cambia la cybersecurity con il regolamento privacy europeo

Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceDave James
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsSarah Fane
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessSirius
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. dan hyde
 
GDPR for marketers
GDPR for marketersGDPR for marketers
GDPR for marketersMapp Digital
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Keep Calm and GDPR
Keep Calm and GDPRKeep Calm and GDPR
Keep Calm and GDPRMissMarvel70
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
GDPR READY SOLUTION FOR UNSTRUCTURED DATA
GDPR READY SOLUTION FOR UNSTRUCTURED DATAGDPR READY SOLUTION FOR UNSTRUCTURED DATA
GDPR READY SOLUTION FOR UNSTRUCTURED DATAXeniT Solutions nv
 
The Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t knowThe Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t knowSymantec
 
Privacy as a Career
Privacy as a CareerPrivacy as a Career
Privacy as a CareerDaviesParker
 
Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)Gerson Trigueiros
 
The GDPR - A data revolution
The GDPR - A data revolutionThe GDPR - A data revolution
The GDPR - A data revolutionDan Brookman
 
The implications of gdpr for the solutions industry tatech 2018
The implications of gdpr for the solutions industry tatech 2018The implications of gdpr for the solutions industry tatech 2018
The implications of gdpr for the solutions industry tatech 2018Shane Gray
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderSymantec
 
GDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation ChecklistGDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation ChecklistNetworkIQ
 
The Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationThe Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationJake DiMare
 

Similar to Come cambia la cybersecurity con il regolamento privacy europeo (20)

Convince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR complianceConvince your board - Ten steps to GDPR compliance
Convince your board - Ten steps to GDPR compliance
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR. A Brave New World Of Data Protection. Ready? Counting down to GDPR.
A Brave New World Of Data Protection. Ready? Counting down to GDPR.
 
GDPR for marketers
GDPR for marketersGDPR for marketers
GDPR for marketers
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Keep Calm and GDPR
Keep Calm and GDPRKeep Calm and GDPR
Keep Calm and GDPR
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
 
GDPR: Time to Act
GDPR: Time to ActGDPR: Time to Act
GDPR: Time to Act
 
EENA2019: Track2 session3 Impact of GDPR on public safety organisations by M...
EENA2019: Track2 session3 Impact of GDPR on public safety organisations by M...EENA2019: Track2 session3 Impact of GDPR on public safety organisations by M...
EENA2019: Track2 session3 Impact of GDPR on public safety organisations by M...
 
GDPR READY SOLUTION FOR UNSTRUCTURED DATA
GDPR READY SOLUTION FOR UNSTRUCTURED DATAGDPR READY SOLUTION FOR UNSTRUCTURED DATA
GDPR READY SOLUTION FOR UNSTRUCTURED DATA
 
The Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t knowThe Evolution of Data Privacy: 3 things you didn’t know
The Evolution of Data Privacy: 3 things you didn’t know
 
Privacy as a Career
Privacy as a CareerPrivacy as a Career
Privacy as a Career
 
Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)Eu data protection regulations (point-of-view)
Eu data protection regulations (point-of-view)
 
The GDPR - A data revolution
The GDPR - A data revolutionThe GDPR - A data revolution
The GDPR - A data revolution
 
The implications of gdpr for the solutions industry tatech 2018
The implications of gdpr for the solutions industry tatech 2018The implications of gdpr for the solutions industry tatech 2018
The implications of gdpr for the solutions industry tatech 2018
 
The Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To ConsiderThe Evolution of Data Privacy: 3 Things You Need To Consider
The Evolution of Data Privacy: 3 Things You Need To Consider
 
GDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation ChecklistGDPR 9 Step SIEM Implementation Checklist
GDPR 9 Step SIEM Implementation Checklist
 
GDPR How to get started?
GDPR How to get started?GDPR How to get started?
GDPR How to get started?
 
The Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection RegulationThe Meaning and Impact of the General Data Protection Regulation
The Meaning and Impact of the General Data Protection Regulation
 

More from Giulio Coraggio

Come conformarsi al Regolamento DORA sulla cybersecurity
Come conformarsi al Regolamento DORA sulla cybersecurityCome conformarsi al Regolamento DORA sulla cybersecurity
Come conformarsi al Regolamento DORA sulla cybersecurityGiulio Coraggio
 
Infografica sulle 5 regole privacy per i programmi di fidelizzazione
Infografica sulle 5 regole privacy per i programmi di fidelizzazioneInfografica sulle 5 regole privacy per i programmi di fidelizzazione
Infografica sulle 5 regole privacy per i programmi di fidelizzazioneGiulio Coraggio
 
Direttiva NIS2 - Nuovi obblighi legali di cybersecurity
Direttiva NIS2 - Nuovi obblighi legali di cybersecurityDirettiva NIS2 - Nuovi obblighi legali di cybersecurity
Direttiva NIS2 - Nuovi obblighi legali di cybersecurityGiulio Coraggio
 
Decreti di adeguamento ai regolamenti MDR e IVDR
Decreti di adeguamento ai regolamenti MDR e IVDRDecreti di adeguamento ai regolamenti MDR e IVDR
Decreti di adeguamento ai regolamenti MDR e IVDRGiulio Coraggio
 
Nuove normativa sulla accessibilità applicabili a qualsiasi sito web
Nuove normativa sulla accessibilità applicabili a qualsiasi sito webNuove normativa sulla accessibilità applicabili a qualsiasi sito web
Nuove normativa sulla accessibilità applicabili a qualsiasi sito webGiulio Coraggio
 
New Italian rules on accessibility of websites
New Italian rules on accessibility of websitesNew Italian rules on accessibility of websites
New Italian rules on accessibility of websitesGiulio Coraggio
 
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022Giulio Coraggio
 
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenzeDOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenzeGiulio Coraggio
 
Good practices and common pitfalls on advertising of medical devices in Italy
Good practices and common pitfalls on advertising of medical devices in ItalyGood practices and common pitfalls on advertising of medical devices in Italy
Good practices and common pitfalls on advertising of medical devices in ItalyGiulio Coraggio
 
Le modifiche del Codice del Consumo, come impattano sulle aziende
Le modifiche del Codice del Consumo, come impattano sulle aziendeLe modifiche del Codice del Consumo, come impattano sulle aziende
Le modifiche del Codice del Consumo, come impattano sulle aziendeGiulio Coraggio
 
Good practices and common pitfalls on advertising of tobacco products in Italy
Good practices and common pitfalls on advertising of tobacco products in ItalyGood practices and common pitfalls on advertising of tobacco products in Italy
Good practices and common pitfalls on advertising of tobacco products in ItalyGiulio Coraggio
 
Good practices and common pitfalls on advertising of alcoholic products in Italy
Good practices and common pitfalls on advertising of alcoholic products in ItalyGood practices and common pitfalls on advertising of alcoholic products in Italy
Good practices and common pitfalls on advertising of alcoholic products in ItalyGiulio Coraggio
 
Good practices and common pitfalls on advertising of medicines in Italy
Good practices and common pitfalls on advertising of medicines in ItalyGood practices and common pitfalls on advertising of medicines in Italy
Good practices and common pitfalls on advertising of medicines in ItalyGiulio Coraggio
 
Good practices and common pitfalls on advertising of cosmetics in Italy
Good practices and common pitfalls on advertising of cosmetics in ItalyGood practices and common pitfalls on advertising of cosmetics in Italy
Good practices and common pitfalls on advertising of cosmetics in ItalyGiulio Coraggio
 
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...Giulio Coraggio
 
Italian Gambling Advertising Ban – Don'ts and Do's
Italian Gambling Advertising Ban – Don'ts and Do'sItalian Gambling Advertising Ban – Don'ts and Do's
Italian Gambling Advertising Ban – Don'ts and Do'sGiulio Coraggio
 
Good practices and common pitfalls on ESG advertising in Italy
Good practices and common pitfalls on ESG advertising in ItalyGood practices and common pitfalls on ESG advertising in Italy
Good practices and common pitfalls on ESG advertising in ItalyGiulio Coraggio
 
Come gestire gli obblighi privacy di un attacco ransomware
Come gestire gli obblighi privacy di un attacco ransomwareCome gestire gli obblighi privacy di un attacco ransomware
Come gestire gli obblighi privacy di un attacco ransomwareGiulio Coraggio
 
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...Giulio Coraggio
 
Come gestire un data breach da attacco ransomware
Come gestire un data breach da attacco ransomwareCome gestire un data breach da attacco ransomware
Come gestire un data breach da attacco ransomwareGiulio Coraggio
 

More from Giulio Coraggio (20)

Come conformarsi al Regolamento DORA sulla cybersecurity
Come conformarsi al Regolamento DORA sulla cybersecurityCome conformarsi al Regolamento DORA sulla cybersecurity
Come conformarsi al Regolamento DORA sulla cybersecurity
 
Infografica sulle 5 regole privacy per i programmi di fidelizzazione
Infografica sulle 5 regole privacy per i programmi di fidelizzazioneInfografica sulle 5 regole privacy per i programmi di fidelizzazione
Infografica sulle 5 regole privacy per i programmi di fidelizzazione
 
Direttiva NIS2 - Nuovi obblighi legali di cybersecurity
Direttiva NIS2 - Nuovi obblighi legali di cybersecurityDirettiva NIS2 - Nuovi obblighi legali di cybersecurity
Direttiva NIS2 - Nuovi obblighi legali di cybersecurity
 
Decreti di adeguamento ai regolamenti MDR e IVDR
Decreti di adeguamento ai regolamenti MDR e IVDRDecreti di adeguamento ai regolamenti MDR e IVDR
Decreti di adeguamento ai regolamenti MDR e IVDR
 
Nuove normativa sulla accessibilità applicabili a qualsiasi sito web
Nuove normativa sulla accessibilità applicabili a qualsiasi sito webNuove normativa sulla accessibilità applicabili a qualsiasi sito web
Nuove normativa sulla accessibilità applicabili a qualsiasi sito web
 
New Italian rules on accessibility of websites
New Italian rules on accessibility of websitesNew Italian rules on accessibility of websites
New Italian rules on accessibility of websites
 
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
Un altro anno di GDPR: analizziamolo sulla base del survey del IPTT per il 2022
 
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenzeDOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
DOP, Marchi Collettivi e Marchi Storici: forme di tutela delle eccellenze
 
Good practices and common pitfalls on advertising of medical devices in Italy
Good practices and common pitfalls on advertising of medical devices in ItalyGood practices and common pitfalls on advertising of medical devices in Italy
Good practices and common pitfalls on advertising of medical devices in Italy
 
Le modifiche del Codice del Consumo, come impattano sulle aziende
Le modifiche del Codice del Consumo, come impattano sulle aziendeLe modifiche del Codice del Consumo, come impattano sulle aziende
Le modifiche del Codice del Consumo, come impattano sulle aziende
 
Good practices and common pitfalls on advertising of tobacco products in Italy
Good practices and common pitfalls on advertising of tobacco products in ItalyGood practices and common pitfalls on advertising of tobacco products in Italy
Good practices and common pitfalls on advertising of tobacco products in Italy
 
Good practices and common pitfalls on advertising of alcoholic products in Italy
Good practices and common pitfalls on advertising of alcoholic products in ItalyGood practices and common pitfalls on advertising of alcoholic products in Italy
Good practices and common pitfalls on advertising of alcoholic products in Italy
 
Good practices and common pitfalls on advertising of medicines in Italy
Good practices and common pitfalls on advertising of medicines in ItalyGood practices and common pitfalls on advertising of medicines in Italy
Good practices and common pitfalls on advertising of medicines in Italy
 
Good practices and common pitfalls on advertising of cosmetics in Italy
Good practices and common pitfalls on advertising of cosmetics in ItalyGood practices and common pitfalls on advertising of cosmetics in Italy
Good practices and common pitfalls on advertising of cosmetics in Italy
 
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
Infografica - Misure di protezione CSIRT contro rischi di cyber derivanti dal...
 
Italian Gambling Advertising Ban – Don'ts and Do's
Italian Gambling Advertising Ban – Don'ts and Do'sItalian Gambling Advertising Ban – Don'ts and Do's
Italian Gambling Advertising Ban – Don'ts and Do's
 
Good practices and common pitfalls on ESG advertising in Italy
Good practices and common pitfalls on ESG advertising in ItalyGood practices and common pitfalls on ESG advertising in Italy
Good practices and common pitfalls on ESG advertising in Italy
 
Come gestire gli obblighi privacy di un attacco ransomware
Come gestire gli obblighi privacy di un attacco ransomwareCome gestire gli obblighi privacy di un attacco ransomware
Come gestire gli obblighi privacy di un attacco ransomware
 
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...
Intelligenza artificiale: le sue potenzialità, la bozza di regolamento UE e r...
 
Come gestire un data breach da attacco ransomware
Come gestire un data breach da attacco ransomwareCome gestire un data breach da attacco ransomware
Come gestire un data breach da attacco ransomware
 

Recently uploaded

如何办理美国波士顿大学(BU)毕业证学位证书
如何办理美国波士顿大学(BU)毕业证学位证书如何办理美国波士顿大学(BU)毕业证学位证书
如何办理美国波士顿大学(BU)毕业证学位证书Fir L
 
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书 如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书Sir Lt
 
Cleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson
 
Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaNafiaNazim
 
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptFINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptjudeplata
 
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书SD DS
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书SD DS
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》o8wvnojp
 
A Short-ppt on new gst laws in india.pptx
A Short-ppt on new gst laws in india.pptxA Short-ppt on new gst laws in india.pptx
A Short-ppt on new gst laws in india.pptxPKrishna18
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书Fs Las
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书SD DS
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxAbhishekchatterjee248859
 
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfWhy Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfMilind Agarwal
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书SS A
 
Offences against property (TRESPASS, BREAKING
Offences against property (TRESPASS, BREAKINGOffences against property (TRESPASS, BREAKING
Offences against property (TRESPASS, BREAKINGPRAKHARGUPTA419620
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesHome Tax Saver
 
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书Fs Las
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix
 

Recently uploaded (20)

如何办理美国波士顿大学(BU)毕业证学位证书
如何办理美国波士顿大学(BU)毕业证学位证书如何办理美国波士顿大学(BU)毕业证学位证书
如何办理美国波士顿大学(BU)毕业证学位证书
 
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书 如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
如何办理(MSU文凭证书)密歇根州立大学毕业证学位证书
 
Cleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson's Commitment to Service
Cleades Robinson's Commitment to Service
 
Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in India
 
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptFINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
 
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
 
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
 
A Short-ppt on new gst laws in india.pptx
A Short-ppt on new gst laws in india.pptxA Short-ppt on new gst laws in india.pptx
A Short-ppt on new gst laws in india.pptx
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
 
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptxPOLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
 
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfWhy Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
 
Old Income Tax Regime Vs New Income Tax Regime
Old Income Tax Regime Vs New Income Tax RegimeOld Income Tax Regime Vs New Income Tax Regime
Old Income Tax Regime Vs New Income Tax Regime
 
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书 一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书
 
Offences against property (TRESPASS, BREAKING
Offences against property (TRESPASS, BREAKINGOffences against property (TRESPASS, BREAKING
Offences against property (TRESPASS, BREAKING
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 
Key Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax RatesKey Factors That Influence Property Tax Rates
Key Factors That Influence Property Tax Rates
 
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
 
John Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A HistoryJohn Hustaix - The Legal Profession: A History
John Hustaix - The Legal Profession: A History
 

Come cambia la cybersecurity con il regolamento privacy europeo

  • 1. 1 #PrivacyMatters e come il regolamento europeo sui dati personali dovrà cambiare l’approccio alla cyber security Giulio Coraggio Partner - DLA Piper Studio Legale Head of Technology Sector and Global Internet of Things Group giulio.coraggio@dlapiper.com @GiulioCoraggio
  • 2. la grande “onda” del regolamento privacy sta arrivando…
  • 3.
  • 4.
  • 5. periodo di conservazione diritto di reclamo base giuridica del trattamento diritto alla portabilità dei dati Registro dei trattamenti la mappatura dei dati deve essere costante
  • 6. bisogna controllare chi tratta i dati per voi? agenti
  • 7. l’intera organizzazione aziendale deve cambiare… #PrivacyMatters
  • 8. e siamo nel bel mezzo della sfida della digitalizzazione
  • 9. e la parola magica è “profilazione”
  • 11. il data protection officer non può essere il solo garante interno della privacy
  • 12. Right to be forgotten e come massimizzarne i benefici?
  • 13. e siete obbligati a proteggere i dati con misure di sicurezza “appropriate”
  • 14.
  • 15. e in caso di “data breach”
  • 16. Privacy by design e by default Security by design Privacy impact assessment Policy interne privacy e cyber risk Data protection officer Polizza assicurativa cyber risk ci sono gli strumenti per proteggersi
  • 19. 2. Valutazione Report section Department / team Issue Inherent risk score Action 1.04 Entire business Data sharing takes place around the Group but there is no evidence that this is undertaken on particular terms or that related information is logged or recorded in any way. 20 Ensure all data sharing is clearly tracked through a central privacy clearing team, and regulated under an intra-group data transfer agreement which sets out clear rules and restrictions for onward use and secure processing. If there are processes or agreements in place, refresh these to ensure that all entities, locations, systems and data types are covered. 1.05 Entire business Data sharing with third parties routinely occurs, but disclosures do not appear to be logged or recorded. 20 Develop a data sharing protocol to regulate transfer / receipt of data with third parties. This should be supported by guidance on the contractual safeguards that you expect to be in place to provide assurance that third parties receiving data will only use it for limited purposes prescribed, with the information returned or destroyed at the end of the engagement or when it is no longer needed (whichever is the sooner) and that they understand the3.03 E-commerce Insurance information is stored on separate servers that appear to be more widely accessible by wider business teams. 12 Ensure means of transfer are secure when transferring data within the business or to a third party and that the data is then handled appropriately once received. Gap Analisys report Action plan A. Employee data: recruitment and selection of staff No. Issue What you should be doing to meet baseline GDPR position What you are doing / recommended actions Risk / Impact A1 Fair processing notice You should limit the personal data you collect from application forms etc to the fields necessary to allow you to select staff, carry out any necessary vetting (see below), populating initial e m p l o y m e n t r e c o r d s , registering with relevant tax authorities and checking their immigration status where necessary (or holding this on record for checks to [ Yo u r o u t i n e l y c o l l e c t personal data from potential recruits to support the selection process but you do not present recruits with a standard form privacy policy in the application process] ACTION : [e.g. Prepare standard privacy policy for new r e c r u i t s . I n c o r p o r a t e reference to the policy into Impact - significant Likelihood - likely
  • 21. Privacy by design e by default Security by design Privacy impact assessment Policy interne privacy e cyber risk Data protection officer Polizza assicurativa cyber risk 4.Attuazione
  • 22. 5.Monitoraggio è un continuo “work in progress”
  • 23. #PrivacyMatters Giulio Coraggio Partner - DLA Piper Head of Technology Sector and Global Internet of Things Group giulio.coraggio@dlapiper.com @GiulioCoraggio