Il regolamento privacy europeo comporterà un cambiamento di prospettiva da parte delle aziende. Ma questo cambiamento di prospettiva potrebbe fornire benefici competitivi in quanto i clienti (sia società che consumatori) incominceranno a considerare la conformità alla normativa privacy nelle loro scelte.
Islamabad High Court Judges wrote a letter to Supreme Judicial Council.pdf
#Privacy Matters - Come il regolamento privacy europeo da un problema può diventare un vantaggio competitivo
1. 1
#PrivacyMatters
e come la privacy può diventare
da un problema un vantaggio competitivo
Giulio Coraggio
Partner - DLA Piper Studio Legale
Head of Technology Sector and Global Internet of Things Group
Giulio.Coraggio@dlapiper.com
Gianluigi Marino
Lawyer - DLA Piper Studio Legale
Gianluigi.Marino@dlapiper.com
Rosy Cinefra
Senior Counsel - CA Technologies
Rosy.Cinefra@ca.com
privacymatterstoday@gmail.com
22. Privacy
by design e
by default
Security
by
design
Privacy
impact
assessment
Policy interne
privacy e
cyber risk
Data protection
officer
Polizza
assicurativa
cyber risk
ci sono gli strumenti per proteggersi
25. 2. Valutazione
Report
section
Department / team Issue Inherent
risk score
Action
1.04 Entire business Data sharing takes place
around the Group but there is
no evidence that this is
undertaken on particular terms
or that related information is
logged or recorded in any way.
20 Ensure all data sharing is clearly tracked through a central
privacy clearing team, and regulated under an intra-group
data transfer agreement which sets out clear rules and
restrictions for onward use and secure processing. If there are
processes or agreements in place, refresh these to ensure that all
entities, locations, systems and data types are covered.
1.05 Entire business Data sharing with third parties
routinely occurs, but
disclosures do not appear to be
logged or recorded.
20 Develop a data sharing protocol to regulate transfer / receipt of
data with third parties. This should be supported by guidance on
the contractual safeguards that you expect to be in place to
provide assurance that third parties receiving data will only use it
for limited purposes prescribed, with the information returned or
destroyed at the end of the engagement or when it is no longer
needed (whichever is the sooner) and that they understand the3.03 E-commerce Insurance information is stored
on separate servers that
appear to be more widely
accessible by wider business
teams.
12 Ensure means of transfer are secure when transferring data
within the business or to a third party and that the data is then
handled appropriately once received.
Gap Analisys report
Action plan
A. Employee data:
recruitment and selection
of staff
No. Issue What you should be doing
to meet baseline GDPR
position
What you are doing /
recommended actions
Risk / Impact
A1 Fair processing notice You should limit the personal
data you collect from
application forms etc to the
fields necessary to allow you
to select staff, carry out any
necessary vetting (see
below), populating initial
e m p l o y m e n t r e c o r d s ,
registering with relevant tax
authorities and checking
their immigration status
where necessary (or holding
this on record for checks to
[ Yo u r o u t i n e l y c o l l e c t
personal data from potential
recruits to support the
selection process but you do
not present recruits with a
standard form privacy policy
in the application process]
ACTION :
[e.g. Prepare standard
privacy policy for new
r e c r u i t s . I n c o r p o r a t e
reference to the policy into
Impact - significant
Likelihood - likely
27. Privacy
by design e
by default
Security
by
design
Privacy
impact
assessment
Policy interne
privacy e
cyber risk
Data protection
officer
Polizza
assicurativa
cyber risk
4.Attuazione
29. 29
#PrivacyMatters
Giulio Coraggio
Partner - DLA Piper Studio Legale
Head of Technology Sector and Global Internet of Things Group
Giulio.Coraggio@dlapiper.com
Gianluigi Marino
Lawyer - DLA Piper Studio Legale
Gianluigi.Marino@dlapiper.com
Rosy Cinefra
Senior Counsel - CA Technologies
Rosy.Cinefra@ca.com
privacymatterstoday@gmail.com
30. 30
#PrivacyMatters
Giulio Coraggio
Partner - DLA Piper Studio Legale
Head of Technology Sector and Global Internet of Things Group
Giulio.Coraggio@dlapiper.com
Gianluigi Marino
Lawyer - DLA Piper Studio Legale
Gianluigi.Marino@dlapiper.com
privacymatterstoday@gmail.com
Rosy Cinefra
Senior Counsel
CA Technologies
Giovanni Cerutti
Senior VP, General Counsel, Compliance & Risk
NTT Data EMEA
Giuseppe Bellazzi
Manager Legal and Litigation Department
Intesa Sanpaolo
Fabio Fiumanò
Legal Manager and Local Compliance Officer
Intesa Sanpaolo
Giuseppe Catalano
Company Secretary, Head of Corporate Affairs
Assicurazioni Generali
Responsabile Territoriale Lombardia e Liguria AIGI