While some organizations have written about the impending GDPR deadline and potential fines, or re-printed an exact copy of the text itself, TRUSTe has taken the 200+ pages of the GDPR and translated it into practical implementation steps for an organization of any size or maturity. The implementation steps are grouped into five actionable phases: Building a Program and Team Assessing Risks and Creating Awareness Designing and Implementing Operational Controls Managing and Enhancing Controls Demonstrating Ongoing Compliance A sample implementation step is developing a DPIA program, which includes creating templates, conducting DPIAs, managing remediation, and providing compliance reports. The guide also … Continue reading What you Need to Know About the GDPR: Practical Steps to Address GDPR Compliance
UN Global Pulse and the International Association of Privacy Professionals (IAPP) Present: Building a Strong Privacy and Data Ethics Program – From Theory to Practice May 4 New York The meeting will focus on how to implement privacy and data ethics in international organizations, and on how to access public-private sector data for use in humanitarian and development contexts. Four topics will be discussed during the day by experts from UN, public and private sector, namely: Privacy on the Ground: Managing Personal Data in Organizations; Ethics and a Rights Based Approach to Data: From Principles to Institutions; Privacy and Data … Continue reading May Event Spotlight: IAPP Canada, GDPR – DPIA & Data Breach Requirements Webinar & #CyberAware On Your Summer Travel Twitter Chat
Last week TRUSTe held a webinar “Privacy Shield Self-Certification – What’s Next?” as part of its Privacy Insight Series. If you missed the webinar you can still sign up to receive the on-demand recording and the slides. Our speakers, David Fowler, Chief Privacy & Digital Compliance Officer, Act-On Software; Amanda Gratchner, Global Privacy Counsel, NAVEX Global; and K Royal, Senior Privacy Consultant at TRUSTe discussed several different ways to enhance everything from your policies to your Privacy Impact Assessments by leveraging your Privacy Shield Certification. They also discussed how to use the Certification toward compliance with other frameworks, such as the … Continue reading 3 Ways to Leverage Your Privacy Shield Certification
As previously described in our blog post “Doing Business with Argentina Just got Easier“, change appears afoot in the land of silver’s data protection law, in order to keep pace with evolving digital technologies and global regulatory regimes. Whereas in December 2016 the Argentine Data Protection Agency (DPA) issued a report proposing changes to the national Data Protection Act (Act) after nearly a year of public consultation, this month the DPA released a draft bill to update the sixteen-year-old Act in line with many of the European Union’s General Data Protection Regulation (GDPR)’s new requirements taking effect in May 2018. … Continue reading Argentina GDPR-like Data Privacy Bill
Eleanor Treharne-Jones, VP Consulting at TRUSTe will be joining Lewis Barr, General Counsel and VP, Privacy, at Janrain for the first installment of a General Data Protection Regulation (GDPR) webinar series. Lewis and Eleanor will discuss: How personal data of EU citizens can be managed and processed under this new regulation. How it applies to all organizations that offer goods or services to EU residents or monitor their behaviour in the EU regardless of location. How, if found noncompliant, your organization could face penalties as high as 4% of your global revenue. What practical steps to take to prepare for GDPR. … Continue reading How to Get Started with GDPR Planning
In December 2016 we summarized the GDPR guidelines released by the Article 29 Working Party on the “Right to Data Portability”, Identifying a Lead Supervisory Authority, and appointing a “Data Protection Officer.” The deadline for submitting comments is today. To submit comments, email JUST-ARTICLE29WP-SEC@ec.europa.eu and email@example.com. To learn more about TRUSTe EU GDPR solutions, or to speak with a consultant, contact us.