SLIDE 1
ABOUT PRIVACERA
BACKED BY PARTNERS GLOBAL
GDPR BREAKFAST EVENT LONDON OCT18 ABOUT PRIVACERA GLOBAL - - PowerPoint PPT Presentation
GDPR BREAKFAST EVENT LONDON OCT18 ABOUT PRIVACERA GLOBAL - - PowerPoint PPT Presentation
GDPR IN THE DIGITIZED WORLD - CHECKLIST AND STRATEGIES GDPR BREAKFAST EVENT LONDON OCT18 ABOUT PRIVACERA GLOBAL PARTNERS BACKED BY PRIVACERA - ONE PLATFORM TO MANAGE DATA RISKS TEXT CONTROL DISCOVER ANONYMIZE WHAT TYPE OF DATA
SLIDE 2
SLIDE 3
TEXT
SENSITIVE DATA DETECT
MALICIOUS OR ACCIDENTAL USE
CONTROL
ANONYMIZE DATA/RESTRICT ACCESS
DISCOVER
WHAT TYPE OF DATA STORED AND WHERE?
REPORT
ANALYTICS ON SENSITIVE DATA USE
PRIVACERA - ONE PLATFORM TO MANAGE DATA RISKS
SLIDE 4
CURRE CURRENT EN ENTER ERPRISE E LAN LANDSC DSCAP APE
SLIDE 5
ENTERPRISE DATA ON THE RISE
SLIDE 6
“More c companies b becoming d data co compani nies”
SLIDE 7
SLIDE 8
“Give c control o
- f d
data b back t to in individ ividuals” s”
SLIDE 9
GDPR VS DATA PRIORITIES
Leverage data to provide better service Give control of data to individuals
SLIDE 10
GDP GDPR – Ch Chec eckli klist t an and St Strat ateg egies ies
SLIDE 11
GDPR – CONSIDERATIONS
Personal Data Consent RTBF and Data Portability Data Security
SLIDE 12
GDPR CHECKLIST
Coordinate with Privacy and Security teams
1
Data discovery and classification Centralize data around consent, purpose Analyze pseudoanonymization, encryption options
2 3 4 6
Constantly monitor personal data for breaches
7
Address data subject rights
SLIDE 13
WHERE IS PERSONAL DATA?
Sensitive data could be hidden within data
SLIDE 14
CURRENT PARADIGM
QUESTIONNAIRE ANSWERED BY BUSINESS AND IT TEAMS DATA COMPILED INTO A DATA MAP
- POINT IN TIME, DATA KEEPS
CHANGING CONSTANTLY
- ENTERPRISE USERS MAY
NOT KNOW ABOUT ALL DATA CHANGES
Challenges
SLIDE 15
AUTOMATED DATA DISCOVERY - PRIVACERA
▸ Automatic discovery of
personal and other sensitive data
▸ Leverage machine
learning and NLP
▸ Easy Dashboard for
creating data maps
SLIDE 16
SLIDE 17
DATA SUBJECT RIGHTS
SLIDE 18
PRIVACERA - ADDRESSING DATA SUBJECT RIGHTS
▸ Understanding a system has
personal data is enough
▸ Need to know where individual
record is stored
▸ Privacera can tie individual
customer ids with where the information is stored
▸ Privacera APIs can address
requests from individuals for their data
SLIDE 19
COLLECTING AND STORING CONSENT
▸ Affirmative consent for data
processing
▸ Specific to data processing
- peration
▸ GDPR requires explicit
consent for special categories
- f personal data
▸ Parental consent for
processing children’s personal data
▸ Right to withdraw consent
SLIDE 20
HOW PRIVACERA CAN HELP?
▸ Privacera can enforce controls based on consent ▸ Integrate with customer preferences management systems ▸ Privacera analytics can report back on how personal data
is accessed against the consent collected
SLIDE 21
PSUEDO-ANONYMIZATION
▸ GDPR encourages “pseudonymization” of personal data ▸ Pseudonymization is the separation of data from direct
identifiers
Pseudo/Token Anonymized value
Jane Doe tygdhd XXXXXXX Mark Guy sdhuak XXXXXXX Joe Doe asjlchd XXXXXXX Jane Doe tygdhd XXXXXXX
SLIDE 22
DATA SECURITY AND DATA BREACH NOTIFICATIONS
▸ GDPR recommends “ensuring the ongoing confidentiality,
integrity, availability and resilience”
▸ Availability and access to personal data in a timely manner ▸ Personal data breach to be notified to a supervisory
authority ” not later than 72 hours after having become aware of it
SLIDE 23
HOW PRIVACERA CAN HELP
▸ Static and dynamic anonymization and tokenization
capabilities
▸ Behavioral monitoring of use of personal data access
SLIDE 24
Dynamic Anonymization
SLIDE 25
SLIDE 26
Su Summar ary
SLIDE 27
SUMMARY
- Collaborate with Privacy and Security teams
- Understand how you are collecting and storing
personal data
- Identify critical applications, databases and implement
controls to automatically discover and control personal data
- Take a deep breath. It is a journey, not a milestone
SLIDE 28