think your website is gdpr compliant

Think Your Website is GDPR Compliant? DrupalCon NASHVILLE 2018 - PowerPoint PPT Presentation

Oct 10, 2023 •384 likes •858 views

Think Your Website is GDPR Compliant? DrupalCon NASHVILLE 2018 Mediacurrent Join Us for Contribution Sprints Mentored First time General Core sprint sprinter workshop sprint #drupalsprint Mediacurrent Drupal. JavaScript. Future.

  1. Think Your Website is GDPR Compliant? DrupalCon NASHVILLE 2018 Mediacurrent

  2. Join Us for Contribution Sprints Mentored First time General Core sprint sprinter workshop sprint #drupalsprint Mediacurrent

  3. Drupal. JavaScript. Future. Keynotes. Sessions. Sprints. A different kind of Drupal conference. Mark your calendar and prep your proposal! More details soon.

  4. Today’s Team Dawn Aly Mark Shropshire | 4

  5. Disclaimers | 5

  6. Today’s Agenda I. Guiding Principles of the GDPR II. Creating a Positive PX III. Security by Design IV. Advanced Marketing Strategies in a Post GDPR World V. Creating an Action Plan (not a Freak-Out Plan) | 6

  7. Guiding Principles of the GDPR | 7

  8. What is GDPR? | 8

  9. Who is at Risk for Compliance? ● ● ● ● ● ● | 9

  10. Yep. Pretty much everyone. | 10

  11. The GDPR is not just an IT Discussion 89% 85% 43% Believe their competitive Percentage of relationships advantage will be based on consumers will manage the customer experience without talking to a human by 2020 $3.8 million $150 million cost of a data breach for the average company anticipated increase of data breach costs by 2020 Sources: Gartner, Gartner, Symantec, Microsoft, Juniper Research | 11

  12. GDPR Roles Public authority appointed in EU countries for monitoring compliance of GDPR Supervisory Authority Data Subject Legal entity or person Legal entity or person Individual processing the actual determining need and whose personal Controller Processor data on behalf of the means for processing data has been controller personal data collecte d Data Protection Officer GDPR required leadership position in organizations for monitoring internal GDPR compliance | 12

  13. User Rights and Requirements Overview | 13

  14. Breach Notification ● ● ● ● | 14

  15. Right to Access ● ● ● | 15

  16. Right to Erasure (Right to be Forgotten) ● ○ ○ ○ | 16

  17. Data Portability ● ● ● ● | 17

  18. Privacy by Design ● ● ● | 18

  19. Data Protection Officers ● ● ● ● | 19

  20. ● ● | 20

  21. Creating a Positive PX | 21

  22. Data + Privacy doesn’t have to be scary. | 22

  23. Universal PX Principles ● ● ● ● ● ● ● | 23

  24. PII (Personally Identifiable Information) Examples ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● Sources: https://en.wikipedia.org/wiki/Personally_identifiable_information | 24

  25. Data Collection Transparency Data Portability ● Know what you collect ● Have clear privacy policies ● Allow users control over their data including: ● Only retain for as long as you ● Let users know how you use need data and why ○ Exporting data Protect data with encryption Give users the right to decide Deleting data ● ● ○ Do’s how and when data is ● Audit and log ○ Seeing the details of processed and shared their stored data ● Explain things in easy to understand language ● Collect any PII that you don’t ● Hide who you share data with ● Make it hard for users to absolutely need and why you share it with export data in a standard them format that is usable for ● Allow anyone or system imports to other systems and ● Force users to opt-out (opt-in access to data who doesn’t services Don’ts should be the pattern) have legitimate reason for processing ● Delay processing user Create hard to read privacy ● request for deletion, export, policies and other or reporting documents related to data privacy ● Rely on blanket consents PX Do’s and Don’ts | 25

  26. Security by Design | 26

  27. Secure by Design | 27

  28. Privacy and Security SDLC 1. PLANNING 6. MAINTENANCE Document and understand security Consider and implement changes controls and regulatory requirements to to controls and regulations include in feature planning. affecting the project. Software Development 2. IMPLEMENTATION 5. DEPLOYMENT Life Cycle Development with security and Release software to production privacy controls in mind. environments after approved through agreed upon processes. Privacy and Security 4. DOCUMENTATION 3. TESTING Identify defects through review Document detailed project feature implementations and processes and testing controls guided by and how they apply to security and security and privacy requirements. privacy requirements. | 28

  29. Security and Privacy Principles ● ● ● ● ● ● ● | 29

  30. One Source: Townsend Security | 30

  31. Advanced Marketing Strategies | 31

  32. 94% Trust Sources: Inc.com, Label Insight, Harvard Business Review | 32

  33. Level of Trust by Industry Source: Harvard Business Review | 33

  34. Building Trust with Marketing Education Marketing Deliver Value Trust Enablers High Quality Empower the Individual | 34

  35. Big Data May Not Be So Big | 35

  36. GDPR Benefits to Data ● ● ● Sources: Altimeter | 36

  37. Marketing Automation and CRM ● ● ● ○ | 37

  38. Creating an Action Plan | 38

  39. Enforcement begins May 25, 2018 | 39

  40. PX takes a team. | 40

  41. Creating a Plan Data Collection Points Messaging and Consent User Control ● ● ● ● ● ● ● ● ● ● | 41

  42. Next Steps ● ● ● ● ● ● | 42

  43. PX is the new Golden Rule | 43

  44. Drupal and Privacy/Security GDPR module Privacy Concerns as GDPR Compliance [#2848974] Guardr security distribution EU Cookie Compliance Encrypt module GDPR Export module GDPR Consent module Commerce GDPR Drush sql-sanitize | 44

  45. What Did You Think? Thank you! Mediacurrent

  46. Come See Us at Booth Join Us at our Afterparty #525 Tuesday 7-11pm @ The George Jones Thank you!

Recommend

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin

Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin

Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR Legal Overview By Erin Aslan Legal Counsel - Sinequa Live Webcast: How Cognitive Search Accelerates GDPR Compliance GDPR takes effect on May 25, 2018 with no further

285 views • 26 slides
Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Almost one year after the GDPR, where are we now? Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The first year of the GDPR can best be described as "quiet test run. What are the most striking

405 views • 8 slides
GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get

GDPR Hacks For O365 3/27/2018 How O365 And Azure Can Help JB Wissma mann nn Organizations Get Compliant Agenda GDPR at a glance What does GDPR mean for IT departments Microsoft and GDPR M365 O365 Azure Dynamics

349 views • 18 slides
Non Compliant Compliant 1. Non Submission of Data string upload to the IDP by End the portal

Non Compliant Compliant 1. Non Submission of Data string upload to the IDP by End the portal

Non Delegated CFO Forum Presented by National Treasury 07 November 2016 Compliant and When? Non Compliant Compliant 1. Non Submission of Data string upload to the IDP by End the portal by due dates November 2016. and compliant to:

253 views • 7 slides
Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require? How does an Australian business comply? Action Plan Section 1: GDPR is here Privacy in the digital age Historically, privacy was almost

513 views • 40 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

624 views • 17 slides
REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General

REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General

GENERAL DATA PROTECTION REGULATION (GDPR) IN THE CONTEXT OF EEDAPP 27 SEPTEMBER 2019 - VENICE WHAT IS GDPR The General Data Protection Regulation (EU) 2016/679, commonly known as GDPR, applies from 25 May 2018 and regulates the processing by a

318 views • 12 slides
GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB

GDPR General Data Protection Regulation DR. Rafi us Shan, Chief Cyber Security , KP CERC KPITB GDPR TIMELINE Definitions GDPR is a set of EU laws that come into affect on May 25th 2018. GDPR rules are designed to give more control over

588 views • 30 slides
GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont be scared 60% of people welcome the rights under GDPR 48% of UK adults plan to activate their rights 56% welcome the right to object to marketing

1.32k views • 37 slides
PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

GENERAL DATA PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles of of GDPR How does it effect school How are school preparing How does it effect individual staff How can

475 views • 12 slides
Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data

Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data

Responsibility and Accountability under the GDPR Regina Becker ELIXIR-LU ELIXIR Workshop Data Protection ECCB 2018 / Athens 11. September 2018 GDPR is catching up with us GDPR: General Data Protection Regulation GDPR Became

439 views • 26 slides
Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

garjoh_canuck Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett Johnson (Boston U) Scott Shriver (U Colorado Boulder) GDPR Impact GDPR General Data Protection Regulation EU EEA Brexit GDPR

834 views • 27 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
Solving The Top 5 GDPR Challenges Accelerating your GDPR Program About Bill Bradley Leads

Solving The Top 5 GDPR Challenges Accelerating your GDPR Program About Bill Bradley Leads

Solving The Top 5 GDPR Challenges Accelerating your GDPR Program About Bill Bradley Leads Product Marketing for Data Loss Prevention Bill Bradley Director, Product Marketing ~20 years of marketing & sales experience Field

651 views • 35 slides
GDPR and Microchipping Compliant or Complacent? Your Presenters Karis Brummitt CMO Microchip

GDPR and Microchipping Compliant or Complacent? Your Presenters Karis Brummitt CMO Microchip

GDPR and Microchipping Compliant or Complacent? Your Presenters Karis Brummitt CMO Microchip Central Nick Brummitt Founder / Director Microchip Central Richard Fry Founder / Director MicroID Dis isclaimer This is NOT legal advice No

496 views • 35 slides
Avoid Common Freedom of Information Act Mistakes Anne M. Seurynck Foster Swift Collins & Smith,

Avoid Common Freedom of Information Act Mistakes Anne M. Seurynck Foster Swift Collins & Smith,

Avoid Common Freedom of Information Act Mistakes Anne M. Seurynck Foster Swift Collins & Smith, PC 1700 E Beltline Ave, NE, Suite 200 Grand Rapids, MI 49525 (616) 726 2200 aseurynck@fosterswift.com FOSTERSWIFT.COM Freedom of Information

532 views • 39 slides
Special Education for CASA of Los Angeles Robert Borrelle, Supervising Attorney Disability

Special Education for CASA of Los Angeles Robert Borrelle, Supervising Attorney Disability

12/2/2020 Special Education for CASA of Los Angeles Robert Borrelle, Supervising Attorney Disability Rights California Tonights Agenda Provide an Overview of Disability Rights California Discuss DRCs Different Units Impacting

592 views • 9 slides
The McKinney-Vento Homeless Assistance Act Kristine Nadolski and Karen Rice EHCY State

The McKinney-Vento Homeless Assistance Act Kristine Nadolski and Karen Rice EHCY State

The McKinney-Vento Homeless Assistance Act Kristine Nadolski and Karen Rice EHCY State Coordinators Causes of Homelessness Lack of affordable housing Poverty Increase in low vs middle wage employment Health problems Lack of

542 views • 42 slides
Corporate Governance, and the Returns on Investment Klaus Gugler, Dennis C. Mueller and B.

Corporate Governance, and the Returns on Investment Klaus Gugler, Dennis C. Mueller and B.

Corporate Governance, and the Returns on Investment Klaus Gugler, Dennis C. Mueller and B. Burcin Yurtoglu University of Vienna, Department of Economics BWZ, Bruennerstr. 72, A-1210, Vienna CBR Summit: 29-30 March 2006 Innovation and

448 views • 20 slides
This presentation contains animations which require PDF browser which accepts JavaScript. For

This presentation contains animations which require PDF browser which accepts JavaScript. For

This presentation contains animations which require PDF browser which accepts JavaScript. For best results use Acrobat Reader. RSK problems theorem: bumping routes proof, the easy part proof, science fiction the end R obinson- S chensted- K

1.11k views • 85 slides
Natural Language Processing Info 159/259 Lecture 22: Coreference resolution (Nov. 8, 2018)

Natural Language Processing Info 159/259 Lecture 22: Coreference resolution (Nov. 8, 2018)

Natural Language Processing Info 159/259 Lecture 22: Coreference resolution (Nov. 8, 2018) David Bamman, UC Berkeley Ted Underwood Modeling Perspective and Parallax to Tell the Story of Genre Fiction today! 5:30 pm - 7:00 pm Townsend

1k views • 78 slides
Text Visualization Ma Maneesh Agrawala CS 448B: Visualization Fall 2020 1 Text as data

Text Visualization Ma Maneesh Agrawala CS 448B: Visualization Fall 2020 1 Text as data

Text Visualization Ma Maneesh Agrawala CS 448B: Visualization Fall 2020 1 Text as data Documents Articles, books and novels Computer programs E-mails, web pages, blogs Tags, comments Collection of documents Messages (e-mail, blogs,

487 views • 44 slides
Constraint Satisfaction Problems Chapter 6 Constraint Satisfaction Problems A constraint

Constraint Satisfaction Problems Chapter 6 Constraint Satisfaction Problems A constraint

Constraint Satisfaction Problems Chapter 6 Constraint Satisfaction Problems A constraint satisfaction problem consists of three components, X, D, and C: X is a set of variables, {X 1 , . . . , X n }. D is a set of domains, {D 1 , . .

885 views • 67 slides

More recommend