čtvrtek 5. října 2017

Focus on Five High-Priority Changes to Tackle the EU GDPR

Accelerate your GDPR Compliance using Oracle Security Solutions
Research from Gartner
Focus on Five High-Priority Changes to Tackle the EU GDPR
Bart Willemsen - 30 September 2016
Text najdete na portálu Oracle.com na adrese:

Cituji z úvodu: "The European General Data Protection Regulation will have a global impact as of 2018. Among the many changes, IT leaders should prioritize efforts where they are most affected. These five high-priority changes help you get up to speed with GDPR requirements.
- Key Challenges
Recommendations: All IT leaders involved in security, risk and privacy management should:
-- Ensure that a data protection officer (DPO) is appointed, and create a task force to address the challenges the organization faces under the GDPR.
-- Review personal data processing operations for subject rights enforcement and cross-border data flow compliance, including adequate data processor selection.
-- Establish and maintain an internal framework for accountability, taking into account mitigation of risk resulting from the data processing activity.
-- Strengthen transparency by instituting comprehensive central business registration and documentation of data processing activities.
-- Seek legal advice, where necessary, in the pursuit of risk-based timely compliance decisions.
Strategic Planning Assumption 
Struktura jádra článku:
Cituji z textu: The following five elements require primary attention (see Figure 1):
Analysis and recommendations:
1. - Determine Your Role Under the GDPR
2. - Appoint Your Data Protection Officer
3. - Demonstrate Accountability in All Processing Activities
4. - Check Your Cross-Border Data Flows
5. - Prepare for Data Subjects Exercising Their Rights
Cituji ze závěru: "Recommendations:
"- IT leaders should implement a data breach notification procedure in their security incident processes, and team up with the DPO and relevant legal and customer care colleagues.
- Process owners must develop effective user interfaces for data subjects where possible, enabling them to exercise their rights as directly as possible.
- Gartner clients should update their public information to data subjects (for example, privacy statements), in line with GDPR requirements.
- Legal disclaimer: The opinions and recommendations in this document should not be construed as legal advice. Gartner recommends that entities subject to legislation seek legal counsel from qualified sources."
Source: Gartner Research Note G00311301, Bart Willemsen, 30 September 2016.