sobota 30. prosince 2017

Preparing for the General Data Protection Requirement

Published by Rob Mellor - 26. 12. 2017. Článek najdete na adrese: http://tinyurl.com/y9zu3kad
Cituji vybrané části textu:
"On May 25, 2018, the EU’s new General Data Protection Rules take effect forcing companies worldwide to comply with a fundamental change to the way businesses manage and distribute data.
" ... As a result, many businesses appear stuck in 'analysis paralysis', incapable of implementing strategies to meet the GDPR challenge.
How can you break through that paralysis? How can you get started on the path to compliance? In short, where do you start?"
First, let’s remind ourselves what is behind the GDPR.
"At the most foundational level, it is about stopping the misuse of personal data by organizations who may be tempted to use that data to engage in intrusive, unwanted marketing activities. We have all suffered such targeting and know how annoying it is. So, one of the key tenets of GDPR will be that it requires organizations to prove that any data they store is necessary to the running of the business, rather than being used for marketing activities. Within every business, there are obviously many different and disparate data streams making it tough to create an easily auditable view of the data and, in turn, prove why it is essential to the running of the business."
"For example, let’s imagine it is found that a retailer, at the point of purchase, is scanning the color of people's' eyes as they pay. The company will now have to explain why it is doing that. Perhaps, it is an optician that has a legitimate reason for capturing this data, as it helps provide better aftercare to customers."

Guidance on consent under the gdpr

Posted on December 15, 2017
Adresa:
https://www.huntonprivacyblog.com/2017/12/15/article-29-working-party-publishes-guidance-on-consent-under-the-gdpr/
Cituji vybrané části:
"Recently, the EU’s Article 29 Working Party (the “Working Party”) adopted guidelines (the “Guidance”) on the meaning of consent under the EU General Data Protection Regulation (“GDPR”). In this Guidance, the Working Party has confirmed that consent should be a reversible decision where a degree of control must remain with the data subject. The Guidance provides further detail on what is necessary to ensure that consent satisfies the requirements of the GDPR:
• Freely given. 
• Specific. 
• Informed.
• Clear affirmative action. .
Meaning of Explicit Consent
Demonstrating Consent
Children’s Consent
Pre-existing Consent"
Cituji ze závěru:
"For processing operations in relation to which existing consent will no longer be valid, the Working Party recommends that data controllers (1) seek to obtain new consent in a way that complies with the GDPR, or (2) rely on a different legal basis for carrying out the processing in question. If a data controller is unable to do either of those things then the processing activities concerned should cease."

It's time to re-examine the future of data infrastructure

Článek publikoval Ravi Mayuram na portálu "information-management" 20. 12. 2017. Najdete ho na adrese: http://tinyurl.com/yc96x79s
Cituji vybranou část textu:
"In 2017, artificial intelligence and digital transformation vaulted to the forefront of business priorities, and these technologies will continue to drive new business initiatives as we move into 2018.
Recent research suggests that the AI market will surpass $100 billion by 2025, and 89 percent of enterprises say their industry is being disrupted by digital technology. For companies to succeed today, digital strategies must underlie an organization’s approach to innovation and customer experience. And to support these efforts, it’s vital for companies to build out the necessary data infrastructure.
Today, AI is more of a trendy buzzword than a practical reality. Difficult to execute, AI is only as good as its data, and data integrity still varies from enterprise to enterprise. However, we’ve seen the early stages of machine learning applications in industries such as advertising and retail, and in the years ahead we’ll see more industries, including industrial Internet of Things, digital health and digital finance, begin taking advantage of this technology to provide more meaningful user experiences.
Throughout this transformation, the database will play an instrumental role by accommodating rapidly-changing data at scale, while keeping big data sets reliable and secure, although true implementation of AI is still several years away........".

GDPR – A legislative milestone for a digital age

PDF soubor s názvem "guide_gdpr_legislative_milestone_en.pdf"
najdete ke stažení na portálu "www.forcepoint.com", na adrese:
http://tinyurl.com/y9vdud9u
Cituji z textu:
"GDPR – A legislative milestone for a digital age BY NEIL THACKER, INFORMATION SECURITY & STRATEGY OFFICER, EMEA FORCEPOINT™ The clock is officially ticking for organisations to get their data protection policies in order now that the General Data Protection Regulation (GDPR) has been approved and is set to replace the previous EU Data Protection Directive. The new regulation will come into effect in May 2018 and will require organisations to put a much stricter focus on data protection. The headline items for organisations that collect or process EU citizen records are: } They must notify their supervisory authority of a data breach within 72 hours. } The subject will have the right to retract consent, request data erasure or data portability. } They may face fines of up to 4% of their worldwide turnover, or €20 million for intentional or negligent violations. These increased sanctions mean it is vital that this new law be fully understood by a number of key stakeholders within the organisation, and that organisations start preparing to comply with the new regulations as soon as possible. There are five key steps to help organisations perform a basic assessment of their current data protection strategy and to identify any potential gaps that need filling prior to a more comprehensive view of the GDPR...."
Příklad nabídky profesionálního poradenství v GDPR:
"THERE ARE THREE CORE AREAS WHERE FORCEPOINT’S SOLUTIONS CAN HELP ORGANIZATIONS MEET THE REQUIREMENTS OF THE GDPR: } Inventorying personal data, whether as part of the initial scoping of a compliance program or to support the operational duties of controllers, processors or responders, including dealing with subject access requests or data incidents. } Mapping personal data flows across the organization that expose broken business processes and unsanctioned IT or highlight supply chain activity that puts critical data at risk. This clear visibility allows organizations to implement management and control of personal data flows using mechanisms such as authorization, policy-based encryption, notification and blocking to mitigate risk. } Leveraging behavioral analytics and risk modelling to rapidly detect high risk employee activity (malicious or compromised) and broken business processes that put critical data at risk, as well as enabling a quick and decisive response, which often lets organizations get ahead of the breach itself."

pátek 29. prosince 2017

GDPR kalkulačka

Na adrese:
https://www.gdprkalkulacka.cz/?utm_source=uschovna&utm_medium=mail&utm_campaign=nebojtese
najdete jednoduchý test přípravy na GDPR. Jde sice o reklamu poradanství, nicméně není na škodu sítí dotazů si projít. Je možné si nechat zaslat výsledek, ale pokud nezadáte mailovou adresu, dozvíte se souhrnný výsledek na webové stránce.   

čtvrtek 14. prosince 2017

GDPR Bílá kniha CZ

9-stránkový soubor pdf s výše uvedeným obsahem najdete na adrese
https://www.zebra.cz/wp-content/uploads/GDPR_Bila-kniha_CZ.pdf
Osnova:
- Terminologie
- Přehled o GDPR
- Dopad GDPR
- Požadavky GDPR
- GDPR v cloudu
- Řešení GDPR

pátek 1. prosince 2017

5 ways you can benefit from GDPR


5 ways you can benefit from GDPR
Inderjit Mund publikoval 29. 11. 2017 článek na portále "dataiq.co.uk", konkrétně na adrese:
http://tinyurl.com/ycqmcbvl
Cituji vybrané části textu a osnovu:
"Contrary to the negative hype, the General Data Protection Regulation (GDPR) is a force for good for both individuals and marketers. The new Regulation empowers consumers by refocusing the attention on them owning their data.
With new guidelines around explicit permission to use an individual’s data, brands will need to create more relevant and compelling brand communications to customers who are actually interested. Looking at the key requirements for compliance in more detail, GDPR can in fact help marketers to enhance their activities, improve customer engagement and boost ROI."
Here’s 5 ways you can benefit from GDPR:
1. Personalised and more efficient marketing
2. The fast-track to effective data-driven marketing
3. Permission is everything
4. Better data equals better relationships
5. GDPR as a catalyst for change
Cituji ze závěru:"With this in mind, it is understandable to be taken back by the requirements of GDPR. Its complexity can be daunting and unclear at stages, yet underneath the prescriptive text, there is vast opportunity to make business and marketing activity compatible with our digital future. Responsible brands should not fear GDPR, but learn to work with it to unlock and future-proof data-driven marketing practices. Once you become at peace with this, your marketing activity will have higher first-time success rates and impact on the right type of audience."