![Page 1: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/1.jpg)
SETTING UP
GDPR-PROOFPRIVACY COMPLIANCE
Dr. Igor Máté
![Page 2: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/2.jpg)
DATA PROTECTION IS ON AGENDA NOWWHY
Oh, my God!
You are insecure,because
your data isunsecured
?
![Page 3: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/3.jpg)
DATA PROTECTION IS ON AGENDA NOWWHYBUSINESS
PUBLIC
LAW
?
PIE: value of data of European citizens increase by 1 trillion EUR by yearcorporate reputationemployer brandingoverall governance
Privacy ShieldBCR
NEW! EU GENERAL DATA PROTECTION REGULATION
Austrian student attacked
Facebook > ECJ nullified EU-US privacy
regime
Yahoo data breach
TODAY
TOMORROW
![Page 4: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/4.jpg)
THE SCALE ASTRONOMIC
Sun Earth TODAY 200k EUR *
TOMORROW 200m EUR **
* RECENT MAXIMUM FINE (average EU) ** NEW MAXIMUM: 4% OF GLOBAL TURNOVER
(taking a global company as example)
![Page 5: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/5.jpg)
THE NAME OF THE GAMEGDPREU REGULATION
regulation
single, unified regime
effective outside of Europe
May 25, 2018
multiple enforcement
significantly higher consequences of non-compliance
extended & enlargedobligations
EU General Data Protection Regulation
![Page 6: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/6.jpg)
KEY NEW FEATURES OF GDPRACCOUNTABILITY
DATA PROTECTION
BY DESIGN& BY DEFAULT PIA
INDIVID
UALS’ R
IGHTS
right to be informed
recipien
ts of
personal data
Data Protection
Officer
Privacy
Impact
Assessment
BREACH NOTIFICATION
DPO processes & policies
documentationfostering tolive the rights
![Page 7: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/7.jpg)
CORPORATE RESPONDS&ACTIONS
GROUP DATA PROTECTION FRAMEWORK
SINGLE UNIFIEDCENTRALIZED
SCALE CHANGE BOARDROOM ISSUE
SPECIAL PROFESSIONALTIMELY SOLUTION
IMPLEMENTATION
CHALLENGES
NEW DIMENSIONPRIVACY FUNCTION
MULTIPLE DEPARTMENTSCONCERNED
![Page 8: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/8.jpg)
KEY ELEMENTS OF FRAMEWORK 4W
WHY?
WHAT?
WHERE?
WHO?
business purpose:processes/actions
type of data
systems, files
delicatedistinctionre access
![Page 9: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/9.jpg)
KEY STAKEHOLDERS
DATA USERS (PROCESS / INFORMATION OWNERS)DATA PROCESSORS
HR
Sales / Marketing / CRM
Communications / CSR
PurchaseITIT SecuritySecurity
![Page 10: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/10.jpg)
ACTIONS IN COOPERATION WITH STAKEHOLDERS
2016 2017 2018Q1 Q1 Q2 Q3 Q4 March 31
Data protectionfitness survey
Developing manuals,training materials
Training of stakeholders(process owners)
Briefing (local)management
Nominating Local DataProtection Coordinators
Workshops withstakeholders
(Basic self-compliancecheck with nationallegislation)
DATA MAPPINGAND INVENTORY
GDPR-PROOF GROUP PRIVACY FAMEWORK
1
2
34
![Page 11: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/11.jpg)
dataMAPPINGpurpose
deletion
rights of datasubjects
(consent, SAR)
data categories
processes
access rightsand recipients
transfer(outsourcing)
quality (accuracy)assurance
storage andsafeguarding(security)
backup actions(breach/incident)
![Page 12: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/12.jpg)
BRIEFINGS, WORKSHOPS, TRAININGS
AWARENESSAPPROACHATTRIBUTE
OF PERSONAL DATA PROTECTIONAS CORPORATE FUNCTION
Constitutional Right“CONSUMER TRUST IS ESSENTIAL TO ACHIEVING GROWTH.”
Code of Conduct„WHATEVER DIRECTION YOU’RE TAKING WITH PEOPLE’S INFORMATION; YOU’RE TAKING THOSE PEOPLE WITH YOU.”
Accessory„YOU NEED TO BUILD THE CONSIDERATIONS FOR PRIVACY INTO YOUR PROJECTS RIGHT FROM THE BEGINNING TO MAKE IT WORK.”
![Page 13: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/13.jpg)
DATA PROTECTION WILL BE ON AGENDAWHY?
INTERNALLY EXTERNALLY OTHERS
PRIVACY BY DESIGN / PRIVACY RISK ASESSMENT
OUTSOURCING (TRANSFER)
EDUCATION AND TRAINING
REVIEW / CONTROL
INCIDENT MANGEMENT
SARs
DOCUMENTING AND REPORTING COMPLIANCE
DPA AUDITS
BREXIT
PRIVACY SHIELD
DUE DILIGENCE
![Page 14: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/14.jpg)
TAKEAWAYSPERSONAL DATA PROTECTION VERY MUCH IN FOCUS
TOUGHER REGULATIONS AT THE DOORSTEP
RISKS EVOLVE
NON-COMPLIANCE MAY BRING SEVERE IMPLICATIONS
NEW STAKE OF INTERNAL ACTIVITY NEEDED
DEDICATED CORPORATE FUNCTION TO SET UP
375, 374, 373, 372, 371, 370, 369... BUSINESS DAYS
![Page 15: GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul](https://reader031.vdocuments.us/reader031/viewer/2022030306/586fe3e41a28ab18428b8141/html5/thumbnails/15.jpg)
QUESTIONS
THANK YOU!
Dr. Igor Máté
https://no.linkedin.com/in/igormate