is/dpp for staff #3a - data
TRANSCRIPT
![Page 1: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/1.jpg)
- Internal -
IS/DPP Baseline Training
E-learning – Part 3 – Data & Classification
![Page 2: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/2.jpg)
Data in the Center
Environment
Physical
HumanDevice
Application
Repository
Carrier
Net
wor
k
Data
3rd Parties
![Page 3: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/3.jpg)
3- Internal - Page
No Data, No Worries: Data Minimization
![Page 4: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/4.jpg)
4- Internal - Page
Don’t Spread the Word
![Page 5: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/5.jpg)
Information Classification
![Page 6: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/6.jpg)
6- Internal - Page
Why?
![Page 7: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/7.jpg)
7- Internal - Page
Data is everywhere, we organise it, to be able to manage it
![Page 8: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/8.jpg)
8- Internal - Page
Levels of Organising data
1,267.04 EURCardholder C
Shop N249.99 EUR
319.00 EUR
1,415.00 EUR
14/8
20/8
26/8
2/8
x 0.5 loyalty points
3,251.03 EUR
1,625
Shop M
Shop O
Shop P
Total for August
Loyalty points
![Page 9: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/9.jpg)
9- Internal - Page
Data / Information
![Page 10: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/10.jpg)
10- Internal - Page
Data that gives ABC a Competitive Advantage
Indicator: “confidential” nature
![Page 11: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/11.jpg)
11- Internal - Page
Data that gives ABC a Competitive Advantage
Examples “in scope”:– Creative Ideas– Strategy
Indicator: “confidential” nature
![Page 12: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/12.jpg)
12- Internal - Page
Data that gives ABC a Competitive Advantage
Examples “in scope”:– Creative Ideas– Strategy
– Contracts with customers– Policies on rebates, complaint
compensation,…
Indicator: “confidential” nature
![Page 13: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/13.jpg)
13- Internal - Page
Data that gives ABC a Competitive Advantage
Examples “in scope”:– Creative Ideas– Strategy
– Contracts with customers– Policies on rebates, complaint
compensation,…
– Personal Data (PDP Act / GDPR) Information related to identified or
identifiable natural person
– Cardholder data (PCI-DSS) Transaction data
Indicator: “confidential” nature
![Page 14: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/14.jpg)
14- Internal - Page
Data that gives ABC a Competitive Advantage
Examples “in scope”:– Creative Ideas– Strategy
– Contracts with customers– Policies on rebates, complaint
compensation,…
– Personal Data (PDP Act) Information related to identified or
identifiable natural person
– Cardholder data (PCI-DSS) Transaction data
Indicator: “confidential” nature
![Page 15: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/15.jpg)
15- Internal - Page
Processing personal data
HAVE TO: Data Protection Act / GDPR
![Page 16: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/16.jpg)
16- Internal - Page
Data Protection Act - Personal data
Any information
relating to
an identified or identifiable
natural person.
![Page 17: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/17.jpg)
17- Internal - Page
Data Protection Act - Personal data
In general not legal persons (e.g. limited companies)BUT- In some countries similar regime for legal persons- Next to personal data protection there may be a (professional) duty of confidentiality.
e.g. consumer customers, staff members, individuals related to corporations (legal representatives, UBOs, …),
Any information
relating to
an identified or identifiable
natural person
![Page 18: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/18.jpg)
18- Internal - Page
Data Protection Act - Personal data
An identifiable person is one who can be identified, directly or indirectly, in particular by reference to • An identification number or •To one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.
Any information
relating to
an identified or identifiable
natural person
![Page 19: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/19.jpg)
19- Internal - Page
Data Protection Act - Personal data
Any information
relating to
an identified or identifiable
natural person
![Page 20: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/20.jpg)
20- Internal - Page
Data Protection Act - Personal data
Any information
relating to
an identified or identifiable
natural person
![Page 21: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/21.jpg)
21- Internal - Page
Data Protection Act - Personal data
Any information
relating to
an identified or identifiable
natural person
![Page 22: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/22.jpg)
22- Internal - Page
Data Subject
Processing personal data
Data Protection Act – Data Subject
![Page 23: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/23.jpg)
23- Internal - Page
Data Protection Act - Personal data
(perception of) “sensitivity”/”intimacy” is irrelevant
Any information
relating to
an identified or identifiable
natural person
![Page 24: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/24.jpg)
24- Internal - Page
Your CardYour Card and how you use it
![Page 25: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/25.jpg)
25- Internal - Page
Your CardYour Card and how you use it
![Page 26: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/26.jpg)
26- Internal - Page
Your CardYour Card and how you use it
![Page 27: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/27.jpg)
27- Internal - Page
Your Search Results
![Page 28: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/28.jpg)
28- Internal - Page
Your Phone Number
![Page 29: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/29.jpg)
29- Internal - Page
Your Location
![Page 30: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/30.jpg)
30- Internal - Page
Your Heartbeat
![Page 31: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/31.jpg)
31- Internal - Page
Your Keystroke Speed
![Page 32: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/32.jpg)
32- Internal - Page
Your Shoe Size
![Page 33: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/33.jpg)
33- Internal - Page
Data Protection Act / GDPR - Personal data
Any information
relating to
an identified or identifiable
natural person.
VERY BROAD
![Page 34: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/34.jpg)
34- Internal - Page
Data Protection - Processing
digital AND paper
![Page 35: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/35.jpg)
35- Internal - Page
Data Protection - Processing
Collection, recording, organization,
Storage,
Adaptation or alteration, rectification, retrieval, consultation, use,
Disclosure by transmission, dissemination or otherwise making available,
alignment or combination,
Blocking, erasure or destruction
![Page 36: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/36.jpg)
36- Internal - Page
Data Subject
Processing personal data
Data Controller
Data Protection Act / GDPR – Data Controller
![Page 37: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/37.jpg)
37- Internal - Page
Processing personal data
Data Protection Act / GDPR – Data Controller
Data Subject
Data Controller
Bank ABC
Application form
![Page 38: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/38.jpg)
38- Internal - Page
Control
Processing personal data
Data Protection Act / GDPR – Control in 4 Pillars
Data Subject
Data Controller
![Page 39: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/39.jpg)
39- Internal - Page
Control
Processing personal data
Finality
Data Protection Act / GDPR – Control in 4 Pillars
Respect the(original) purpose
Data Subject
Data Controller
Legitimacy
Have one of the legal bases
![Page 40: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/40.jpg)
40- Internal - Page
Control
Processing personal data
Finality Legitimacy
Transparency
Data Protection Act / GDPR – Control in 4 Pillars
Respect the(original) purpose
Have one of the legal bases
Inform data subjectand sometimes
authorities
Data Subject
Data Controller
![Page 41: IS/DPP for staff #3a - Data](https://reader033.vdocuments.us/reader033/viewer/2022051706/58f051f11a28ab7e738b46bd/html5/thumbnails/41.jpg)
41- Internal - Page
Control
Processing personal data
Finality Legitimacy
Transparency Organisation
Data Protection Act / GDPR – Control in 4 Pillars
Respect the(original) purpose
Have one of the legal bases
Inform data subjectand sometimes
authorities
Accountability andtechnical and
organisational measures
Data Subject
Data Controller