SlideShare une entreprise Scribd logo

DEFeND Project Presentation - July 2018

DEFeND Project
DEFeND Project

DEFeND is an international partnership that will deliver a platform to empower organisations in different sectors to assess and comply to the The European Union’s General Data Protection Regulation (GDPR), increasing their maturity in different aspects of GDPR.

Internet
1  sur  12
Télécharger pour lire hors ligne
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787068. Project Start-up
2 7 KEY PRINCIPLES • Lawfulness, fairness and transparency • Purpose limitation • Data minimization • Integrity and confidentiality • Storage limitation • Accuracy • Accountability ACCOUNTABILITY • Contractual organization • Privacy-by-design & Privacy-by-default • Records of data processing activities • Privacy Impact Assessments • Data Protection Officer RIGHTS OF INDIVIDUALS • Information • Access • Rectification • Erasure • Restriction • Portability • Objection • Automated decision-making / profiling GDPR: CHALLENGES Project Start-up
3 IMPLEMENTING PRIVACY BY DESIGN/PRIVACY ENGINEERING Implement technical and organization measures to show that the origination has considered and integrated data compliance measures into data processing activities DATA DE-IDENTIFICATION/ ANONYMIZATION Assess and implement anonymization and pseudonymization techniques to fall outside the scope of the GDPR or comply with certain requirements MEETING REGULATORY REPORTING REQUIREMENTS Set up methods to review compliance activities and keep records for internal and external reporting to demonstrate compliance (e.g. privacy notices and records of privacy-related escalation handling activities) ADDRESSING INTERNATIONAL DATA TRANSFERS Map international data flows and manage mechanism to allow for transfer of data to non-EEA countries (BCRs, MCCs, Privacy Shield, etc.) DEVELOPING A GDPR PRIVACY PLAN Conduct a comprehensive assessment of the organization readiness for GDPR and develop a plan of action to reach compliance CREATING A THIRD PARTY MANAGEMENT PROGRAM Manage third party vendor risk and create policies, procedures and on- going management to ensure third party compliance and implementation of necessary contractual arrangements MANAGING PRIVACY COMPLAINTS AND INDIVIDUAL RIGHTS Develop processes and policies to respond to requests made by individuals (right to information but also access, rectification, restriction, objection, erasure and portability rights) MANAGING PRIVACY INCIDENTS AND BREACH NOTIFICATION Review information security policies and breach handling incident response plans to comply with the strict formal reporting (notification) obligations CREATING DATA INVENTORY AND MAPS Inventory of processing activities and data flows, classified by data type, purpose and responsibilities. CONDUCTING PRIVACY RISK ASSESSMENTS (PIAs/DPIAs) Design and implement processes to conduct and manage PIAs/DPIAs and risk assessments across the organization, based on legal and regulatory requirements OBTAINING AND MANAGING USER CONTENT Develop processes to comply with new content requirements: ‘a statement or a clear affirmative action’ from the data subject, must be ‘freely given, specific, informed and unambiguous’ Implement physical, technical, and administrative measures to keep personal data secure and confidential through adequate standard or certification SELECTION OF APPROPRIATE SECURITY TECHNICAL AND ORGANISATIONAL MEASURES Project Start-up
4 ORGANISATION START DATE 1 July 2018 CALL TOPIC H2020-DS08-2017 Cybersecurity PPP: Privacy, Data Protection, Digital Identities DURATION 30 months GRANT AMOUNT EUR 2,737,300.00 Project Start-up
5 Design and development of a successful, MARKET-ORIENTED, PLATFORM to support organizations towards GDPR compliance 1 Develop a MODULAR SOLUTION that covers different aspects of the GDPR 2 AUTOMATED methods and techniques to elicit, map and ANALYZE DATA that organizations hold for individuals 3 Advanced modelling languages and methodologies for privacy-by-design and DATA PROTECTION management 4 Specification, management and enforcement of PERSONAL DATA CONSENT 5 Integrated ENCRYPTION AND ANONYMIZATION solutions for GDPR 6 DEPLOYMENT and VALIDATION of the DEFeND platform in real operational environments 7 OBJECTIVES Project Start-up
6 The Model-Driven Privacy Governance (MDPG) paradigm enables building (from an abstract to a concrete level) and analyzing privacy related models following a Privacy-by-Design approach that spans over two levels, the Planning Level and the Operational Level, and across three management areas, i.e. Data Scope, Data Process and Data Breach DEFeND PARADIGM Project Start-up
7 DATA SCOPE MANAGEMENT (DSM) DATA PROCESS MANAGEMENT (DPM) DATA BREACH MANAGEMENT (DBM) Data flows Identify data, assets Identify accountability Organisational information establishments DEFeND PLATFORM toward GDPR compliance Personal data consent ART. 6, 7, 8, 13,14 Data access rights ART. 15 Security and privacy specification ART. 24 ART. 4 ART. 4 ART. 4 ART. 5 Data Breach Plan Specification ART. 34 Data Protection Impact Assessment (DPIA) Security and Privacy Threats Privacy by Design Data transparency, lawfulness, minimisation ART. 35 ART. 23 ART. 25 ART. 4, 25 Security and Privacy Technologies ART. 32 Privacy Data Consent Monitoring and Notification ART. 19 Data breach Detection, Notification and Response ART. 23, 33, 34, 36 PLANNING LEVEL OPERATIONAL LEVEL Project Start-up
8 DEFeND ARCHITECTURE DATA ASSESSMENT COMPONENT (DAC) Organisation Data Collection Assessment Translator Data Privacy Model DATA PRIVACY ANALYSIS COMPONENT (DPAC) PRIVACY SPECIFICATION COMPONENT (PSC) PRIVACY IMPLEMENTATION AND MONITORING COMPONENT (PIMC) Security/Privacy Technologies Data Access Rights Analysis Consent Analysis Security/Privacy Specification Model Privacy Data Consent (PDC) Model Privacy Technologies Runtime Privacy Data Consent Monitoring Notification DATASCOPE MANAGEMENT(DSM) DATAPROCESS MANAGEMENT(DPM) Data Breach Modelling and Analysis Data breach Detection and Response DATA BREACH COMPONENT (DBC) DATABREACH MANAGEMENT(DBM) Data Breach Model Data Assessment Model DPIA Analysis Data Minimisation Analysis Threat AnalysisPrivacy by Design/Default Project Start-up
9 dashBoardBackEnd GDPR Authorities Report Organisational Information Data Assessment Model Privacy Data Consent Model GDPR Report Security/Privacy Specification Model Breach Notification DATA CONTROLLER-PROCESSOR DATA SUBJECT SUPERVISORY AUTHORITIES GDPR Readiness Report Consent Preferences Privacy Data Consent Model Privacy Implementation and Monitoring Component (PIMC) Data Assessment Component (DAC) GDPR Reporting Service Data Scope Management Service (DSM) GDPR Planning Service Data Breach Management Service (DSM) Data Process Management Service (DPM) Data Privacy Analysis Component (DPAC) Data Breach Component (DBC) Privacy Specification Component (PSC) GDPR DASHBOARD Project Start-up
10 T6.1: Dissemination and public communication T6.2: Exploitation, Business and Commercialization T6.3: Training and Awareness T6.4: Projects and stakeholders networking WP6: DISSEMINATION AND EXPLOITATION T5.1: Pilots’ preparations T5.2: Pilots’ execution and evaluation T5.3: Pilots’ final demonstration WP5: PILOTS PREPARATION AND EXECCUTION T4.1: Services’ integration T4.2: Security and Legal Compliance Audit T4.3: Platform Testing and Refinement WP4: INTEGRATION, DEPLOYMENT AND TESTING T3.1: Data Scope Management T3.2: Data Process Management T3.3: Data Breach Management T4.4: Dashboard WP3: DEVELOPMENT OF PLATFORMS SERVICES T1.1: Project Management T2.2: Quality and Innovation Management T2.3: Compliance and Ethics Management T1.4: Technical Management T1.5: Security Advisory Board WP1: PROJECT, QUALITY AND COMPLIANCE MANAGEMENT WORK PLAN T2.1: Requirements and Specifications T2.2: Privacy and Compliance Requirements T2.3: Platform Architecture T2.4: Definition of pilots’ scenarios WP2: REQUIREMENTS AND ARCHITECTURE
11 ENERGY SECTOR (PRIVATE) GP (France) BANKING SECTOR (PRIVATE) ABILab (Italy) HEALTH CARE (PUBLIC) Fundacion Para la Investigacion Biomedica Hospital Infantil Universitario Niño Jesus (Spain) PUBLIC ADMINISTRATION (PUBLIC) PESHTERA MUNICIPALITY (Bulgaria) DEFeND platform will be tested in operational environment (TRL 7) for two different types of scenarios across four sectors, focusing on the GDPR compliance process for end-users and on the GDPR implications for external stakeholders. DEFeND PILOTS Project Start-up
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787068. THANK YOU Contacts Coordinator: Beatriz Gallego-Nicasio Crespo, Atos, beatriz.gallego-nicasio@atos.net Technical Manager: Prof. Haralambos (Haris) Mouratidis, UoB, H.Mouratidis@brighton.ac.uk Communication: info@defendproject.eu | Project website: www.defendproject.eu

Recommandé

Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
A practical guide to GDPR preparation
A practical guide to GDPR preparationA practical guide to GDPR preparation
A practical guide to GDPR preparationPromapp Solutions
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]TrustArc
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceIDERA Software
 
Pronti per la legge sulla data protection GDPR? No Panic! - Stefano Sali, Dom...
Pronti per la legge sulla data protection GDPR? No Panic! - Stefano Sali, Dom...Pronti per la legge sulla data protection GDPR? No Panic! - Stefano Sali, Dom...
Pronti per la legge sulla data protection GDPR? No Panic! - Stefano Sali, Dom...Codemotion
 

Recommandé

Beginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyBeginning your General Data Protection Regulation (GDPR) Journey
Beginning your General Data Protection Regulation (GDPR) JourneyMicrosoft Österreich
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
A practical guide to GDPR preparation
A practical guide to GDPR preparationA practical guide to GDPR preparation
A practical guide to GDPR preparationPromapp Solutions
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]TrustArc
 
Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion Love Cloud GDPR Event
Vuzion Love Cloud GDPR Event Vuzion
 
GDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceGDPR: Your Journey to Compliance
GDPR: Your Journey to ComplianceCobweb
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceIDERA Software
 
Pronti per la legge sulla data protection GDPR? No Panic! - Stefano Sali, Dom...
Pronti per la legge sulla data protection GDPR? No Panic! - Stefano Sali, Dom...Pronti per la legge sulla data protection GDPR? No Panic! - Stefano Sali, Dom...
Pronti per la legge sulla data protection GDPR? No Panic! - Stefano Sali, Dom...Codemotion
 
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]TrustArc
 
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Codemotion
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingDimitri Sirota
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideZymplify
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera
 
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...Jeff Kelly
 
GDPR changes affect direct marketing
GDPR changes affect direct marketingGDPR changes affect direct marketing
GDPR changes affect direct marketingSpotler
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID Inc
 
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...TrustArc
 
Quick Introduction to the EU GDPR by Sami Zahran
Quick Introduction to the EU GDPR by Sami ZahranQuick Introduction to the EU GDPR by Sami Zahran
Quick Introduction to the EU GDPR by Sami ZahranDr. Sami Zahran
 
The Right Steps to Becoming GDPR Compliant
The Right Steps to Becoming GDPR CompliantThe Right Steps to Becoming GDPR Compliant
The Right Steps to Becoming GDPR CompliantWSO2
 
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID Inc
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role HackerOne
 
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...TrustArc
 
GDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowGDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowRachel Roach
 
The Role of GDPR in Customer Identity and Access Management
The Role of GDPR in Customer Identity and Access ManagementThe Role of GDPR in Customer Identity and Access Management
The Role of GDPR in Customer Identity and Access ManagementWSO2
 
Microsoft sql-and-the-gdpr
Microsoft sql-and-the-gdprMicrosoft sql-and-the-gdpr
Microsoft sql-and-the-gdprReham Maher El-Safarini
 
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data PrivacyPriyanka Aash
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]TrustArc
 
Why We Require GDPR?
Why We Require GDPR?Why We Require GDPR?
Why We Require GDPR?Jatin Kochhar
 
Mcis 2018 DEFeND Project
Mcis 2018 DEFeND Project Mcis 2018 DEFeND Project
Mcis 2018 DEFeND Project DEFeND Project
 
Toreon adding privacy by design in secure application development oss18 v20...
Toreon adding privacy by design in secure application development oss18 v20...Toreon adding privacy by design in secure application development oss18 v20...
Toreon adding privacy by design in secure application development oss18 v20...Sebastien Deleersnyder
 

Contenu connexe

Tendances

Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]TrustArc
 
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Codemotion
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingDimitri Sirota
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideZymplify
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera
 
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...Jeff Kelly
 
GDPR changes affect direct marketing
GDPR changes affect direct marketingGDPR changes affect direct marketing
GDPR changes affect direct marketingSpotler
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID Inc
 
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...TrustArc
 
Quick Introduction to the EU GDPR by Sami Zahran
Quick Introduction to the EU GDPR by Sami ZahranQuick Introduction to the EU GDPR by Sami Zahran
Quick Introduction to the EU GDPR by Sami ZahranDr. Sami Zahran
 
The Right Steps to Becoming GDPR Compliant
The Right Steps to Becoming GDPR CompliantThe Right Steps to Becoming GDPR Compliant
The Right Steps to Becoming GDPR CompliantWSO2
 
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID Inc
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role HackerOne
 
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...TrustArc
 
GDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowGDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowRachel Roach
 
The Role of GDPR in Customer Identity and Access Management
The Role of GDPR in Customer Identity and Access ManagementThe Role of GDPR in Customer Identity and Access Management
The Role of GDPR in Customer Identity and Access ManagementWSO2
 
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data PrivacyPriyanka Aash
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]TrustArc
 
Why We Require GDPR?
Why We Require GDPR?Why We Require GDPR?
Why We Require GDPR?Jatin Kochhar
 

Tendances (20)

Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
 
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
Pronti per la legge sulla data protection GDPR? No Panic! - Domenico Maracci,...
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and Tagging
 
Ensuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify GuideEnsuring GDPR Compliance - A Zymplify Guide
Ensuring GDPR Compliance - A Zymplify Guide
 
Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020Privacera Databricks CCPA Webinar Feb 2020
Privacera Databricks CCPA Webinar Feb 2020
 
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
CCPA Compliance for Analytics and Data Science Use Cases with Databricks and ...
 
GDPR changes affect direct marketing
GDPR changes affect direct marketingGDPR changes affect direct marketing
GDPR changes affect direct marketing
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
 
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
Demonstrating Compliance & the Role of Certification Under the GDPR [Webinar ...
 
Quick Introduction to the EU GDPR by Sami Zahran
Quick Introduction to the EU GDPR by Sami ZahranQuick Introduction to the EU GDPR by Sami Zahran
Quick Introduction to the EU GDPR by Sami Zahran
 
The Right Steps to Becoming GDPR Compliant
The Right Steps to Becoming GDPR CompliantThe Right Steps to Becoming GDPR Compliant
The Right Steps to Becoming GDPR Compliant
 
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
BigID & Collibra Joint Deck: Using BigID’s Privacy-centric Data Discovery to...
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role
 
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
Benchmarking Your GDPR Compliance: Will You Make the Grade? [TrustArc Webinar...
 
GDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to KnowGDPR & Your Cloud Provider - What You Need to Know
GDPR & Your Cloud Provider - What You Need to Know
 
The Role of GDPR in Customer Identity and Access Management
The Role of GDPR in Customer Identity and Access ManagementThe Role of GDPR in Customer Identity and Access Management
The Role of GDPR in Customer Identity and Access Management
 
Microsoft sql-and-the-gdpr
Microsoft sql-and-the-gdprMicrosoft sql-and-the-gdpr
Microsoft sql-and-the-gdpr
 
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy
(SACON) Shivangi Nadkarni & Sandeep Rao - An introduction to Data Privacy
 
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
Building Your DPIA/PIA Program: Tips & Case Studies [TrustArc Webinar Slides]
 
Why We Require GDPR?
Why We Require GDPR?Why We Require GDPR?
Why We Require GDPR?
 

Similaire à DEFeND Project Presentation - July 2018

Mcis 2018 DEFeND Project
Mcis 2018 DEFeND Project Mcis 2018 DEFeND Project
Mcis 2018 DEFeND Project DEFeND Project
 
Toreon adding privacy by design in secure application development oss18 v20...
Toreon adding privacy by design in secure application development oss18 v20...Toreon adding privacy by design in secure application development oss18 v20...
Toreon adding privacy by design in secure application development oss18 v20...Sebastien Deleersnyder
 
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCapgemini
 
Whos role is it anyway
Whos role is it anywayWhos role is it anyway
Whos role is it anywayIRIS
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRMatt Stubbs
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers Gary Dodson
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerCapgemini
 
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for complianceGDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for complianceCloudera, Inc.
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSAUlf Mattsson
 
Using GDPR to Transform Customer Experience
Using GDPR to Transform Customer ExperienceUsing GDPR to Transform Customer Experience
Using GDPR to Transform Customer ExperienceMongoDB
 
Partner enablement GDPR
Partner enablement GDPRPartner enablement GDPR
Partner enablement GDPRJuan Niekerk
 
Looking Beyond GDPR Compliance Deadline
Looking Beyond GDPR Compliance DeadlineLooking Beyond GDPR Compliance Deadline
Looking Beyond GDPR Compliance Deadlineaccenture
 
Partner enablement GDPR
Partner enablement GDPRPartner enablement GDPR
Partner enablement GDPRJuan Niekerk
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...ARMA International
 
MRS Operations Network: GDPR - Organisational Measures
MRS Operations Network: GDPR - Organisational MeasuresMRS Operations Network: GDPR - Organisational Measures
MRS Operations Network: GDPR - Organisational MeasuresMRS
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Complianceaccenture
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPRPaul O'Carroll
 

Similaire à DEFeND Project Presentation - July 2018 (20)

Mcis 2018 DEFeND Project
Mcis 2018 DEFeND Project Mcis 2018 DEFeND Project
Mcis 2018 DEFeND Project
 
Toreon adding privacy by design in secure application development oss18 v20...
Toreon adding privacy by design in secure application development oss18 v20...Toreon adding privacy by design in secure application development oss18 v20...
Toreon adding privacy by design in secure application development oss18 v20...
 
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) planCWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
CWIN17 san francisco-geert vanderlinden-don't be stranded without a (gdpr) plan
 
Whos role is it anyway
Whos role is it anywayWhos role is it anyway
Whos role is it anyway
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program Implementation
 
Big Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPRBig Data LDN 2017: Applied AI for GDPR
Big Data LDN 2017: Applied AI for GDPR
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers GDPR solutions (JS Event 28/2/18) | Greenlight Computers
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
 
Data- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offerData- and database security & GDPR: end-to-end offer
Data- and database security & GDPR: end-to-end offer
 
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for complianceGDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
 
GDPR How to get started?
GDPR How to get started?GDPR How to get started?
GDPR How to get started?
 
Gdpr action plan - ISSA
Gdpr action plan - ISSAGdpr action plan - ISSA
Gdpr action plan - ISSA
 
Using GDPR to Transform Customer Experience
Using GDPR to Transform Customer ExperienceUsing GDPR to Transform Customer Experience
Using GDPR to Transform Customer Experience
 
Partner enablement GDPR
Partner enablement GDPRPartner enablement GDPR
Partner enablement GDPR
 
Looking Beyond GDPR Compliance Deadline
Looking Beyond GDPR Compliance DeadlineLooking Beyond GDPR Compliance Deadline
Looking Beyond GDPR Compliance Deadline
 
Partner enablement GDPR
Partner enablement GDPRPartner enablement GDPR
Partner enablement GDPR
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
 
MRS Operations Network: GDPR - Organisational Measures
MRS Operations Network: GDPR - Organisational MeasuresMRS Operations Network: GDPR - Organisational Measures
MRS Operations Network: GDPR - Organisational Measures
 
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) ComplianceGeneral Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Compliance
 
Teradata's approach to addressing GDPR
Teradata's approach to addressing GDPRTeradata's approach to addressing GDPR
Teradata's approach to addressing GDPR
 
Privacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4EPrivacy Data Protection for Engineers - PDP4E
Privacy Data Protection for Engineers - PDP4E
 

Dernier

Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationMarko4394
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 

Dernier (20)

Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
NSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentationNSX-T and Service Interfaces presentation
NSX-T and Service Interfaces presentation
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 

DEFeND Project Presentation - July 2018

  • 1. This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787068. Project Start-up
  • 2. 2 7 KEY PRINCIPLES • Lawfulness, fairness and transparency • Purpose limitation • Data minimization • Integrity and confidentiality • Storage limitation • Accuracy • Accountability ACCOUNTABILITY • Contractual organization • Privacy-by-design & Privacy-by-default • Records of data processing activities • Privacy Impact Assessments • Data Protection Officer RIGHTS OF INDIVIDUALS • Information • Access • Rectification • Erasure • Restriction • Portability • Objection • Automated decision-making / profiling GDPR: CHALLENGES Project Start-up
  • 3. 3 IMPLEMENTING PRIVACY BY DESIGN/PRIVACY ENGINEERING Implement technical and organization measures to show that the origination has considered and integrated data compliance measures into data processing activities DATA DE-IDENTIFICATION/ ANONYMIZATION Assess and implement anonymization and pseudonymization techniques to fall outside the scope of the GDPR or comply with certain requirements MEETING REGULATORY REPORTING REQUIREMENTS Set up methods to review compliance activities and keep records for internal and external reporting to demonstrate compliance (e.g. privacy notices and records of privacy-related escalation handling activities) ADDRESSING INTERNATIONAL DATA TRANSFERS Map international data flows and manage mechanism to allow for transfer of data to non-EEA countries (BCRs, MCCs, Privacy Shield, etc.) DEVELOPING A GDPR PRIVACY PLAN Conduct a comprehensive assessment of the organization readiness for GDPR and develop a plan of action to reach compliance CREATING A THIRD PARTY MANAGEMENT PROGRAM Manage third party vendor risk and create policies, procedures and on- going management to ensure third party compliance and implementation of necessary contractual arrangements MANAGING PRIVACY COMPLAINTS AND INDIVIDUAL RIGHTS Develop processes and policies to respond to requests made by individuals (right to information but also access, rectification, restriction, objection, erasure and portability rights) MANAGING PRIVACY INCIDENTS AND BREACH NOTIFICATION Review information security policies and breach handling incident response plans to comply with the strict formal reporting (notification) obligations CREATING DATA INVENTORY AND MAPS Inventory of processing activities and data flows, classified by data type, purpose and responsibilities. CONDUCTING PRIVACY RISK ASSESSMENTS (PIAs/DPIAs) Design and implement processes to conduct and manage PIAs/DPIAs and risk assessments across the organization, based on legal and regulatory requirements OBTAINING AND MANAGING USER CONTENT Develop processes to comply with new content requirements: ‘a statement or a clear affirmative action’ from the data subject, must be ‘freely given, specific, informed and unambiguous’ Implement physical, technical, and administrative measures to keep personal data secure and confidential through adequate standard or certification SELECTION OF APPROPRIATE SECURITY TECHNICAL AND ORGANISATIONAL MEASURES Project Start-up
  • 4. 4 ORGANISATION START DATE 1 July 2018 CALL TOPIC H2020-DS08-2017 Cybersecurity PPP: Privacy, Data Protection, Digital Identities DURATION 30 months GRANT AMOUNT EUR 2,737,300.00 Project Start-up
  • 5. 5 Design and development of a successful, MARKET-ORIENTED, PLATFORM to support organizations towards GDPR compliance 1 Develop a MODULAR SOLUTION that covers different aspects of the GDPR 2 AUTOMATED methods and techniques to elicit, map and ANALYZE DATA that organizations hold for individuals 3 Advanced modelling languages and methodologies for privacy-by-design and DATA PROTECTION management 4 Specification, management and enforcement of PERSONAL DATA CONSENT 5 Integrated ENCRYPTION AND ANONYMIZATION solutions for GDPR 6 DEPLOYMENT and VALIDATION of the DEFeND platform in real operational environments 7 OBJECTIVES Project Start-up
  • 6. 6 The Model-Driven Privacy Governance (MDPG) paradigm enables building (from an abstract to a concrete level) and analyzing privacy related models following a Privacy-by-Design approach that spans over two levels, the Planning Level and the Operational Level, and across three management areas, i.e. Data Scope, Data Process and Data Breach DEFeND PARADIGM Project Start-up
  • 7. 7 DATA SCOPE MANAGEMENT (DSM) DATA PROCESS MANAGEMENT (DPM) DATA BREACH MANAGEMENT (DBM) Data flows Identify data, assets Identify accountability Organisational information establishments DEFeND PLATFORM toward GDPR compliance Personal data consent ART. 6, 7, 8, 13,14 Data access rights ART. 15 Security and privacy specification ART. 24 ART. 4 ART. 4 ART. 4 ART. 5 Data Breach Plan Specification ART. 34 Data Protection Impact Assessment (DPIA) Security and Privacy Threats Privacy by Design Data transparency, lawfulness, minimisation ART. 35 ART. 23 ART. 25 ART. 4, 25 Security and Privacy Technologies ART. 32 Privacy Data Consent Monitoring and Notification ART. 19 Data breach Detection, Notification and Response ART. 23, 33, 34, 36 PLANNING LEVEL OPERATIONAL LEVEL Project Start-up
  • 8. 8 DEFeND ARCHITECTURE DATA ASSESSMENT COMPONENT (DAC) Organisation Data Collection Assessment Translator Data Privacy Model DATA PRIVACY ANALYSIS COMPONENT (DPAC) PRIVACY SPECIFICATION COMPONENT (PSC) PRIVACY IMPLEMENTATION AND MONITORING COMPONENT (PIMC) Security/Privacy Technologies Data Access Rights Analysis Consent Analysis Security/Privacy Specification Model Privacy Data Consent (PDC) Model Privacy Technologies Runtime Privacy Data Consent Monitoring Notification DATASCOPE MANAGEMENT(DSM) DATAPROCESS MANAGEMENT(DPM) Data Breach Modelling and Analysis Data breach Detection and Response DATA BREACH COMPONENT (DBC) DATABREACH MANAGEMENT(DBM) Data Breach Model Data Assessment Model DPIA Analysis Data Minimisation Analysis Threat AnalysisPrivacy by Design/Default Project Start-up
  • 9. 9 dashBoardBackEnd GDPR Authorities Report Organisational Information Data Assessment Model Privacy Data Consent Model GDPR Report Security/Privacy Specification Model Breach Notification DATA CONTROLLER-PROCESSOR DATA SUBJECT SUPERVISORY AUTHORITIES GDPR Readiness Report Consent Preferences Privacy Data Consent Model Privacy Implementation and Monitoring Component (PIMC) Data Assessment Component (DAC) GDPR Reporting Service Data Scope Management Service (DSM) GDPR Planning Service Data Breach Management Service (DSM) Data Process Management Service (DPM) Data Privacy Analysis Component (DPAC) Data Breach Component (DBC) Privacy Specification Component (PSC) GDPR DASHBOARD Project Start-up
  • 10. 10 T6.1: Dissemination and public communication T6.2: Exploitation, Business and Commercialization T6.3: Training and Awareness T6.4: Projects and stakeholders networking WP6: DISSEMINATION AND EXPLOITATION T5.1: Pilots’ preparations T5.2: Pilots’ execution and evaluation T5.3: Pilots’ final demonstration WP5: PILOTS PREPARATION AND EXECCUTION T4.1: Services’ integration T4.2: Security and Legal Compliance Audit T4.3: Platform Testing and Refinement WP4: INTEGRATION, DEPLOYMENT AND TESTING T3.1: Data Scope Management T3.2: Data Process Management T3.3: Data Breach Management T4.4: Dashboard WP3: DEVELOPMENT OF PLATFORMS SERVICES T1.1: Project Management T2.2: Quality and Innovation Management T2.3: Compliance and Ethics Management T1.4: Technical Management T1.5: Security Advisory Board WP1: PROJECT, QUALITY AND COMPLIANCE MANAGEMENT WORK PLAN T2.1: Requirements and Specifications T2.2: Privacy and Compliance Requirements T2.3: Platform Architecture T2.4: Definition of pilots’ scenarios WP2: REQUIREMENTS AND ARCHITECTURE
  • 11. 11 ENERGY SECTOR (PRIVATE) GP (France) BANKING SECTOR (PRIVATE) ABILab (Italy) HEALTH CARE (PUBLIC) Fundacion Para la Investigacion Biomedica Hospital Infantil Universitario Niño Jesus (Spain) PUBLIC ADMINISTRATION (PUBLIC) PESHTERA MUNICIPALITY (Bulgaria) DEFeND platform will be tested in operational environment (TRL 7) for two different types of scenarios across four sectors, focusing on the GDPR compliance process for end-users and on the GDPR implications for external stakeholders. DEFeND PILOTS Project Start-up
  • 12. This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787068. THANK YOU Contacts Coordinator: Beatriz Gallego-Nicasio Crespo, Atos, beatriz.gallego-nicasio@atos.net Technical Manager: Prof. Haralambos (Haris) Mouratidis, UoB, H.Mouratidis@brighton.ac.uk Communication: info@defendproject.eu | Project website: www.defendproject.eu