SlideShare une entreprise Scribd logo

#Ready4EUdataP Pianificare oggi per essere pronti fra 24 mesi Sergio Fumagalli

EuroPrivacy
EuroPrivacy

Le Slide dell'intervento di Sergio Fumagalli alla giornata #Ready4EUdataP organizzata da Europrivacy

Business
1  sur  10
Télécharger pour lire hors ligne
Pianificare oggi per essere pronti fra 24 mesi Sergio Fumagalli, Clusit - ZEROPIU Milano, 29 GENNAIO 2016 #READY4EUDATAP
#READY4EUDATAP 2016 2017 2018 Mar Apr Mag Giu Lug Ago Set Ott Nov Dic Gen Feb Mar Apr Mag Giu Lug Ago Set Ott Nov Dic Gen Feb Budget 2017 Budget 2018 Article 91 Entry into force and application 1. This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union. 2. It shall apply from [two years from the date referred to in paragraph 1]. * * OJ: insert the date This Regulation shall be binding in its entirety and directly applicable in all Member States. Analyse, evaluate, test, decide Design, develop, train Implement Why care now?
#READY4EUDATAP Months Organization Processes Technology Training Control Security measures & Risk Management Data Protection Officer Data Breach Privacy by Design Data Controller/Processor Profilazione It takes time
#READY4EUDATAP Prevent • Review: policies, security measures, technologies, awareness • Design: new policies/measures • Implement: technologies, training • Keep informed: trends, technologies, malware Detect • The sooner the better: less damages, less responsibilities • Monitoring: processes, responsibilities • Document: what, when, why, where • Keep informed: trends, technologies, malware React • Countermeasures: stop breach, minimize damages • Evaluate: personal data, which ones, how many people, how long • Comply: which laws/regulations/policies • Communicate: Management, Supervisor, Data subject, Market One example: data breach
#READY4EUDATAP Article 32 Communication of a personal data breach to the data subject 1. … the controller shall communicate the personal data breach to the data subject without undue delay 2. … 3. The communication to the data subject … shall not be required if: (a) the controller has implemented appropriate technical and organisational protection measures, … the data unintelligible to any person who is not authorised to access it, such as encryption; or … 2016 2017 2018 Mar Apr Mag Giu Lug Ago Set Ott Nov Dic Gen Feb Mar Apr Mag Giu Lug Ago Set Ott Nov Dic Gen Feb Budget 2017 Budget 2018 One example: data breach
#READY4EUDATAP Article 77 Right to compensation and liability 1. Any person who has suffered material or immaterial damage as a result of an infringement of the Regulation shall have the right to receive compensation from the controller or processor for the damage suffered. 2. Any controller involved in the processing shall be liable for the damage caused by the processing which is not in compliance with this Regulation. … 3. A controller or processor shall be exempted from liability in accordance with paragraph 2 if it proves that it is not in any way responsible for the event giving rise to the damage. 4. …, each controller or processor shall be held liable for the entire damage, in order to ensure effective compensation of the data subject. The cost of not complying Not only Fines Full liability Cost of proving exemption
#READY4EUDATAP Article 79 General conditions for imposing administrative fines … 2a. … When deciding whether to impose … and deciding on the amount of the administrative fine … due regard shall be given to the following: (a) the nature, gravity and … … (e) the degree of responsibility … having regard to technical and organisational measures implemented by them pursuant to Articles 23 and 30; 3(new). Infringments of the following provisions shall … be subject to administrative fines up to 10 000 000 EUR, or … up to 2% of the total worlwide annual turnover … whichever is higher: (a) the obligations … pursuant to Articles 8, 10, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 39 and 39a; 3a(new). Infringments of the following provisions shall… be subject to administrative fines up to 20 000 000 EUR, … up to 4% of the total worlwide annual turnover …, whichever is higher: (a) the basic principles for processing, including conditions for consent, pursuant to Articles 5, 6, 7 and 9; (b) the data subjects’ rights pursuant to Articles 12-20; (ba) the transfers of personal data to a recipient in a third country or an international organisation pursuant to Articles 40-44 Fines and liabilities can impact on the bottom line The cost of not complying Article 23 Data protection by design and by default Article 30 Security of processing
#READY4EUDATAP The benefit of complying Cobit ISO 2700x GDPR PCIdss 285 (263) SOX … Personal data ore just one of the assets to protect Standards, methodologies, best practices, laws and regulations converge Each asset protection benefits from each compliance Compliance siloes reduce benefits
#READY4EUDATAP Cobit ISO 2700x GDPR PCIdss 285 (263) SOX … Contratti Brevetti Digital transform ation Strategie Organigra mmi Business continuity Data protection Can your boss afford posponing?
#READY4EUDATAP Facci una domanda sul Blog Contattaci su Twitter

Recommandé

Europrivacy Guasconi il dpo e gli schemi di certificazione
Europrivacy Guasconi il dpo e gli schemi di certificazioneEuroprivacy Guasconi il dpo e gli schemi di certificazione
Europrivacy Guasconi il dpo e gli schemi di certificazione
EuroPrivacy
 
#Ready4EUdataP EXTENDED Version - Misure di Sicurezza e Risk Management nel G...
#Ready4EUdataP EXTENDED Version - Misure di Sicurezza e Risk Management nel G...#Ready4EUdataP EXTENDED Version - Misure di Sicurezza e Risk Management nel G...
#Ready4EUdataP EXTENDED Version - Misure di Sicurezza e Risk Management nel G...
EuroPrivacy
 
La sicurezza nel regolamento 679/2016 (GDPR)
La sicurezza nel regolamento 679/2016 (GDPR)La sicurezza nel regolamento 679/2016 (GDPR)
La sicurezza nel regolamento 679/2016 (GDPR)
EuroPrivacy
 
GDPR Tutorial - 1 Considerazioni generali - prima parte
GDPR Tutorial - 1 Considerazioni generali - prima parteGDPR Tutorial - 1 Considerazioni generali - prima parte
GDPR Tutorial - 1 Considerazioni generali - prima parte
Massimo Carnevali
 
GDPR Tutorial - 3 Titolari, responsabili e soggetti
GDPR Tutorial - 3 Titolari, responsabili e soggettiGDPR Tutorial - 3 Titolari, responsabili e soggetti
GDPR Tutorial - 3 Titolari, responsabili e soggetti
Massimo Carnevali
 
Forum ICT Security 2016 - Regolamento EU 2016/679: le tecnologie a protezione...
Forum ICT Security 2016 - Regolamento EU 2016/679: le tecnologie a protezione...Forum ICT Security 2016 - Regolamento EU 2016/679: le tecnologie a protezione...
Forum ICT Security 2016 - Regolamento EU 2016/679: le tecnologie a protezione...
Par-Tec S.p.A.
 
5. sergio fumagalli il gdpr e le pmi, i codici di condotta -convegno 17 01 17
5. sergio fumagalli il gdpr e le pmi, i codici di condotta -convegno 17 01 175. sergio fumagalli il gdpr e le pmi, i codici di condotta -convegno 17 01 17
5. sergio fumagalli il gdpr e le pmi, i codici di condotta -convegno 17 01 17
EuroPrivacy
 
Meeting with the sponsors (Nov 25th, 2016) - plan
Meeting with the sponsors (Nov 25th, 2016) - plan Meeting with the sponsors (Nov 25th, 2016) - plan
Meeting with the sponsors (Nov 25th, 2016) - plan
EuroPrivacy
 

Recommandé

Europrivacy Guasconi il dpo e gli schemi di certificazione
Europrivacy Guasconi il dpo e gli schemi di certificazioneEuroprivacy Guasconi il dpo e gli schemi di certificazione
Europrivacy Guasconi il dpo e gli schemi di certificazione
EuroPrivacy
 
#Ready4EUdataP EXTENDED Version - Misure di Sicurezza e Risk Management nel G...
#Ready4EUdataP EXTENDED Version - Misure di Sicurezza e Risk Management nel G...#Ready4EUdataP EXTENDED Version - Misure di Sicurezza e Risk Management nel G...
#Ready4EUdataP EXTENDED Version - Misure di Sicurezza e Risk Management nel G...
EuroPrivacy
 
La sicurezza nel regolamento 679/2016 (GDPR)
La sicurezza nel regolamento 679/2016 (GDPR)La sicurezza nel regolamento 679/2016 (GDPR)
La sicurezza nel regolamento 679/2016 (GDPR)
EuroPrivacy
 
GDPR Tutorial - 1 Considerazioni generali - prima parte
GDPR Tutorial - 1 Considerazioni generali - prima parteGDPR Tutorial - 1 Considerazioni generali - prima parte
GDPR Tutorial - 1 Considerazioni generali - prima parte
Massimo Carnevali
 
GDPR Tutorial - 3 Titolari, responsabili e soggetti
GDPR Tutorial - 3 Titolari, responsabili e soggettiGDPR Tutorial - 3 Titolari, responsabili e soggetti
GDPR Tutorial - 3 Titolari, responsabili e soggetti
Massimo Carnevali
 
Forum ICT Security 2016 - Regolamento EU 2016/679: le tecnologie a protezione...
Forum ICT Security 2016 - Regolamento EU 2016/679: le tecnologie a protezione...Forum ICT Security 2016 - Regolamento EU 2016/679: le tecnologie a protezione...
Forum ICT Security 2016 - Regolamento EU 2016/679: le tecnologie a protezione...
Par-Tec S.p.A.
 
5. sergio fumagalli il gdpr e le pmi, i codici di condotta -convegno 17 01 17
5. sergio fumagalli il gdpr e le pmi, i codici di condotta -convegno 17 01 175. sergio fumagalli il gdpr e le pmi, i codici di condotta -convegno 17 01 17
5. sergio fumagalli il gdpr e le pmi, i codici di condotta -convegno 17 01 17
EuroPrivacy
 
Meeting with the sponsors (Nov 25th, 2016) - plan
Meeting with the sponsors (Nov 25th, 2016) - plan Meeting with the sponsors (Nov 25th, 2016) - plan
Meeting with the sponsors (Nov 25th, 2016) - plan
EuroPrivacy
 
Meeting with the sponsors (Nov 25th, 2016) - status
Meeting with the sponsors (Nov 25th, 2016) - statusMeeting with the sponsors (Nov 25th, 2016) - status
Meeting with the sponsors (Nov 25th, 2016) - status
EuroPrivacy
 
#Ready4EUdataP Il GDPR: obbiettivi, innovazioni, compromessi, Cosimo Comella,...
#Ready4EUdataP Il GDPR: obbiettivi, innovazioni, compromessi, Cosimo Comella,...#Ready4EUdataP Il GDPR: obbiettivi, innovazioni, compromessi, Cosimo Comella,...
#Ready4EUdataP Il GDPR: obbiettivi, innovazioni, compromessi, Cosimo Comella,...
EuroPrivacy
 
#Ready4EUdataP Profilazione versus Anonimizzazione Stefano Tagliabue
#Ready4EUdataP Profilazione versus Anonimizzazione Stefano Tagliabue#Ready4EUdataP Profilazione versus Anonimizzazione Stefano Tagliabue
#Ready4EUdataP Profilazione versus Anonimizzazione Stefano Tagliabue
EuroPrivacy
 
#Ready4EUdataP Data Processor: nuove responsabilità per i fornitori di serviz...
#Ready4EUdataP Data Processor: nuove responsabilità per i fornitori di serviz...#Ready4EUdataP Data Processor: nuove responsabilità per i fornitori di serviz...
#Ready4EUdataP Data Processor: nuove responsabilità per i fornitori di serviz...
EuroPrivacy
 
#Ready4EUdataP Privacy by Design: effetti pratici sui sistemi IT Giancarlo Butti
#Ready4EUdataP Privacy by Design: effetti pratici sui sistemi IT Giancarlo Butti#Ready4EUdataP Privacy by Design: effetti pratici sui sistemi IT Giancarlo Butti
#Ready4EUdataP Privacy by Design: effetti pratici sui sistemi IT Giancarlo Butti
EuroPrivacy
 
#Ready4EUdataP Data Protection Officer, consigli all’uso e certificazioni Bia...
#Ready4EUdataP Data Protection Officer, consigli all’uso e certificazioni Bia...#Ready4EUdataP Data Protection Officer, consigli all’uso e certificazioni Bia...
#Ready4EUdataP Data Protection Officer, consigli all’uso e certificazioni Bia...
EuroPrivacy
 
#Ready4EUdataP Enrico Toso Misure di Sicurezza e Risk Management nel GDPR
#Ready4EUdataP Enrico Toso Misure di Sicurezza e Risk Management nel GDPR#Ready4EUdataP Enrico Toso Misure di Sicurezza e Risk Management nel GDPR
#Ready4EUdataP Enrico Toso Misure di Sicurezza e Risk Management nel GDPR
EuroPrivacy
 
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
pr788182
 
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
meghakumariji156
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Admir Softic
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
IndeedSEO
 
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
gargpaaro
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
Roofing Contractor
 
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Adnet Communications
 
HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024
Hector Del Castillo, CPM, CPMM
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon investment
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
vineshkumarsajnani12
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
pr788182
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Tim Wilson
 
Buy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail AccountsBuy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail Accounts
Buy Verified Cash App Account
 

Contenu connexe

Plus de EuroPrivacy

Plus de EuroPrivacy (7)

Meeting with the sponsors (Nov 25th, 2016) - status
Meeting with the sponsors (Nov 25th, 2016) - statusMeeting with the sponsors (Nov 25th, 2016) - status
Meeting with the sponsors (Nov 25th, 2016) - status
 
#Ready4EUdataP Il GDPR: obbiettivi, innovazioni, compromessi, Cosimo Comella,...
#Ready4EUdataP Il GDPR: obbiettivi, innovazioni, compromessi, Cosimo Comella,...#Ready4EUdataP Il GDPR: obbiettivi, innovazioni, compromessi, Cosimo Comella,...
#Ready4EUdataP Il GDPR: obbiettivi, innovazioni, compromessi, Cosimo Comella,...
 
#Ready4EUdataP Profilazione versus Anonimizzazione Stefano Tagliabue
#Ready4EUdataP Profilazione versus Anonimizzazione Stefano Tagliabue#Ready4EUdataP Profilazione versus Anonimizzazione Stefano Tagliabue
#Ready4EUdataP Profilazione versus Anonimizzazione Stefano Tagliabue
 
#Ready4EUdataP Data Processor: nuove responsabilità per i fornitori di serviz...
#Ready4EUdataP Data Processor: nuove responsabilità per i fornitori di serviz...#Ready4EUdataP Data Processor: nuove responsabilità per i fornitori di serviz...
#Ready4EUdataP Data Processor: nuove responsabilità per i fornitori di serviz...
 
#Ready4EUdataP Privacy by Design: effetti pratici sui sistemi IT Giancarlo Butti
#Ready4EUdataP Privacy by Design: effetti pratici sui sistemi IT Giancarlo Butti#Ready4EUdataP Privacy by Design: effetti pratici sui sistemi IT Giancarlo Butti
#Ready4EUdataP Privacy by Design: effetti pratici sui sistemi IT Giancarlo Butti
 
#Ready4EUdataP Data Protection Officer, consigli all’uso e certificazioni Bia...
#Ready4EUdataP Data Protection Officer, consigli all’uso e certificazioni Bia...#Ready4EUdataP Data Protection Officer, consigli all’uso e certificazioni Bia...
#Ready4EUdataP Data Protection Officer, consigli all’uso e certificazioni Bia...
 
#Ready4EUdataP Enrico Toso Misure di Sicurezza e Risk Management nel GDPR
#Ready4EUdataP Enrico Toso Misure di Sicurezza e Risk Management nel GDPR#Ready4EUdataP Enrico Toso Misure di Sicurezza e Risk Management nel GDPR
#Ready4EUdataP Enrico Toso Misure di Sicurezza e Risk Management nel GDPR
 

Dernier

Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
gargpaaro
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
Roofing Contractor
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
daisycvs
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
vineshkumarsajnani12
 
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service AvailableNashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
pr788182
 

Dernier (20)

Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All TimeCall 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
Call 7737669865 Vadodara Call Girls Service at your Door Step Available All Time
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
 
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
 
HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business Potential
 
Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
 
Buy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail AccountsBuy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail Accounts
 
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NSCROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
 
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service AvailableNashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
Nashik Call Girl Just Call 7091819311 Top Class Call Girl Service Available
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Durg CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN durg ESCORTS
Durg CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN durg ESCORTSDurg CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN durg ESCORTS
Durg CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN durg ESCORTS
 

#Ready4EUdataP Pianificare oggi per essere pronti fra 24 mesi Sergio Fumagalli

  • 1. Pianificare oggi per essere pronti fra 24 mesi Sergio Fumagalli, Clusit - ZEROPIU Milano, 29 GENNAIO 2016 #READY4EUDATAP
  • 2. #READY4EUDATAP 2016 2017 2018 Mar Apr Mag Giu Lug Ago Set Ott Nov Dic Gen Feb Mar Apr Mag Giu Lug Ago Set Ott Nov Dic Gen Feb Budget 2017 Budget 2018 Article 91 Entry into force and application 1. This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union. 2. It shall apply from [two years from the date referred to in paragraph 1]. * * OJ: insert the date This Regulation shall be binding in its entirety and directly applicable in all Member States. Analyse, evaluate, test, decide Design, develop, train Implement Why care now?
  • 3. #READY4EUDATAP Months Organization Processes Technology Training Control Security measures & Risk Management Data Protection Officer Data Breach Privacy by Design Data Controller/Processor Profilazione It takes time
  • 4. #READY4EUDATAP Prevent • Review: policies, security measures, technologies, awareness • Design: new policies/measures • Implement: technologies, training • Keep informed: trends, technologies, malware Detect • The sooner the better: less damages, less responsibilities • Monitoring: processes, responsibilities • Document: what, when, why, where • Keep informed: trends, technologies, malware React • Countermeasures: stop breach, minimize damages • Evaluate: personal data, which ones, how many people, how long • Comply: which laws/regulations/policies • Communicate: Management, Supervisor, Data subject, Market One example: data breach
  • 5. #READY4EUDATAP Article 32 Communication of a personal data breach to the data subject 1. … the controller shall communicate the personal data breach to the data subject without undue delay 2. … 3. The communication to the data subject … shall not be required if: (a) the controller has implemented appropriate technical and organisational protection measures, … the data unintelligible to any person who is not authorised to access it, such as encryption; or … 2016 2017 2018 Mar Apr Mag Giu Lug Ago Set Ott Nov Dic Gen Feb Mar Apr Mag Giu Lug Ago Set Ott Nov Dic Gen Feb Budget 2017 Budget 2018 One example: data breach
  • 6. #READY4EUDATAP Article 77 Right to compensation and liability 1. Any person who has suffered material or immaterial damage as a result of an infringement of the Regulation shall have the right to receive compensation from the controller or processor for the damage suffered. 2. Any controller involved in the processing shall be liable for the damage caused by the processing which is not in compliance with this Regulation. … 3. A controller or processor shall be exempted from liability in accordance with paragraph 2 if it proves that it is not in any way responsible for the event giving rise to the damage. 4. …, each controller or processor shall be held liable for the entire damage, in order to ensure effective compensation of the data subject. The cost of not complying Not only Fines Full liability Cost of proving exemption
  • 7. #READY4EUDATAP Article 79 General conditions for imposing administrative fines … 2a. … When deciding whether to impose … and deciding on the amount of the administrative fine … due regard shall be given to the following: (a) the nature, gravity and … … (e) the degree of responsibility … having regard to technical and organisational measures implemented by them pursuant to Articles 23 and 30; 3(new). Infringments of the following provisions shall … be subject to administrative fines up to 10 000 000 EUR, or … up to 2% of the total worlwide annual turnover … whichever is higher: (a) the obligations … pursuant to Articles 8, 10, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 39 and 39a; 3a(new). Infringments of the following provisions shall… be subject to administrative fines up to 20 000 000 EUR, … up to 4% of the total worlwide annual turnover …, whichever is higher: (a) the basic principles for processing, including conditions for consent, pursuant to Articles 5, 6, 7 and 9; (b) the data subjects’ rights pursuant to Articles 12-20; (ba) the transfers of personal data to a recipient in a third country or an international organisation pursuant to Articles 40-44 Fines and liabilities can impact on the bottom line The cost of not complying Article 23 Data protection by design and by default Article 30 Security of processing
  • 8. #READY4EUDATAP The benefit of complying Cobit ISO 2700x GDPR PCIdss 285 (263) SOX … Personal data ore just one of the assets to protect Standards, methodologies, best practices, laws and regulations converge Each asset protection benefits from each compliance Compliance siloes reduce benefits
  • 10. #READY4EUDATAP Facci una domanda sul Blog Contattaci su Twitter