Finance and Governance Workshop Data Protection and Information Management 10 June 2014.

Slides:



Advertisements
Similar presentations
2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.
Advertisements

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
Risk Management Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
SEMINAR NAIC/ASSAL/SVS REGULATION & SUPERVISION OF MARKET CONDUCT © 2014 National Association of Insurance Commissioners Overview and Purpose of Market.
The Data Protection (Jersey) Law 2005.
Getting data sharing right for every child
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Professional Behaviour
Developing a Records & Information Retention & Disposition Program:
Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
The Australian/New Zealand Standard on Risk Management
Challenge Questions How good is our operational management?
MEANS TO AN END: the OECD Approach for Effective Implementation of Public Procurement Systems Getting really strategic Paulo Magina Head of the Public.
Outsourcing Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.
For more information visit us at Small Charities Coalition Risk management Catherine Rustomji Head of Third Sector North – Hempsons.
Safeguarding & Protecting Children Tutor Update Day 16 th May 2012.
Audiences NI Data Protection Workshop
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection Overview
HANDLING FAILURES AND SAFETY NETS Edward Forshaw Manager, Insurance International Issues Prudential Standards Division.
Data Protection for Church of Scotland Congregations
Internal Auditing and Outsourcing
Managing Procurement and Sourcing Getting What You Need.
Your cybersecurity breach will happen! Here’s what to do to mitigate your risk Thursday, 25 September 2014.
Data Protection in Financial Services Are you Seeing the Bigger Picture? 17 September 2008.
Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October
Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
The Data Protection Act 1998 The Eight Principles.
Professional Values and Basic Business Legislation.
Data Protection: An enabler? David Freeland, Senior Policy Officer 23 October 2014.
Data Protection Act AS Module Heathcote Ch. 12.
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.
PwC Informations- gold assets. 2 Introduction 3 Central and Eastern EuropeGlobal Number of companies that have been victims of economic crime in the.
International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.
INTRODUCTION TO DATA PROTECTION An overview of the Irish Data Protection legislation.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Breakaway Session 2: Data Protection and The Role of the Data Protection Supervisor Michael Mingle Director, NTSS Solutions (UK) D ATA P ROTECTION C ONFERENCE.
Protecting your Managed Services Practice: Are you at Risk?
DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,
Current risk and compliance priorities for law firms PETER SCOTT CONSULTING.
© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.
Can you share? Yes you can!! Angus Council Adult Protection Maureen H Falconer, Senior Policy Officer Information Commissioner’s Office.
1 TAIEX JHA Workshop on data protection and cloud computing Data transfers to third countries and standard contractual clauses Skopje, 29 May 2014.
Getting data sharing right for every child Maureen H Falconer Senior Policy Officer Information Commissioner’s Office.
Data protection—training materials [Name and details of speaker]
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
Key Points for a Privacy Programme for Multinationals Steve Coope.
RISK MANAGEMENT FOR COMMUNITY EVENTS. Today’s Session Risk Management – why is it important? Risk Management and Risk Assessment concepts Steps in the.
COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.
Protection of Personal Information Act An Analysis on the impact.
Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
-1- WORKSHOP ON DATA PROTECTION AND DATA TRANSFERS TO THIRD COUNTRIES Technical and organizational security measures Skopje, 16 May - 17 May 2011 María.
Privacy principles Individual written policies
GDPR Awareness and Training Workshop
Data Protection The Current Regime
General Data Protection Regulation
Data Protection Act.
GDPR - Individual’s Rights
GENERAL DATA PROTECTION REGULATION (GDPR)
G.D.P.R General Data Protection Regulations
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
IMPLICATIONS OF GDPR ROBERT BELL.
Cyber Risk & Cyber Insurance - Overview
Presentation transcript:

Finance and Governance Workshop Data Protection and Information Management 10 June 2014

Why look after personal data? (1) …Because it's one of your most valuable assets: Increase (and measure) participation Promote good governance Know your stakeholders Bring money into your sport

Why look after personal data? (2) …Because it's one of your biggest risks: Increasing regulation (and enforcement) Loss of trust/bad publicity Loss of all the benefits good data management can bring

Data Management Priorities for NGBs What are YOUR data protection and data management priorities?

Data Management Priorities for NGBs 1. Security: Keeping personal data safe – Data Protection Act 1998 (Principle 7) – Appropriate technical and organisational security measures to protect from loss, misuse or damage – Managing a breach: notification? – Enforcement: monetary penalties of up to £500,000 (for now)

Data Management Priorities for NGBs 2. Consents: making personal data work for you – Data Protection Act 1998 (Principle 1) – "Fair and lawful processing": information/consent – Privacy and Electronic Communications Regulations 2003: electronic "direct marketing" – Data protection statements – Privacy Policies

Data Management Priorities for NGBs 3. Information requests: how to respond – Data Protection Act 1998: Subject Access Requests Written request for own personal data 40 days to respond Exemptions and limitations A practical response? – Freedom of Information Act 2000

Data Management Priorities for NGBs 4. Outsourcing: trusting third parties with data – Data processor = third party processing personal data on NGB's behalf (NGB remains responsible) – Due diligence, written contract (security, control) – No transfer outside the EEA without "adequate protection" (Principle 8) – Data protection issues in "the cloud"

Addressing the Issues Cyber/Data is no longer just an IT concern – it is a strategic business risk Poses a tangible threat to the financial stability of your organisation 4 key steps you can take towards effective risk management

4 Key Steps Step 1 – Understand and profile your risk  Identify and involve stakeholders – Senior management, IT heads, Marketing, Legal and your Broker  Develop scenarios and assess the likely impact, both operationally and financially  Use impact analysis to create course of action – Treat, Tolerate or Transfer to insurance?

4 Key Steps Step 2 – Insurability  Work closely with your broker to determine whether key risks identified are covered by existing insurance arrangements or insurable in the current market  Review policy wordings carefully and seek clarification from insurers  Obtain indicative costs for budgeting

4 Key Steps Step 3 – Mitigating Risks  Identify alternative options to reduce risks. For example, limit access points/controls to prevent unauthorised access to systems, implement written policies, review contractual arrangements with third parties  Utilise professional support from insurers  Regularly review and update your risks

4 Key Steps Step 4 – Effective Communication  Increase awareness of these new risks through your organisation – safeguarding data is the responsibility of all  Training and competence of new policies and procedures to employees

Hindrance into Opportunity Robust data governance provides: Reduced operational costs through leaner data processes and improved efficiencies Consistency across databases resulting in greater insight and innovation from information Confidence in data for faster and better decision making A competitive advantage

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.