Managing Marketing Risk for Future Success September 2015 Deborah Thomas RBI Group Risk & Compliance Officer.

Slides:

Advertisements

Similar presentations

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.

Advertisements

Shipbuilding Intellectual Property Protection CESA/GuardSHIP Rotterdam, 4 February 2010.

The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.

CHAPTER 4 E-ENVIRONMENT

PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.

Data Protection.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Marketing: Comply with the Law 28 th February 2007 Liz Rowe.

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

Managing Personal Information - Australian Companies Outsourcing to India and the Philippines Professor Margaret Jackson and Marita Shelly.

Employee privacy in a global company Sandra Kelman Privacy Manager (Asia Pacific) Privacy Issues Forum 30 March 2006.

Per Anders Eriksson

Transborder dataflows Flow of information across national borders Much of this data involves personal information.

Anomalous Aspects of Transfer of Personal Data from the E.U. to the U.S. Stephen R. Bell Willkie Farr & Gallagher ABA Section of International Law New.

Class 13 Internet Privacy Law European Privacy.

THE CHOICES WE MAKE THAT MATTER – International Data Privacy/Protection JILL L. UREY, ASSISTANT GENERAL COUNSEL MID-ATLANTIC CIO FORUM NOVEMBER 20, 2014.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Overview

1 IQCS AGM November 2009 IQCS Data Protection Workshop Scenarios / Answers 12 th November 2009.

Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.

Becoming A Customer SICOR Securities, Inc.. How? In order to establish the client (customer) relationship between yourself, as a registered representative.

Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.

LexisNexis Confidential EU Privacy Framework Michael Lamb LexisNexis Risk Solutions Vice President and Lead Counsel: Regulatory, Privacy & Policy May 19,

0 Overview of the Foreign Corrupt Practices Act and Related Corporate Procedures (A312, A312A and A301)

Best Practices for Banking MSBs

Privacy & Personal Information Prepared by the CBC Law Department CONFIDENTIAL – FALL 2011.

Page 1 I For Broker/Dealer Use Only and Not to be Distributed to the Public Pioneer Funds - U.S. Dollar Aggregate Bond Active Historical Sector Allocations.

Investigating Rights and Responsibilities at work

EU Data Protection IT Governance view Ger O’Mahony 12 th October 2011.

IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

Preparing Russian Companies for UK Bribery Act Enforcement - The Defence of “Adequate Procedures” Nicholas Munday 14 December 2010 Moscow.

Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.

The Data Protection Act [1998]

The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.

INTRODUCTION TO DATA PROTECTION An overview of the Irish Data Protection legislation.

DON Code of Privacy Act Fair Information Principles DON has devised a list of principles to be applied when handling Protected Personal Information (PPI).

© University of Reading Lee Shailer 06 June 2016 Data Protection the basics.

The EU General Data Protection Regulation Frank Rankin.

Data protection—training materials [Name and details of speaker]

[ Direct marketing – an introduction to data protection and privacy] For [insert name of organisation] presented by [insert name of presenter] on [date]

Commissioning Services: with the DPA in mind South Yorkshire Information and Data Sharing Group Sheffield 14 th August 2014 Lynne Shackley Lead Policy.

Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.

Data Protection and Freedom of Information. Objectives Describe the main points of the Data Protection Act 1998 and Freedom of Information Act 2000 Illustrate.

Data Protection Laws in the European Union John Armstrong CMS Cameron McKenna.

Data protection act. During the second half of the 20th century, businesses, organisations and the government began using computers to store information.

Students’ Unions 2011 Data Protection and Students’ Unions Mairead O’Reilly 19 July 2011.

Data Protection Officer’s Overview of the GDPR

Accountability & Structured Privacy Management

Data Protection GCSE ICT Mrs N Steventon-2005.

Data Protection and Confidentiality

Contingent Workforce: Global Privacy Laws Overview

Data Protection The Current Regime

General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

Museums + Heritage webinar, 30 November 2017

Information Governance and Data Privacy: A World of Risk

The European Union General Data Protection Regulation (GDPR)

Data Protection & Freedom of Information- An Introduction

GENERAL DATA PROTECTION REGULATION (GDPR)

G.D.P.R General Data Protection Regulations

The new data protection rules

Employee Privacy and Privacy of Employee Information

General Data Protection Regulations

Data Protection principles

Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .

GDPR (General Data Protection Regulation)

How we’ll prepare for the General Data Protection Regulation (GDPR)

The General Data Protection Regulation Six months on – What’s changed

General Data Protection Regulation (GDPR)

GDPR: Understanding your obligations and the ongoing challenges

Getting Ready For GDPR Simon Marks Director

Presentation transcript:

Managing Marketing Risk for Future Success September 2015 Deborah Thomas RBI Group Risk & Compliance Officer

© 2014 Reed Business Information Ltd RBI Global Risks

© 2014 Reed Business Information Ltd 1.IP Protection 2.Third Party Data handling 3.Talent capability 4.Global laws & regulations 5.Talent lifecycle 6.Leakage of trade secrets or other confidential information 7.Investment in new technology 8.Portfolio change 9.Economic & political uncertainty 10.Reacting to disruptive competitor activity 11.BCP and Disaster Recovery

© 2014 Reed Business Information Ltd Anti-Bribery Risk

© 2014 Reed Business Information Ltd THE GLOBAL RISK MAP

© 2014 Reed Business Information Ltd BRIBERY RISK IN MARKETING Gifting and Entertaining  Vigilance when attending dinners, awards and events.  Ensuring accurate recording of G&E  Knowing limits around the world New RBI G&E recording system being launched globally in Q Using Third Parties  RBI are responsible for the conduct of agents (sales, marketing etc..) who work on our behalf.  Due diligence must be performed if the intermediary falls within the scope of the policy, before work is undertaken.  Full training, policy documents and materials available.

© 2014 Reed Business Information Ltd Data Privacy

© 2014 Reed Business Information Ltd DATA PRIVACY RISK IN MARKETING Complex and fast-changing area, and getting more complex as RBI becomes more international RBI Global Contact: Robbie Burgess Global Approach: Elsevier has global e-marketing guidelines for more info for a global approach: New Canada Guidelines: The RELX DPP group has an information page on the recent changes to Canada’s marketing laws (CASL) here: New Singapore Guidelines: The guidance provides some specific examples to illustrate when consent can or cannot be required. requiring-consent-for-marketing-(8-may-2015).pdf?sfvrsn=2 The DPA has also issued another document that sets out sample clauses for obtaining consent for memberships, marketing and lucky draws and sample forms for the withdrawal of consent from marketing/telemarketing. may-2015).pdf?sfvrsn=2 Safe Harbour Guidelines: The RELX Group Safe Harbor Privacy Policy, revised June 1, 2015, is available from the corporate website at:

© 2014 Reed Business Information Ltd SAFE HARBOUR RULES Safe Harbor is a US voluntary self-regulation scheme set up by the US Dept. of Commerce that has been declared adequate by the European Commission. This means that companies can transfer personal data from the EU to a US company who has signed up to Safe Harbor in compliance with the EU’s transfer principle (no transfers outside the EEA without adequate measures in place). By signing up to Safe Harbor a US company agrees to seven data handling principles, similar to the EU’s principles. These are: notice, choice, onward transfer, access, security, data integrity, enforcement. Once signed up the company has to re-certify every year. Currently the following RELX entities have Safe Harbor certifications. Accuity Inc. Health Market Science LexisNexis Examen Inc. Lexis Managed Technology Services, a business of LexisNexis, a division of Reed Elsevier Inc. LNRS, operating through LexisNexis Risk Holdings Inc. and LexisNexis Risk Data Management Inc. and their subsidiaries Moreover Technologies Inc. Reed Elsevier Technology Services, a division of Reed Elsevier Inc. WorldCompliance Inc.

© 2014 Reed Business Information Ltd Adhere to the licence or other requirements of bought-in or harvested lists. If consent is required it must be freely given, specific, informed and positively indicated. Retain proof of consent to demonstrate compliance if challenged. Inform customers and prospects that their data will be used for marketing. There are different ways to achieve this. (Robbie will know how RBI do it.) Always identify the sender. Always offer an opt-out from marketing communications. Action unsubscribe requests promptly. Follow your relevant internal business rules on things like retention of non-active customer data; how many times in a certain period you can carry out phone/ marketing activities etc. DATA PRIVACY DOS AND DON’TS  Collect contact details responsibly. Don’t assume just because it’s public it means the person is open to receiving marketing. Collect what you need to have, not what would be nice to have.  Don’t add unnecessary or very personal details to CRMs, such as birthdays, children’s names, favourite football team and so on.  Don’t market into a country without checking whether there are any specific rules and that you are complying with them. If a country has a ‘do-not-call’ register, always use it.  Don’t send large amounts customer data around internally by unless necessary, and password-protect the attached document.

© 2014 Reed Business Information Ltd Q&A

© 2014 Reed Business Information Ltd DEBORAH THOMAS – QUICK BIO Education Graduated in 1999 from St John’s College, Cambridge Qualified ACA from PricewaterhouseCoopers (PwC) in 2002 Work 5 years in Omnicom ( ) running group projects for a UK division of the world’s largest Marcomms group 3 years in Diageo ( ) doing risk management and compliance roles in London and Singapore Joined RBI in 2013 as Group Risk & Compliance Officer in London