Presentation is loading. Please wait.

Presentation is loading. Please wait.

GDPR support tool GN4-2 JRA4 T2 Radovan Igliar TF-GDPR, Berlin

Published byRachel Meryl Chase Modified over 7 years ago

Similar presentations

Presentation on theme: "GDPR support tool GN4-2 JRA4 T2 Radovan Igliar TF-GDPR, Berlin"— Presentation transcript:

1 GDPR support tool GN4-2 JRA4 T2 Radovan Igliar TF-GDPR, Berlin
CESNET TF-GDPR, Berlin 28 August 2017

2 Roles, processes and responsibilities.
GDPR & Cloud services Universities are using several services: Office 365 G-suite E-learning platforms … IaaS services (Géant IaaS Framework) Universities (CONTROLLER) have to exercise their Data Protection Assessments. Service providers providing services to our community. NRENs as legitimate umbrella of community interest. Service providers (PROCESSOR) have to describe their Data-protection mechanisms. Roles, processes and responsibilities. Universities and Cloud providers have to set up contractual relationship (Data Processor Agreement) in CONSENT. 3rd party consultants (legal firms) seeking opportunity to provide their service and charge per case. We have good position and relation with several providers (Géant IaaS Framework, Cloud catalogue).

3 GDPR support tool GDPR support tool Unique value:
Standardization process for both sides (Providers and Universities) Self-declaration process using a GÉANT assessment tool to verify Vendor contractual commitments to meeting the GDPR requirements. GÉANT perform evaluation check and facilitate reference (chain of trust) within community. Define common use-cases / scenarios i.e. student administration, research, medical data, e-learning, … Make Risk assessment model studies Make R&E Data processor agreement Watch changes in Vendors Security Audits Updates and distributed to community. GÉANT can be a market channel toward Service providers NRENs can be communication channel for joint approach. Unique value: do it once (pay once) & use many & update regularly build a platform for the providers to easily address R&E community for NREN to give a TOOL for different products and model cases for Universities to easily adapt to their institutions build a credibility and trust – certification?

4 GDPR support tool

5 GDPR support tool Updated regularly
Assessment - Self-declaration process using a GÉANT assessment tool to verify Vendor contractual commitments to meeting the GDPR requirements. (To help where to look – not quantitative ) Evaluation check -> Packages Per Vendor / Product / Model case Checklists Updated regularly Can be part of Cloud catalogue R&E general Data processor agreement (or use Standard Contract ) Subscription fee – access to all packages / or „Article fee“ (with Minimum threshold). Institution still must do its Risk assessment (DPA), but with easy to referring/using above packages.

6 Discussion Cloud team has good position and relation with several providers (Microsoft, Amazon, Google, …) within Géant IaaS Framework, Cloud catalogue. Is vendor/data processor contract assessment something the NREN/institution considers important and a service which is of value? What are the key cloud vendors that you would like to see in scope for the service? Would be NREN/institution willing to pay a fee for such service?

Download ppt "GDPR support tool GN4-2 JRA4 T2 Radovan Igliar TF-GDPR, Berlin"

Similar presentations

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.
ServiceVAR CategoryCore Revenue Source Resell Product Time & Materials Traditional VAR Product Sales Support Product Product To Pull Technical Services.

ServiceVAR CategoryCore Revenue Source Resell Product Time & Materials Traditional VAR Product Sales Support Product Product To Pull Technical Services.
Toward the Clouds, Together ! Collaboration effort of European NRENs in Cloud Computing Branko Radojević, Deputy Director, CARNet/GEANT TF-MSP Budapest,

Toward the Clouds, Together ! Collaboration effort of European NRENs in Cloud Computing Branko Radojević, Deputy Director, CARNet/GEANT TF-MSP Budapest,
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
Managing Third Party Risk In a world fraught w/Risk Trust In the Cloud How are you Protecting Customer Data? February 26, 2014 Case Study Vincent Campitelli.

Managing Third Party Risk In a world fraught w/Risk Trust In the Cloud How are you Protecting Customer Data? February 26, 2014 Case Study Vincent Campitelli.
2008 New York - Member Forum Council for Responsible Jewellery Practices, Ltd. Overview of CRJP.

2008 New York - Member Forum Council for Responsible Jewellery Practices, Ltd. Overview of CRJP.
Healthcare Exco Report May 2013. CMS Broker Policy Document Document applies to any person who provides services in terms of the Act and Regulations Accreditation.

Healthcare Exco Report May CMS Broker Policy Document Document applies to any person who provides services in terms of the Act and Regulations Accreditation.
September 12, 2002CFO Roundtable - Valuing Biotech.

September 12, 2002CFO Roundtable - Valuing Biotech.
License, Contract, Memoranda, Oh My! Kevin L. Smith Duke University Libraries Office for Copyright and Scholarly Communications.

License, Contract, Memoranda, Oh My! Kevin L. Smith Duke University Libraries Office for Copyright and Scholarly Communications.
SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:

SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:
HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.

HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.
178, 178, 178 228, 108, 10 146, 208, 80 67, 184, 211 0, 99, 178 STAR-Transition Project October 2011.

178, 178, , 108, , 208, 80 67, 184, 211 0, 99, 178 STAR-Transition Project October 2011.
What is ISO? ISO is that the world’s largest developer of voluntary International Standards. International Standards provide state of the art specifications.

What is ISO? ISO is that the world’s largest developer of voluntary International Standards. International Standards provide state of the art specifications.
Contracts – the small print

Contracts – the small print
GÉANT Cloud Activity Towards Pan-European Cloud Services

GÉANT Cloud Activity Towards Pan-European Cloud Services
Internal Compliance Programme (ICP) & The Guidelines Notified by Strategic Export Control Division (SECDIV) Zafar Ali, DG SECDIV Ministry of Foreign.

Internal Compliance Programme (ICP) & The Guidelines Notified by Strategic Export Control Division (SECDIV) Zafar Ali, DG SECDIV Ministry of Foreign.
Healthcare Cybersecurity: State of Industry

Healthcare Cybersecurity: State of Industry
VIRTUALIZATION & CLOUD COMPUTING

VIRTUALIZATION & CLOUD COMPUTING
The Vendor Client Relationship

The Vendor Client Relationship
A trust-based framework for the data-driven economy

A trust-based framework for the data-driven economy

Similar presentations

Ads by Google