Presentation is loading. Please wait.

Presentation is loading. Please wait.

Session Title: Presented By: Institution: Date:

Published byBritton McCoy Modified over 6 years ago

Similar presentations

Presentation on theme: "Session Title: Presented By: Institution: Date:"— Presentation transcript:

1 Session Title: Presented By: Institution: Date:
MBUG 2018 Session Title: Presented By: Institution: Date: General Data Protection Regulation (GDPR) Jim Hood MS Institutions of Higher Learning (IHL) September 10, 2018

2 GDPR…What is it? The General Data Protection Regulation (GDPR) standardizes data protection law across all 28 European Union (EU) countries. (EU’s FERPA) Developed in reaction to smart phones and social media sites collecting massive amounts of personal information (Google & Facebook). Effective May 25, 2018…108 days ago. Link to GDPR:

3 What are the EU countries?
EU Member States Austria Estonia Italy Romania Belgium Finland Latvia Slovakia Bulgaria France Lithuania Slovenia Croatia Germany Luxembourg Spain Republic of Cyprus Greece Malta Sweden Czech Republic Hungary Netherlands United Kingdom Denmark Ireland Poland Portugal

4 GDPR…What is it? Regulations apply to all organizations holding and processing EU residents’ personal data, regardless of geographic location Entities offering goods or services to EU residents must meet GDPR compliance – including universities GDPR is not bound by geographic location

5 GDPR…Key Points Increase limits on fines.
Regulations include larger fines and enforcement action will extend to countries outside of the EU -- but this has not been tested. Will U.S. organizations (including universities) take heed of EU data protection regulations?

6 GDPR…Key Points Establish data protection officers.
Organizations are required to have data protection officers. These positions should have an independent reporting line in the organizational structure (similar to auditors reporting directly to the president).

7 GDPR…Key Points Shift in accountability.
Burden of proof lies with the organization- and not the individual. (FERPA requires students to opt-in privacy status; GDPR requires students to opt-out of privacy status) Adds new requirements around maintenance of audit trails and data processes. Forces organizations to have a more proactive, comprehensive view of data.

8 GDPR…Key Points Timely breach reporting.
Significant data breaches will need to be reported within 72 hours of detection. This will likely conflict with legal efforts. Data encryption may not be enough. GDPR exempts notification of data breaches when data are encrypted—but that may not apply when weak encryption has been used.

9 GDPR…Key Points Rights related to profiling.
Individuals have new rights to opt-out of, and object to, online profiling and tracking. This applies to websites, phones, mobile apps, wearable devices, and emerging technologies.

10 GDPR…Key Points More detailed data inventories.
Organizations will need to demonstrate they know what data they hold, where it is stored, and who has access to it. Rights related to data portability. “Data portability” means individuals can request copies of their data in a readable electronic format. Interpretations of this will likely vary and be debatable.

11 GDPR…Key Points Right to be forgotten.
Individuals have a right to request the deletion of their data, including archived data. (like they never existed) Organizations may need to perform wholesale reviews of processes and system architecture. This will also likely undergo a vetting process. (academic transcripts?)

12 GDPR…Key Points Provides new definitions of data.
Expands definition of personal data and recognizes pseudo-anonymous data. Imposes strict new rules on working with personally identifiable information (PII). PII under GDPR is anything that can identify you individually…different from FERPA. Three categories of PII under GDPR.

13 GDPR…Key Points Linked Data* – Data linking directly to an individual
FULL NAME BANKING/CARD NUMBERS SSN/DL NUMBER PASSPORT NUMBER ANY ID NUMBER ADDRESS TELEPHONE NUMBER RESIDENTIAL ADDRESS * Not a comprehensive list

14 GDPR…Key Points Linkable Data* – Data that must be combined with other data to identify an individual FIRST NAME ONLY DEVICE ID LAST NAME ONLY PLACE OF EMPLOYMENT DATE OF BIRTH IP ADDRESS PORTION OF ADDRESS * Not a comprehensive list

15 GDPR…Key Points Sensitive Data* – Data deemed sensitive requiring extra protection BIOMETRIC TRADE UNION AFFILIATION RACE & ETHNICITY GENETIC DATA HEALTH GENDER IDENTIFICATION POLITICAL OPINIONS SEXUAL PREFERENCE RELIGIOUS PREFERENCE * Not a comprehensive list

16 What are the EU countries?
EU Member States Austria Estonia Italy Romania Belgium Finland Latvia Slovakia Bulgaria France Lithuania Slovenia Croatia Germany Luxembourg Spain Republic of Cyprus Greece Malta Sweden Czech Republic Hungary Netherlands United Kingdom Denmark Ireland Poland Portugal

17 Do we have any EU students?
MS CJC FALL 2017* COAHOMA 8 MERIDIAN 12 CO-LIN 11 DELTA EAST CENTRAL 23 GULF COAST 17 EAST 1 NORTHEAST 26 HINDS 65 NORTHWEST HOLMES PEARL RIVER 5 ITAWAMBA 36 SOUTHWEST 14 JONES COUNTY 34 CJC TOTAL 252 *Figures reflect Out-of-Country (International) enrollment and may or may not include students from EU countries. Source: MCCB, 2018.

18 Do we have any EU students?
MS IHL FALL 2017* ALCORN ST 9 (8) MS VALLEY ST 7 (2) DELTA ST 39 (9) UNIV MISSISSIPPI 92 (17) JACKSON ST 10 (6) UNIV MS MED CENT 2 (1) MISSISSIPPI ST 44 (11) SOUTHERN MISS 31 (11) MS UNIV WOMEN 4 (4) IHL TOTAL 238 (25) *Figures reflect enrollment from EU countries. Figures in parentheses reflect number of countries. Represents every country in the EA except Cyprus and Malta. Source: IHL, 2018.

19 What is next? Whether you had EU students enrolled in Fall or not, you should assume GDPR will apply to your institution at some point. If you haven’t already done so, begin conversations about how GDPR could impact your campus. Conversations should include technical, legal, registrar, institutional research, and others involved with student data.

20 What is next? At this point there are more questions than answers on how GDPR will impact our universities. GDPR regulations are still new and untested in the U.S. Until the impact of GDPR becomes more clear, it may be a good idea to be continue creating a culture of data awareness while being mindful of the GDPR regulations.

21 Thank You! Jim Hood, Ph.D. Assistant Commissioner for Strategic Research @MSPublicUniv #AdvancingMS

Download ppt "Session Title: Presented By: Institution: Date:"

Similar presentations

Knowledge Management LXV International Council Meeting Qawra, Malta 16 th - 23 rd of March 2014.

Knowledge Management LXV International Council Meeting Qawra, Malta 16 th - 23 rd of March 2014.
16 out of 27 member states Known as euro zones 2 nd largest traded currency after the dollar The name euro was officially adopted on 16 December 1995.

16 out of 27 member states Known as euro zones 2 nd largest traded currency after the dollar The name euro was officially adopted on 16 December 1995.
European Union.

European Union.
Standard SS6G5b: Describe the purpose of the European Union and the relationship between member nations.

Standard SS6G5b: Describe the purpose of the European Union and the relationship between member nations.
THE EUROPEAN UNION. HISTORY 28 European states after the second world war in 1951 head office: Brussels 24 different languages Austria joined 1995.

THE EUROPEAN UNION. HISTORY 28 European states after the second world war in 1951 head office: Brussels 24 different languages Austria joined 1995.
THE EUROPEAN UNION. EU  1993 European Union  Main Aims  All states in the EU = a single market  One currency throughout the EU = the Euro  To have.

THE EUROPEAN UNION. EU  1993 European Union  Main Aims  All states in the EU = a single market  One currency throughout the EU = the Euro  To have.
1957197319811986199520042007Candidates Belgium France Italy Luxembourg Netherlands United Kingdom Germany Denmark Ireland GreecePortugal Spain Austria.

Candidates Belgium France Italy Luxembourg Netherlands United Kingdom Germany Denmark Ireland GreecePortugal Spain Austria.
Strength in Numbers Mar 9 2009. The Delian League  Countries do not want to be dominated by other countries.  But there are many advantages to be gained.

Strength in Numbers Mar The Delian League  Countries do not want to be dominated by other countries.  But there are many advantages to be gained.
Presentation by Kirsten Tesh World Traveler ? European Union.

Presentation by Kirsten Tesh World Traveler ? European Union.
Institutional Visit LXV International Council Meeting Qawra, Malta 16 th - 23 rd of March 2014.

Institutional Visit LXV International Council Meeting Qawra, Malta 16 th - 23 rd of March 2014.
Natural gas, and oil sectors in Europe Vaidotas Levickis Fort Worth, Texas 2015.

Natural gas, and oil sectors in Europe Vaidotas Levickis Fort Worth, Texas 2015.
In the Neighborhood of the Camp Kistarcsa 2012 The new member states of the European Union and possibilities for the expansion (workshop) Presented by.

In the Neighborhood of the Camp Kistarcsa 2012 The new member states of the European Union and possibilities for the expansion (workshop) Presented by.
Map - Region 3 Europe.

Map - Region 3 Europe.
Time line By: Shirley Lin. The story of European Union 1945 1951 19571973 1981 1986 19921995 2004 2007.

Time line By: Shirley Lin. The story of European Union
The United States of Europe

The United States of Europe
Purpose of the European Union For its members to work together for advantages that would be out of their reach if each were working alone Believe that.

Purpose of the European Union For its members to work together for advantages that would be out of their reach if each were working alone Believe that.
The European Union. Important Events in EU History May 9, 1950 – French Leader Robert Schuman proposes the idea of working together in coal and steel.

The European Union. Important Events in EU History May 9, 1950 – French Leader Robert Schuman proposes the idea of working together in coal and steel.
The European Law Students’ Association Albania ˙ Austria ˙ Azerbaijan ˙ Belgium ˙ Bosnia and Herzegovina ˙ Bulgaria ˙ Croatia ˙ Cyprus ˙ Czech Republic.

The European Law Students’ Association Albania ˙ Austria ˙ Azerbaijan ˙ Belgium ˙ Bosnia and Herzegovina ˙ Bulgaria ˙ Croatia ˙ Cyprus ˙ Czech Republic.
Table 1. Number and rate of Legionnaires’ disease cases per 100 000 population by country and year, EU/EEA, 2010–2014 ASR: age-standardised rate, C: case-based.

Table 1. Number and rate of Legionnaires’ disease cases per population by country and year, EU/EEA, 2010–2014 ASR: age-standardised rate, C: case-based.
CONFIDENTIAL 1 EPC, European Union and unitary patent/UPC EPC: yes EEA: no EU: no (*) (*) Also means no unitary patent Albania, Macedonia, Monaco, San.

CONFIDENTIAL 1 EPC, European Union and unitary patent/UPC EPC: yes EEA: no EU: no (*) (*) Also means no unitary patent Albania, Macedonia, Monaco, San.

Similar presentations

Ads by Google