Presentation is loading. Please wait.

Presentation is loading. Please wait.

GDPR: Understanding your obligations and the ongoing challenges

Published byΕυμελια Παπαϊωάννου Modified over 5 years ago

Similar presentations

Presentation on theme: "GDPR: Understanding your obligations and the ongoing challenges"— Presentation transcript:

1 GDPR: Understanding your obligations and the ongoing challenges
5 March 2019 @AdaptaforNFP © 2018 Adapta Consulting, all rights reserved

2 Agenda About Adapta (brief!) GDPR – A recap
GDPR – Our observations about the practical challenges ‘Surgery’

3 Adapta Consulting We are: A specialist information systems consultancy
We only work with membership organisations, charities, associations, trusts and others in the NfP sector We are completely supplier-independent Our consultants and associates have held senior positions in a broad range of different organisations Our advice and guidance is based on practical experience gained over many years

4 Breadth and depth of specialist NFP expertise

5 Some charities our consultants have helped

6 Some associations our consultants have helped

7 Summary of relevant changes GDPR brought
Breaches Increased fines Civil and criminal liability Reported within 72 hours Consent Valid Recorded Given freely Parental Retrospective Recent Governance & accountability Data protection officer Lawful basis for processing Know your personal information Keep records of processing activities Privacy by design & DPIAs Data processors Users rights To be informed Subject access Erasure/right to be forgotten Data portability Rectification

8 Practical steps we recommended for achieving GDPR compliance
Appoint a DPO / DP lead Document your data handling processes Develop a personal information register Move to full channel specific opt-ins for DM communications Raise awareness & provide training Determine & document your lawful basis for processing Revise & develop your data protection compliance policies, procedures Issue & collect revised data processor agreements Undertake a compliance review – process & systems Determine & implement your consent strategy Embed privacy by design & impact assessments Develop & implement a plan for ongoing compliance

9 Observations since May 2018 – and some ongoing challenges
Privacy notices – good, bad and indifferent Data breaches, breach log and breach reporting Lawful basis – risks of using consent, issues with children and with images

10 Potential impact of Brexit
UK will become a ‘third country’ outside EEA, therefore will need to be deemed ‘adequate’. This is not guaranteed and will take time UK Government has confirmed that there will be no problem moving data into the EEA ICO will no longer have any say in interpreting and developing GDPR If you have a European data centre, partner or subsidiary you will need to ensure you have adequate provision in place – standard contractual clauses Under Article 27 you may need to nominate a representative in an EU country We will no longer be able to relay on US Privacy Shield

11 Discussion and questions
‘Surgery’ slot – 30 mins: Discussion and questions

12 help@adaptaconsulting.co.uk www.adaptaconsulting.co.uk
Adapta Consulting, 5 St John’s Lane, London, EC1M 4BH

Download ppt "GDPR: Understanding your obligations and the ongoing challenges"

Similar presentations

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Iain Pritchard Adapta Consulting 15 October 2015 Business continuity planning (an SMT responsibility)

Iain Pritchard Adapta Consulting 15 October 2015 Business continuity planning (an SMT responsibility)
The EU General Data Protection Regulation Frank Rankin.

The EU General Data Protection Regulation Frank Rankin.
Key Points for a Privacy Programme for Multinationals Steve Coope.

Key Points for a Privacy Programme for Multinationals Steve Coope.
Information Governance Support Information Governance Services

Information Governance Support Information Governance Services
General Data Protection Regulation (EU 2016/679)

General Data Protection Regulation (EU 2016/679)
GDPR 12 POINTS 679/2016 DATA LEX 2016.

GDPR 12 POINTS 679/2016 DATA LEX 2016.
Tony Sheppard Mobile Guardian

Tony Sheppard Mobile Guardian
General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)
Data Protection Officer’s Overview of the GDPR

Data Protection Officer’s Overview of the GDPR
Accountability & Structured Privacy Management

Accountability & Structured Privacy Management
Introducing the General Data Protection Regulation 2016

Introducing the General Data Protection Regulation 2016
Overview General Data Protection Regulation (GDPR)

Overview General Data Protection Regulation (GDPR)
Data protection headaches: GDPR, brexit AND perimeter risk

Data protection headaches: GDPR, brexit AND perimeter risk
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
GDPR Awareness and Training Workshop

GDPR Awareness and Training Workshop
General Data Protection Regulations: what you really need to know

General Data Protection Regulations: what you really need to know
General Data Protection Regulation

General Data Protection Regulation
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
General Data Protection Regulation

General Data Protection Regulation

Similar presentations

Ads by Google