PRIVACY INSIGHT SERIES Summer / Fall 2017 Webinar Program
6 Months to Go: What are the Risks of Non-Compliance with the GDPR? November 15, 2017
https://iapp.org/resources/article/getting-to-gdpr-compliance-risk-evaluation-and-strategies-for-mitigation/ Š 2017 TrustArc Inc Proprietary and Confidential Information
Today’s Speakers
Sam Pfeifle Content Director IAPP sam@iapp.org
2
Privacy Insight Series - trustarc.com/insightseries
Hilary Wandall, CIPP/E, CIPP/US, CIPM General Counsel & Chief Data Governance Officer TrustArc hwandall@trustarc.com
© 2017 TrustArc Inc
Survey methodology • 10-minute survey sent to readers of the Daily Dashboard • 498 responses • 88 percent believe they are within the GDPR’s jurisdiction • Only those covered continued
3
Privacy Insight Series - trustarc.com/insightseries
© 2017 TrustArc Inc
Survey methodology
4
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
With which is it most risky not to comply? • • • • • • • • • • • 5
Operationalizing the right to be forgotten. Operationalizing data portability. Obtaining/managing user consent. Complying with international data transfer requirements. Preparing for data breach notification. Conducting data protection impact assessments. Establishing legitimate interest for data processing. Conducting data inventory/mapping. Maintaining records of processing (e.g. Article 30 reports). Managing data subject requests. Appointing a data protection officer (DPO). Privacy Insight Series - trustarc.com/insightseries
© 2017 TrustArc Inc
With which is it most risky not to comply?
6
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
Compare that to perceived difficulty‌
7
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
How will you mitigate that risk? • • • •
Investing in privacy/data protection training. Increasing number of privacy staff. Investing in additional outside legal assistance. Investing in additional outside consulting assistance. • Investing in privacy/data protection technology. • Continuing the status quo privacy program. 8
Privacy Insight Series - trustarc.com/insightseries
© 2017 TrustArc Inc
How will you mitigate that risk?
9
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
How will you mitigate that risk?
10
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
2017 sees large increases in most of the steps firms say they’re taking to prepare for GDPR 11
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
What is the biggest barrier to compliance? • • • • •
12
Inadequate budget. Lack of qualified privacy staff. Too little time. Complexity of the law. And shortage of technical tools.
Privacy Insight Series - trustarc.com/insightseries
© 2017 TrustArc Inc
What is the biggest barrier to compliance?
13
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
What is the biggest barrier to compliance?
14
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
When will you be compliant? From June 2017
15
Privacy Insight Series - trustarc.com/insightseries
From Sept. 2017
Š 2017 TrustArc Inc
PRIVACY INSIGHT SERIES Summer / Fall 2017 Webinar Program
Questions?
© 2017 TrustArc Inc Proprietary and Confidential Information
PRIVACY INSIGHT SERIES Summer / Fall 2017 Webinar Program
Contacts Sam Pfeifle Hilary Wandall
sam@iapp.org hwandall@trustarc.com
© 2017 TrustArc Inc Proprietary and Confidential Information
Privacy Insight Series – 2017 Calendar
To register for Summer/Fall webinars and/or past webinar recordings visit: www.trustarc.com/insightseries 18
Privacy Insight Series - trustarc.com/insightseries
Š 2017 TrustArc Inc
PRIVACY INSIGHT SERIES Summer / Fall 2017 Webinar Program
Thank You! Register for the next webinar in our Series – December 6th “Demonstrating Compliance & the Role of Certification Under the GDPR
© 2017 TrustArc Inc Proprietary and Confidential Information