With about eight months until the May, 2018 compliance deadline for the EU General Data Protection Regulation (GDPR), many multinational organizations are now prioritizing their compliance efforts.
Perhaps the best place to start is the data inventory – a concise summary of all important aspects of an organization’s use of personal data. The data inventory serves as the GDPR’s Art. 30 “Record of processing activities” document, and is a trusted source for any information about the use of personal data in an organization. It also represents the cornerstone of any effective global privacy program, assisting in fulfilment of data subject access requests (DSARs) (Arts. 15-17), development of information security programs (Art. 32), and execution of breach notification responsibilities (Arts. 33,34).
The challenge in creating a data inventory is that it relies exclusively on interviews with the application or process owner, and often crucial information is missed.
In this webinar, an information security and privacy attorney will share best practices for an effective data inventory, including:
Who should attend: Information security and cyber security, also Information Officers including CIOs, Information Security Directors, Staff Attorneys, or anyone concerned with the European Union GDPR