Video produced by Steve Nathans-Kelly
The European Union’s General Data Protection Regulation (GDPR) requires all organizations with information about European residents (read: any global company) to comply with new rules about how personal data is stored, secured, used, moved, and removed from their systems. Penalties for failure to comply can be as high as 4% of a company’s global revenue, or 20 million euros, whichever is greater. The stated goals of GDPR are to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy, and to reshape the way organizations across the region approach data privacy.
At Data Summit 2018 in Boston, just 2 days before the new regulation went into effect on May 25, Kristina Podnar, digital policy consultant, NativeTrust Consulting, LLC, presented a talk on how to prepare for GDPR—and maintain compliance.
In her presentation, Podnar cut through the legal and regulatory noise, taking the 99 articles of GDPR and distilling them into 10 key areas so attendees could identify the things that they really need to deal with—and those that do not apply. "The alternative was to read you the GDPR up here and that seemed really boring," said Podnar. "What I wanted to do was give you a way to think about the GDPR through the lens of 10 different categories."
Though there may be aspects of GDPR that organizations believe do not apply to them for one reason or another, they actually may be applicable in ways they have not yet considered, said Podnar.
Looking at record processing, for example, Podnar asked: Where does the data go? Does it get processed by third party? If it does, how do you ensure that you can actually trace the data back when someone says they want their data deleted, and how can you be sure you actually understand all the places where you sent the data to in the first place? “That's what record processing is all about.”
To access more Data Summit 2018 videos, go to www.dbta.com/DataSummit/2018/videos.aspx.
Many PowerPoint presentations from Data Summit 2018 have been made available for review at www.dbta.com/DataSummit/2018/Presentations.aspx.
Data Summit 2019, presented by DBTA and Big Data Quarterly, is scheduled for May 21-22, 2019, at the Hyatt Regency Boston, with pre-conference workshops on May 20.