Please note: that this event has moved to the Nov 28th.
When we first started looking at the GDPR regulations we quickly came to realize that this is not necessarily an IT issue. Yes, it involves taking a proactive stance on cyber security and minimising the impact of data breaches, but the emphasis of the new rules is really aimed at companies becoming good stewards of their client’s information. At a conference, I attended recently one of the delegates described it like this. “Previously companies would see data that they hold as their possession, that they could use how they like. From May next year, this changes to the client being in control by placing their information on loan to the company, for a stated purpose and on the expectation of it being returned in the same condition”. This change of emphasis goes right to the core of why do we have this information, do we have consent to use it and for what purpose? It has more to do with policy, documentation and staff training than company firewalls.
What is going to be covered in the GDPR seminar?
Because GDPR requires a multi-disciplinary approach, we have combined forces with The Legal Partners to provide a seminar which covers both the human and system elements to complying with the new regulations. For those not up to speed with what the GDPR means, we will summarise the regulatory framework and some of the procedural changes involved. This will concentrate on the setting policies, documentation and training of staff on matters such as subject access requests and the right to be forgotten.
A practical GDPR workshop.
For the next part, we will go through the more technical aspects with a practical workshop on how to prepare an organisational data map. This will define the purpose for collecting information, specify who is a “data controller” and “data processors”, and trace the data flow of information between different systems as it goes through the life cycle of the organisation. This will produce a scope of the tasks at hand, resources required and timelines for completion. From there we will look at implications for the different software systems involved. This may include email servers, Excel spreadsheets, to enterprise level multi-relational databases, each platform will have its own nuances and this will give you the heads up on what to look out for.
The seminar will give you the building blocks on how to approach the task of getting your documentation, procedure and systems in to shape ready for the changes next year.
About the Author:
Malcolm Ford has over 10 years experience in implementing Enterprise level software including data migration and reporting issues. He now is offering his knowledge to those who need to review their software in the light of dealing with GDPR.