Podcasts about data protection officer dpo

Send us a textOn this week of Serious Privacy, Paul Breitbarth , Ralph O'Brien of Reinbo Consulting, and Dr. K Royal talk about the controversy with executive changes to the U.S. Federal Trade Commission #FTC, the UK #adequacy extension, and the Norwegian decision about Data Protection Officer #DPO conflicts of interest.Please subscribe in your favorite podcast app - sharing is caring!  Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.

Guest post by Seamus McCorry, country manager, Ireland, at Check Point Software The EU's Network and Information Security Directive 2 (NIS2) took effect on 17 October 2024, imposing stricter cybersecurity standards across the EU. This directive, designed to combat the evolving threat landscape, targets a broader range of sectors, including critical infrastructure and digital services. While the full implementation deadline for compliance doesn't set in until 2028, organisations should start making changes now so that the deadline is met. Understanding and complying with these regulations is critical for organisations in Ireland, or else they risk significant penalties, including legal action against executives. However, the NIS2 directive is, as yet, widely undefined, which can make compliance tricky. So, how can Irish organisations get ahead in understanding and implementing the appropriate cybersecurity measures to achieve compliance? Defining and Decoding NIS2 Building upon the 2016 NIS Directive, NIS2 directly responds to the evolving and increasingly complex cyber threat landscape. Its primary goal is to minimise cyber risk and standardise cybersecurity measures across the European Union. It will also impact any organisation that trades within the EU, regardless of where they are in the world. As previously stated, NIS2, while well-intentioned, presents a challenge for Irish organisations due to its lack of concrete, legally defined minimum requirements. The lack of definition in terms of specific compliance minimums is to provide flexibility and adaptability to the changeable cybersecurity landscape. Instead of prescribing rigid, one-size-fits-all rules, NIS2 establishes a framework of principles and general obligations. This approach allows organisations to tailor their security measures to their specific risk profiles and operational needs as long as they meet the recommendations set out by member states. One such principle is promoting a risk-based approach to cybersecurity, requiring organisations to adequately assess risks specific to the organisation and implement appropriate security measures. NIS2 also expands the scope of this risk by expecting organisations to have adequate supply chain security, incident response plans, and risk management in place. Finally, NIS2 emphasises the importance of cybersecurity by design and default. However, this flexibility also presents challenges. Organisations may struggle to interpret the directive's requirements and determine the exact level of security measures needed to comply. This ambiguity can lead to uncertainty and potential non-compliance, even for the experienced information security professional. While NIS2 doesn't provide a checklist, it implies a level of protection that likely includes fundamental security measures such as firewalls, intrusion prevention systems, endpoint protection, multi-factor authentication, data encryption, and access controls. Liability and Litigation Despite these initial challenges, NIS2 has the potential to enhance Ireland's cybersecurity landscape significantly. By emphasising the importance of robust security programmes and fostering collaboration between legal and IT teams, NIS2 can elevate Irish organisations' overall information security maturity. This directive also clarifies the distinct roles of Chief Information Security Officer (CISO) and Data Protection Officer (DPO), empowering CISOs to become strategic advisors to management. However, this increased responsibility also raises concerns around accountability and potential liability for Irish organisations. A unique aspect of NIS2 is that it holds executives and managers personally liable for cybersecurity failures. Unlike previous regulations, NIS2 explicitly states that management bodies can be held accountable for gross negligence and misconduct, like not properly reporting or covering up potential breaches, like in the case of the 2016 Uber breach, potentially facing leg...

Are you ready to step into the vital role of a Data Protection Officer (DPO) in India? Our comprehensive Audio

Cyberattacks are an increasingly talked-about risk in today's society. They have happened on numerous occasions and will, in all likelihood, happen again. In this trilogy of IT Talks, you will hear about the importance of information security with Peter Franklin, CEO of Redpill Linpro Cyber Security, and Patrik Bauer, Data Protection Officer (DPO) at AMF Tjänstepension. They discuss information security in depth on both a detailed level and a broader perspective to understand the importance of protecting your data and being prepared if/when a cyberattack occurs. In this first episode of the trilogy, they talk about the CIA triad: Confidentiality, Integrity, and Availability – fundamental aspects of working with information security. They discuss the distribution of responsibilities and how to work effectively with these questions. They emphasize the importance of understanding the risks, having a continuous plan to maintain information security, and educating yourself and your colleagues in secure information management.

Ilia got a Masters of Law, After a job in data protection, he liked what he saw. Ilia's privacy career started a few years ago, For social media, he is MTS Group's DPO.

Guest: Dr. Valerie Lyons, AuthorOn Linkedin | https://www.linkedin.com/in/valerielyons-privsec/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of the Redefining Cybersecurity podcast, host Sean Martin engages in a conversation with Dr. Valerie Lyons, co-author of "The Privacy Leader Compass." They discuss various aspects of privacy and provide practical guidance for privacy leaders. Dr. Lyons highlights the regulatory difference between the US and Europe's approach to privacy, with data minimization being a regulatory requirement in Europe. However, she emphasizes that it's not about which approach is better, but rather understanding and complying with the regulatory requirements. They delve into the principles of Fair Information Practices (FIPS) and privacy by design, which are enshrined in GDPR. "The Privacy Leader Compass" is designed to be a comprehensive resource for privacy leaders, incorporating the McKinsey seven S model. It goes beyond compliance, incorporating ethics, trust, and consumer satisfaction in privacy programs. The book is intended to be location and jurisdiction agnostic, allowing privacy leaders to adapt the framework to their specific contexts. The conversation also highlights the value of learning from privacy pioneers and leveraging their experiences. The book includes contributions from over 60 privacy pioneers, providing real-world examples and insights. Dr. Lyons emphasizes the importance of collaboration and learning from others' experiences rather than starting from scratch. They discuss the flexible interpretation within privacy legislation, such as the choice between appointing a Data Protection Officer (DPO) or a Chief Privacy Officer (CPO). They stress the importance of developing a privacy strategy and vision, regardless of the jurisdiction, and exploring why privacy leaders were hired for their roles. Throughout the conversation, Dr. Lyons and Sean Martin present a balanced perspective, focusing on practical guidance and empowering privacy leaders. They explore the dynamic nature of privacy and the need to go beyond compliance, considering ethics, trust, and consumer satisfaction. The conversation is grounded in real-world experiences and provides valuable insights for privacy leaders navigating the ever-changing privacy landscape.About the BookCongratulations! Perhaps you have been appointed as the Chief Privacy Officer (CPO) or the Data Protection Officer (DPO) for your company. Or maybe you are an experienced CPO/DPO, and you wonder - "what can I learn from other successful privacy experts to be even more effective?" Or perhaps you are considering a move from a different career path and deciding if this is the right direction for you.Seasoned award-winning Privacy and Cybersecurity leaders Dr. Valerie Lyons (Dublin, Ireland) and Todd Fitzgerald (Chicago, IL USA) have teamed up with over 60 award-winning CPOs, DPOs, highly respected privacy/data protection leaders, data protection authorities, and privacy standard setters who have fought the tough battle.Just as the #1 best-selling and CANON Cybersecurity Hall of Fame winning CISO Compass: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers book provided actionable advice to Chief Information Security Officers, The Privacy Leader Compass is about straight talk - delivering a comprehensive privacy roadmap applied to, and organized by, a time-tested organizational effectiveness model (the McKinsey 7-S Framework) with practical, insightful stories and lessons learned.You own your continued success as a privacy leader. If you want a roadmap to build, lead, and sustain a program respected and supported by your board, management, organization, and peers, this book is for you.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: Dr. Valerie Lyons, AuthorOn Linkedin | https://www.linkedin.com/in/valerielyons-privsec/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of the Redefining Cybersecurity podcast, host Sean Martin engages in a conversation with Dr. Valerie Lyons, co-author of "The Privacy Leader Compass." They discuss various aspects of privacy and provide practical guidance for privacy leaders.Dr. Lyons highlights the regulatory difference between the US and Europe's approach to privacy, with data minimization being a regulatory requirement in Europe. However, she emphasizes that it's not about which approach is better, but rather understanding and complying with the regulatory requirements. They delve into the principles of Fair Information Practices (FIPS) and privacy by design, which are enshrined in GDPR."The Privacy Leader Compass" is designed to be a comprehensive resource for privacy leaders, incorporating the McKinsey seven S model. It goes beyond compliance, incorporating ethics, trust, and consumer satisfaction in privacy programs. The book is intended to be location and jurisdiction agnostic, allowing privacy leaders to adapt the framework to their specific contexts.The conversation also highlights the value of learning from privacy pioneers and leveraging their experiences. The book includes contributions from over 60 privacy pioneers, providing real-world examples and insights. Dr. Lyons emphasizes the importance of collaboration and learning from others' experiences rather than starting from scratch.They discuss the flexible interpretation within privacy legislation, such as the choice between appointing a Data Protection Officer (DPO) or a Chief Privacy Officer (CPO). They stress the importance of developing a privacy strategy and vision, regardless of the jurisdiction, and exploring why privacy leaders were hired for their roles.Throughout the conversation, Dr. Lyons and Sean Martin present a balanced perspective, focusing on practical guidance and empowering privacy leaders. They explore the dynamic nature of privacy and the need to go beyond compliance, considering ethics, trust, and consumer satisfaction. The conversation is grounded in real-world experiences and provides valuable insights for privacy leaders navigating the ever-changing privacy landscape.About the BookCongratulations! Perhaps you have been appointed as the Chief Privacy Officer (CPO) or the Data Protection Officer (DPO) for your company. Or maybe you are an experienced CPO/DPO, and you wonder - "what can I learn from other successful privacy experts to be even more effective?" Or perhaps you are considering a move from a different career path and deciding if this is the right direction for you.Seasoned award-winning Privacy and Cybersecurity leaders Dr. Valerie Lyons (Dublin, Ireland) and Todd Fitzgerald (Chicago, IL USA) have teamed up with over 60 award-winning CPOs, DPOs, highly respected privacy/data protection leaders, data protection authorities, and privacy standard setters who have fought the tough battle.Just as the #1 best-selling and CANON Cybersecurity Hall of Fame winning CISO Compass: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers book provided actionable advice to Chief Information Security Officers, The Privacy Leader Compass is about straight talk - delivering a comprehensive privacy roadmap applied to, and organized by, a time-tested organizational effectiveness model (the McKinsey 7-S Framework) with practical, insightful stories and lessons learned.You own your continued success as a privacy leader. If you want a roadmap to build, lead, and sustain a program respected and supported by your board, management, organization, and peers, this book is for you.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

The role of a Data Protection Officer (DPO) has been well-known under data protection laws in Europe, currently under the EU GDPR, and prior to that, the EU Data Protection Directive. The role goes as far back as the 1970s, however, despite its established history, numerous questions continue to revolve around the responsibilities of a DPO. Scott Loughlin, co-lead of the Hogan Lovells Privacy and Cybersecurity practice, sits down with Hogan Lovells partner Christian Tinnefeld to discuss the ever-evolving role of a DPO and provide some practical tips for those serving in the function.

What is a Data Protection Officer (DPO)? A Data Protection Officer is a professional who ensures that an organization's data processing activities comply with GDPR (General Data Protection Regulation) and other data protection laws and regulations. They also ensure that the individuals' personal data is collected, processed, and stored securely and legally. Their role includes: Monitoring data processing activities Managing data protection policies Guiding on data protection issues Serving as a contact point for data subjects and regulatory authorities What is the Data Protection Officer (DPO) course with InfosecTrain? The Data Protection Officer (DPO) course from InfosecTrain is intended to teach you the key principles of data protection and privacy, including the General Data Protection Regulation (GDPR) and other relevant regulations. The course can be explicitly beneficial if you are preparing for a DPO role or already holding a DPO position. The course is delivered by experienced instructors who provide participants with one-on-one attention and assistance while providing practical training through case studies and hands-on activities. View More: Why Choose the Data Protection Officer Course with InfosecTrain?

Zoom in to DPO Role with Andy Peeters and Punit Bhatia in The FIT4Privacy Podcast E084 S4 (Trailer) A Data Protection Officer (DPO) can get involved in a company merger in several ways, depending on the size, nature, and complexity of the merger. The role of a DPO is to ensure that the company's data protection program is effective, efficient, and compliant, and that data subjects' rights and interests are respected and protected. As a Data Protection Officer (DPO), the primary role is to ensure that an organization complies with data protection laws and regulations. Being a DPO involves a diverse range of tasks, all of which are focused on ensuring that an organization complies with data protection laws and regulations and protects the privacy of individuals' personal data. You can watch the full episode of this podcast next week. Podcast: https://www.fit4privacy.com/podcast Blog: https://www.fit4privacy.com/blog   YouTube Channel: http://youtube.com/fit4privacy   Email: hello@fit4privacy.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/fit4privacy/message

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, host the award-winning Life with GDPR. In this episode, Tom and Jonathan discuss the role of the Data Protection Officer (DPO) in light of GDPR - an important requirement outlined in Article 37. They discuss how the European Court of Justice views the role, how Germany had a DPO system in place prior to GDPR  and the fact that DPOs should be supported by their employer and protected against any potential conflicts of interests. They touch on the shortage of suitable DPOs due to the price and resource requirements of the role, as well as the example of a data protection authority showing up to an organization and finding a person who had been recently trained. Tune in to discover more key insights about the role of the DPO as you stay knowledgeable on GDPR compliance with Live with GDPR. Key Takeaways: European Court of Justice and the GDPR System [00:05:46] DPO Roles and Responsibilities [00:10:50] Data Protection Authority Visit to an Organization [00:15:26] Notable Quotes: 1.     “The Role of a DPO in simple terms is to sort of act as a sort of police officer to police the organization's handling of data.”  2.     “If you look at GDPR article 37 5, it says that a data protection officer must be designated on the basis of professional qualities. In particular, expert knowledge of data protection law and practices, and there's a number of duties in Article 39 they have to be able to perform.” 3.     “Regulators will expect to see competency. And it's probably easier for a regulator to judge competency than it is to judge conflict of interest.” 4.     “I think it is definitely worthwhile putting resources in training and also currency.”  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Do I need a Data Protection Officer (DPO)? The simple answer is - it depends. In this video, I outline what a DPO is and when you need to assign one, as well as discuss the difference between a DPO and an EU Representative. You can always know more about this in my book "Be An Effective DPO" which can be purchased from Amazon. Chapters: 00:00:00 Intro 00:00:52 Is the data protection officer role mandatory? 00:01:01 What does a DPO do? 00:03:12 Is a DPO the same as an EU Representative? 00:04:01 Who needs to assign a DPO & in what circumstances? 00:05:06 How can you assign a DPO? 00:07:25 Be an effective DPO Who is Punit Bhatia? Punit Bhatia is one of the leading privacy experts who has worked with professionals in over 30 countries. Punit works with CXOs and DPOs to identify and manage privacy risks, and create and implement privacy strategies in a world that is digital, AI-driven, and has data in the cloud. Punit helps you to create a culture of privacy by establishing a privacy network and training management. Selectively, Punit is open to being a privacy advisor or coach for you. Punit Bhatia is the author of four privacy books including the books “Be Ready for GDPR” and “AI & Privacy”. Punit is a global speaker who has spoken at over 40 global events and is a host /creator of the FIT4PRIVACY Podcast which has been ranked amongst the top GDPR podcasts in 2020, 2021, and 2022. Punit is known to use simple business language while avoiding legal jargon. Punit is a certified Fellow in Information Privacy (FIP), CIPM, COP, and CIPP-E. Punit is the founder and CEO of FIT4PRIVACY. Punit is a board member of the ISACA Belgium chapter and DPO Circle. Previously, he served as a board member at World Game Changers. Privacy Kit: https://www.fit4privacy.com/course/privacykit Privacy Blog: https://www.fit4privacy.com/blog FREE Training: https://www.fit4privacy.com/course/free Free Privacy Perspectives e-book https://ebook.fit4privacy.com/ Guide to privacy certifications https://www.fit4privacy.com/course/grow Email: hello@fit4privacy.com Website: https://www.fit4privacy.com --- Send in a voice message: https://anchor.fm/fit4privacy/message

Rightly or wrongly, we often find ourselves neglecting basic policy and procedural elements of the job, when patient demand, clinical priorities and a never-ending stream of new directives are cascaded down from on high. So, with this in mind, we invited regulatory solicitor and lecturer David Sinclair to feature on today's podcast, to bring governance and cyber security more sharply into focus. With the threat of cyber-attacks on the rise, coupled with a quickly evolving policy landscape when it comes to GDPR, data protection and information security, we discuss what practices should be doing now to ready themselves, who should take responsibility for this critical area of work, and what to expect going forwards.   Introduction (9 secs) Meeting David (1 min 5 secs) Current prevalence of cyber attacks on GP practices (1 min 22 secs) What do practices need to be doing right now to protect themselves against the risk of cyber security breaches? (2 mins 26 secs) Management of governance and data protection protocols (3 mins 1 sec) The importance of employing the services of those with the required, specialist knowledge (4 mins 21 secs) Establishment of a named Data Protection Officer (DPO) (5 mins 24 secs) Who is accountable if / when something goes wrong? (7 mins) Proactive proof of compliance (8 mins 15 secs) How do we best demonstrate GDPR compliance? (9 mins 35 secs) Commonly made mistakes and issues (11 mins 26 secs) Responding to data subject access requests (13 mins 29 secs) Who should we consult when seeking advice specifically related to data subject access requests? (14 mins 45 secs) Strategies for managing subject access requests (15 mins 21 secs) Other commonly faced issues and things to be aware of going forwards (16 mins 59 secs) What the future might look like when it comes to governance and security (18 mins 12 secs) Summarising today's discussions (19 mins 6 secs) A final word from David (19 mins 56 secs) Getting in touch (20 mins 41 secs)   If you'd like further information, and / or to connect with David directly, please check out the DR Solicitors website.

On today's show, we have Phil Byrne, Managing Partner at Enable ISO,  a company that specialises in consulting for organisations working toward ISO certification.We ask Phil on the show to talk about all things compliance, in particular, GDPR.GDPR often falls under the remit of HR in companies. We ask Phil what he thinks are the most common GDPR misconceptions in HR, what exactly is the role of the Data Protection Officer (DPO) and does this responsibility sit with HR?We also talk about the new Whistleblower legislation, who it affects and how do you go about dealing with a complaint. If you are in HR and these areas fall under your remit, this is the pod for you. We really hope you enjoy it!If you would like to guest on the HRLocker podcast, get in touch with us :marketing@hrlocker.com

Dando sequência ao conteúdo do episódio #029, neste episódio falaremos sobre o encarregado de dados. Contamos novamente com a presença da advogada especialista em compliance Mariana Blanes que dará detalhes sobre a função, qualificação e cuidados na escolha do Data Protection Officer (DPO), o encarregado. Confira o episódio anterior para entender todos os detalhes da última atualização publicada pela Autoridade Nacional de Proteção de Dados (ANPD)!

Punit is joined by Klaas Ghesquiere for an open and candid conversation. In this conversation, Klaas shares what it is like being a DPO, what are the challenges and how can these be solved. And, more importantly, Klaas emphasizes that a DPO needs to focus on understanding the company, its people and culture. Klaas Ghesquiere is the Data Protection Officer (DPO) of IMEC. He is a certified Data Protection Officer with several years of experience in the field of information security and privacy with a pragmatic approach to complex matters like privacy in the fast-moving digital world we live in. A strong believer in leading by example and open communication to inspire people. This is an extract from the full episode of The FIT4PRIVACY Podcast. If you like this, you would enjoy the full episode. If this is your first time, the FIT4PRIVACY Podcast is a privacy podcast for those who care about privacy. In this podcast, you listen to and learn from industry influencers who share their ideas. The episodes are released as audio every Wednesday and video every Thursday. If you subscribe to our podcast, you will be notified about the new episodes. And, if you have not done it, write a review and share this with someone who will benefit from this. --- Send in a voice message: https://anchor.fm/fit4privacy/message

In this episode of the FIT4PRIVACY Podcast, Punit is joined by Klaas Ghesquiere for an open and candid conversation about privacy, the role of DPO and its challenges. In this conversation, Klaas explains what is like being a DPO, what are the challenges and how can these be solved. KEY CONVERSATION POINTS What is GDPR in one word? What does being fit in privacy mean for an organization? What is the biggest challenge as a DPO? How can it be solved? What is frustrating as a DPO? How does the role of DPO change in different industries? What is the biggest learning so far in the field of privacy? Does coming from a technology background help in being a DPO? ABOUT THE GUEST Klaas Ghesquiere is the Data Protection Officer (DPO) of IMEC. He is a certified Data Protection Officer with several years of experience in the field of information security and privacy with a pragmatic approach to complex matters like privacy in the fast-moving digital world we live in. A strong believer in leading by example and open communication to inspire people. ABOUT THE HOST Punit Bhatia works with business and privacy leaders to create an organisational culture with high privacy awareness and compliance as a business priority. Punit is the author of various privacy books including “Be Ready for GDPR”. Punit has been a speaker at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. RESOURCES Websites: www.fit4privacy.com, www.punitbhatia.com CONNECT Podcast http://hyperurl.co/fit4privacy YouTube http://youtube.com/fit4privacy Email hello@fit4privacy.com --- Send in a voice message: https://anchor.fm/fit4privacy/message

Tomorrow's leaders will be brave enough to scale the dangerous peaks of an increasingly competitive and ethically challenging mountain range. They will drive the problematic conversations that illuminate the valleys in between. One of those leaders is Miguel Mairlot, an attorney and Data Protection Officer (DPO) with Ethikos Lawyers. He has a breadth of compliance experience advising wealth management and insurance businesses, has written and spoken extensively about compliance topics, and teaches financial law in Brussels, Belgium. We spoke with him about compliance and ethics for our new book, Tomorrow's Jobs Today. This episode is also available as a blog post: https://rafaelmoscatel.com/compliance-the-future-of-compliance/ --- Send in a voice message: https://anchor.fm/tomorrowsjobs/message Support this podcast: https://anchor.fm/tomorrowsjobs/support

Punit is joined by Jennifer Salat for an open and candid conversation about the life of a DPO. In this conversation, Jennifer explains what is like being a DPO, what are the challenges and how can these be solved. And, more importantly, Jennifer emphasizes that a DPO needs to focus on current priorities and keep an eye on longer term changes as well. Jennifer Salat is the Data Protection Officer (DPO) at Brussels's largest public transport provider. She has a wide variety of experiences that include defining & implementing quality, service and privacy management systems. She is an expert in project & change management, IT process design & reengineering, functional & technical analysis, configuration & set-up of SAP-HR solutions. She has a functional knowledge of Human Resources & Information Systems. This is an extract from the full episode of The FIT4PRIVACY Podcast. If you like this, you would enjoy the full episode. If this is your first time, the FIT4PRIVACY Podcast is a privacy podcast for those who care about privacy. In this podcast, you listen to and learn from industry influencers who share their ideas. The episodes are episodes released as audio every Wednesday and video on every Thursday. If you subscribe to our podcast, you will be notified about the new episodes. And, if you have not done it, write a review and share this with someone who will benefit from this. --- Send in a voice message: https://anchor.fm/fit4privacy/message

In this episode of the Fit4Privacy Podcast, Punit is joined by Jennifer Salat for an open and candid conversation about the life of a DPO. In this conversation, Jennifer explains what is like being a DPO, what are the challenges and how can these be solved. And, more importantly, Jennifer emphasizes that a DPO needs to focus on current priorities and keep an eye on longer-term changes as well. KEY CONVERSATION POINTS What is GDPR for you in one word? What does being fit in privacy mean for an organization? What are your biggest challenges as a DPO? How can these be solved (by you, or someone for you)? What is your biggest learning so far in the field of privacy? ABOUT THE GUEST Jennifer Salat is the Data Protection Officer (DPO) at Brussels's largest public transport provider. She has a wide variety of experiences that include defining & implementing quality, service and privacy management systems. She is an expert in project & change management, IT process design & reengineering, functional & technical analysis, configuration & set-up of SAP-HR solutions. She has a functional knowledge of Human Resources & Information Systems. ABOUT THE HOST Punit Bhatia is one of the leading privacy experts who has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organisational culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach privacy professionals. Punit is the author of books “Be Ready for GDPR” which was rated as the best GDPR Book, “AI & Privacy – How To Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts. As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for the joy of life' which passionately shares. Roger Federer is his favourite player. Punit is based out of Belgium, the heart of Europe. RESOURCES Websites: www.fit4privacy.com, www.punitbhatia.com CONNECT Instagram https://www.instagram.com/punit.world/ Facebook https://www.facebook.com/PunitBhatiaSpeaker/ LinkedIn https://www.linkedin.com/in/punitbhatia/ Podcast http://hyperurl.co/fit4privacy YouTube http://youtube.com/fit4privacy Email hello@fit4privacy.com --- Send in a voice message: https://anchor.fm/fit4privacy/message

Μια συζήτηση με τον Βαγγέλη Παπακωνσταντίνου για τη συμμόρφωση εταιρειών και οργανισμών με τον κανονισμό GDPR και την προστασία των προσωπικών δεδομένων. Ποια θεωρούνται ευαίσθητα προσωπικά δεδομένα; Πρέπει να επεξεργάζονται από εταιρείες, οργανισμούς αλλά και το κράτος; Ποια η σημασία του GDPR, σήμερα αλλά και στο μέλλον; Σε αυτές και ακόμα περισσότερες απορίες μας απαντάει σε αυτό το podcast ένας «δικός μας» άνθρωπος, ο Βαγγέλης Παπακωνσταντίνου. Ως νομικός, ως καθηγητής Δικαίου Δεδομένων Προσωπικού Χαρακτήρα στο Ελεύθερο Πανεπιστήμιο των Βρυξελλών και πλέον (μετά από μία θητεία στην Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα) ως Data Protection Officer (DPO) στη Νέα Δημοκρατία. Η μετακίνησή του αυτή στάθηκε μια καλή αφορμή για να συζητήσουμε για τον τρόπο με τον οποίο πρέπει να επεξεργάζονται τα προσωπικά δεδομένα μας από έναν πολιτικό φορέα, ένα κόμμα, αλλά και από το κράτος συνολικά. Όπως σημειώνει ο ίδιος, η διαπίστωσή του ότι οι πολιτικοί «είχαν μείνει σε ένα τυπικό επίπεδο συμμόρφωσης» είναι και αυτή που τον οδήγησε να αναλάβει τη νέα του θέση και να βοηθήσει στην ενημέρωσή τους. Όχι μόνο των πολιτικών αλλά και του ατόμου, όπως σπεύδει να προσθέσει, αφού ο ρόλος ενός DPO είναι να βοηθάει και τις δύο πλευρές. Στη συζήτησή μας με το Βαγγέλη αναφερθήκαμε και στο επίπεδο εφαρμογής του GDPR στην Ευρώπη, κανονισμό τον οποίο χαρακτήρισε «ως τη βασική συνεισφορά της Ευρώπης σε όλο τον κόσμο στον τομέα της τεχνολογίας». Άλλωστε, όπως σημειώνει υπάρχουν αρκετά παραδείγματα (από τις ΗΠΑ αλλά και από την Κίνα) προτεινόμενων κανονισμών που πλησιάζουν ή αντιγράφουν το GDPR. “Ήρθε για να μείνει” τονίζει, προτρέποντας όσους δεν έχουν συμμορφωθεί μέχρι σήμερα να το πράξουν.

Entrevista com André Luiz profissional na área de segurança da informação e atua como consultor em auditoria, implantação e adequação a Lei Geral de Proteção de Dados a LGPD no papel de Data Protection Office DPO. Assine Papo Cloud Premium e tenha muito mais conteúdo. papo.cloud/assine Links e materiais citados no programa papo.cloud/077 -------------------------------------------- Instagram / Twitter: @papocloud E-mail: contato@papo.cloud -------------------------------------------- Ficha técnica Produção: Vinicius Perrott Edição: Senhor A - editorsenhor-a.com.br See omnystudio.com/listener for privacy information.

A Lei Geral de Proteção de Dados entrou em vigor no Brasil. Quais são os desafios das organizações em relação ao tratamento de dados pessoais de clientes, usuários e até mesmo de funcionários? E como empresas podem melhor se preparar? Figura central no cumprimento da Lei é o Data Protection Officer (DPO). Neste novo episódio do Entre Tech, conversamos com Vanessa Butalla, Diretora Jurídica e DPO da Serasa Experian. Ela conta sobre as particularidades e responsabilidades quanto à LGPD e fala sobre uma nova carreira em ascensão, a do DPO

Você tem a certificação de Data Protection Officer DPO, será que ela é válida para processos de licitações e termos de referências? Assine Papo Cloud Premium e tenha muito mais conteúdo.https://papo.cloud/assine Transcrição completa do programahttps://papo.cloud/tananuvem164 --------------------------------------------Instagram / Twitter: @papocloudE-mail: contato@papo.cloud--------------------------------------------Support the show: https://www.picpay.com/convite?@L7R7XH

Você tem a certificação de Data Protection Officer DPO, será que ela é válida para processos de licitações e termos de referências? Assine Papo Cloud Premium e tenha muito mais conteúdo. https://papo.cloud/assine Transcrição completa do programa https://papo.cloud/tananuvem164 -------------------------------------------- Instagram / Twitter: @papocloud E-mail: contato@papo.cloud -------------------------------------------- See omnystudio.com/policies/listener for privacy information.

O episódio #31 do Fala KICK, Eu Te Escuto convida duas feras do Direito para desvendar os prós e contras da LGPD, a nova Lei Geral de Proteção de Dados. Prevista para entrar em vigor em agosto de 2020, mas adiada para maio de 2021 por causa da pandemia, a Lei nº13.709/2018 vem sendo apontada como uma regra positiva para o cidadão, mas extremamente desafiadora para os negócios.  Andreia Carvalho é advogada, pós-graduada em Direito Empresarial pela Fundação Getúlio Vargas e em Direito Ambiental, Penal e Processual Penal, especialista em Recuperação Judicial e Falências, com cursos de Extensão em Direito Digital, LGPD e Direito para Startups. Formada também em Administração Judicial pelo Instituto Brasileiro de Direito da Empresa (IBDE), já ocupou cargos de gestão e direção em órgãos do Executivo estadual e municipal. Samanta Oliveira é mestranda em Direito dos Negócios na Fundação Getúlio Vargas (FGV-SP), pós-graduada pela Pontifícia Universidade Católica de São Paulo (PUC-SP) e bacharel em Direito pela Universidade Mackenzie. Também é certificada como Data Protection Officer (DPO) pelo European Center on Privacy and Cybersecurity (ECPC-B: Maastricht University) e em Cybersecurity: Technology, Application and Policy pelo Massachusetts Institute of Technology (MIT). Na conversa com a CEO da KICk, Dani Klein, e a CCO, Liandra Senna, Andreia e Samanta explicam como a LGPD exige que empresas e órgãos públicos alterem a forma de coletar, armazenar e utilizar dados pessoais de clientes, consumidores e cidadãos. Elas detalham também o que muda para as pessoas comuns, que, na imensa maioria das situações, só poderão ter seus dados obtidos ou utilizados por empresas ou governo com autorização.

Com a entrada em vigor do GDPR na União Europeia, o tema da privacidade e proteção de dados ganhou uma importância muito grande no mundo inteiro.Para continuar a negociar com o maior bloco comercial do mundo, diversos países criaram as suas próprias leis baseadas no GPDR, como o Japão, Coréia do Sul e também o Brasil, com a Lei Geral de Proteção de Dados (LGPD).Para se adequar as leis, as empresas deverão contratar profissionais especializados no tema de privacidade e proteção de dados.Um desses profissionais será o DPO (Data Protection Officer) ou Encarregado de Proteção de Dados na LGPD.Uma certificação reconhecida internacionalmente emitida por um órgão confiável e com décadas de experiência certamente será um diferencial desse profissional em uma disputa por uma vaga.A certificação do EXIN Data Protection Officer fornece o conhecimento e as competências corretas para aqueles que desejam se tornar ou já são um DPO (Encarregado) ou mesmo um profissional de privacidade e proteção de dados.Mas você sabe quais são os requisitos para obter o título EXIN Data Protection Officer?Esse é o tema do novo webinar Clavis “Como Obter a Certificação EXIN DPO?”, ministrado por Luiz Felipe Ferreira, instrutor oficial EXIN, professor dos cursos de privacidade e proteção de dados na Academia Clavis e apresentador do SegInfocast

Um bate papo muito agradável e enriquecedor com um dos mais qualificados profissionais de privacidade e proteção de dados pessoais no Brasil, Felipe Palhares.A pauta deste episódio do nosso podcast é um tema polêmico: o papel, os requisitos e os desafios para o exercício da profissão de Encarregado sobre o tratamento de dados pessoais no Brasil.Felipe e eu discutimos sobre os vetos presidenciais a diversas melhorias que o Congresso Nacional tentou promover na regulação jurídica desse que é um personagem central da proteção de dados pessoais, assim reconhecido pela regulação europeia no caso do Data Protection Officer (DPO).O Encarregado na LGPD teve a mesma importância regulatória que o DPO no GDPR? O que esperar da regulamentação infralegal da ANPD quanto às atribuições e a própria definição do cargo? Ele é ou não obrigatório também ao operador? Mais importante: o Brasil corre algum risco de não ser considerado jurisdição adequada para o fluxo internacional de dados pessoais pela União Europeia?Não percam o episódio desta semana!---The Privacy Cast é o primeiro podcast brasileiro dedicado exclusivamente à LGPD e ao tema de privacidade e proteção de dados pessoais no

Neste episódio do SegInfocast, apresentamos o áudio do Webinar “LGPD: Procuram-se DPOs no Brasil” realizado pela Clavis Segurança da Informação em conjunto com o EXIN e apresentado por Luiz Felipe Ferreira. Neste webinar foram abordados um dos pontos relacionados a conformidade com a LGPD, que em 2020 entrará em vigor no Brasil. Para atender a demanda de adequação, muitas empresas terão que indicar a figura do Data Protection Officer (DPO), o encarregado pela proteção de dados. Será que teremos essa mão de obra disponível? Como se preparar para ingressar nas várias vagas que serão abertas de forma direta e indireta à Lei Geral de Proteção de Dados (LGPD)? Além disso, outros tópicos foram discutidos neste webinar: Em um ano de GDPR, quantos DPO’s já foram registrados? Quando é obrigatória a designação de um DPO? As atribuições de um DPO de acordo com a GDPR. As atribuições de um DPO de acordo com à LGPD. Quais os conhecimentos que um DPO deve ter? Quais outras oportunidades estão diretamente relacionadas à LGPD? Estimativas salariais dos DPOs no mundo. Sobre o apresentador Luiz Felipe Ferreira tem 15 anos de experiência em Tecnologia da Informação e desde 2008 trabalha com Segurança da Informação. Formado em Tecnologia em Informática pela UniverCidade e com MBA em Gestão de Projetos e Negócios em TI pela UERJ. Atualmente é Data Protection Product Owner no Itaú Unibanco. Apresentador do SegInfocast, um podcast focado em Segurança. Membro do comitê PrivacyBR. Palestrante em diversos congressos de Segurança como SegInfo, WorkSec e Congresso de TI. Possui as certificações EXIN Data Privacy and Protection Foundation, ISFS, CompTIA Security+, ITIL, VCP, LPIC-1 e MCP.

".. GDPR och Privacy är inte längre något som bara sysselsätter Legal och Compliance, utan är något som de flesta i organisationen tänker på i sitt dagliga arbete" Hur skapar man denna typ av förändring, och hur sätter man upp organisationen för att möjliggöra detta? Få svar på detta och mycket mer i det här intressanta avsnittet där vi får möta Mathias Wikström, DPO från Telenor. Samtalet kretsar kring hans roll som Data Protection Officer (DPO) och hur man på Telenor arbetar med GDPR.

Kaj je GDPR? Kako bo GDPR vplival na večja in manjša podjetja? Bodo strožji predpisi res dali uporabnikom boljši nadzor nad podatki? Kaj se zgodi ko uporabnik ne soglaša? Kaj pomeni neprovratno brisanje njegovih podatkov? Kako smo lahko pri pridobivanju informacij do uporabnika transparentni (npr.pri spletni trgovini)? Kaj pa zbiranje podatkov na Blockchainu? Kaj velja v primeru retargetinga? Kako jasno mora biti uporabniku razloženo za kaj se podatki zbirajo? Ali je v skladu z zakonom, če celotno vsebino spletne strani “skrijemo”, dokler uporabnik ne soglaša z vsem kar zahtevamo? Ali se soglasja lahko pridobivajo tudi offline in telefonsko? Ali mora podjetje iz Amerike za kupce iz EU prav tako upoštevati vsa pravila in zagotoviti drugačno obdelavo podatkov? Kdo je Data Protection Officer (DPO) in kakšna je njegova vloga? Kaj pomeni pravica do prenosljivosti podatkov? Dr. Nataša Pirc Musar je ustanoviteljica in direktorica Odvetniške družbe Pirc Musar & partnerji. V svoji paleti izkušenj je delovala kot novinarka in voditeljica informativne oddaje TV dnevnik in osrednje informativne oddaje 24ur na POP TV. Kariero je nadaljevala v gospodarstvu, bila vodja službe za korporativno komuniciranje v Aktiva Group, nato tudi direktorica Centra za izobraževanje in informiranje na Vrhovnem sodišču. Od leta 2005 je opravljala funkcijo informacijske pooblaščenke. Izvoljena je bila tudi kot predsednica Skupnega nadzornega organa za Europol. Leta 2015 je doktorirala s tezo Kako najti pravo ravnovesje med varstvom osebnih podatkov in dostopom do informacij javnega značaja z uporabo testa interesa javnosti. Matija Jamnik je direktor Odvetniške pisarne Jamnik d.o.o. in stalni pogodbeni sodelavec pravne pisarne JK Group. Z vprašanji varstva osebnih podatkov in zasebnosti ter na splošno IT-prava se aktivno ukvarja od leta 2008. Je član in predstavnik za Slovenijo vseevropskega združenja Cloud Privacy Check / Data Privacy Check. O varstvu podatkov redno predava in izobražuje (Akademija Finance, NT konferenca, OpenIT, Slovenski inštitut za revizijo in drugi).

In today’s episode of Countdown to General Data Protection Regulation (GDRP), Jonathan Armstrong, a partner at Cordery Compliance Ltd in London, and myself consider the role of the Data Protection Officer (DPO) in complying with the new regulations which go live on May 25, 2018. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today’s episode of Countdown to General Data Protection Regulation (GDRP), Jonathan Armstrong, a partner at Cordery Compliance Ltd in London, and myself consider the role of the Data Protection Officer (DPO) in complying with the new regulations which go live on May 25, 2018.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Part 2 in the GDPR mini series: implementing GDPR in your work Last month we talked about the basics of the General Data Protection Regulation (GDPR). In this episode we focus on the specific impact on content strategy and UX. Because the GDPR will change the web, but also our work. Not only how we process personal data, but also how we ask for it will change. People need to be able to view, edit and delete their data. And then there are our research practices. Even those are impacted by the GDPR. If you are 'new' to all things GDPR, please listen to episode 1 first. Episode 2 will make much more sense that way.  Also check out the accompanying blogpost to episode 1 for links to the full GDPR text, some helpful info sources and an overview of the basic principles of GDPR. Note: the audiofile may take about 30 seconds to load.You can also find this episode and subscribe to the podcast in your favorite podcast app. Overview of the steps to take Check with your company where you stand with GDPR compliancy, find the taskforce, let them know you are here to help. Dig up your privacy policy and test it for transparency. Make it more readable, understandable, better. Map out the data streams like user journeys. What does it mean for communication through your design and content? Check whether the tools you use for testing are GDPR compliant. If necessary, find new ones. Design a beautiful flow for the user to view, edit or retract their data. Join the conversation - here, at meetups, conferences, on Twitter, the content & UX Slack - and share your findings, cases and best practices.  Meet our 5 experts Bart Van den Brande - Sirius Legal Bart Van den Brande is a lawyer at Sirius Legal. He specialises in GDPR and helps his clients in complying to the GDPR. Clovis Six - Internet Architects In his UX research and UX design work at Internet Architects, Clovis already encountered some GDPR related issues. In this episode he provides a comprehensive overview of how to implement good GDPR practices in your work.  Katryna Dow - Meeco Katryna Dow is the founder and CEO of Meeco: a platform that enables people to share the information they want to share with organisations they trust, in order to get better, more personalised service and relevant offers. Aral Balkan - Ind.ie Aral Balkan is an amazing public speaker, a cyborg rights activist, co-founder of ethical software company Ind.ie and part of the DiEM initiative. He has a strong opinion on privacy as a human right.  Copy of Copy of Seppe Van Steelant - City of Ghent As the Data Protection Officer (DPO) at the City of Ghent, Seppe Van Steelant plays a vital role in the transition of gent.be and mijngent.be into GDPR compliant platforms.

Part 1 in the GDPR mini series: a primerWhether you're in Europe or not: the General Data Protection Regulation (GDPR) will have a great impact on businesses everywhere. Because even if you're outside of Europe, when you find yourself handling personal data of a European citizen (even if you're based outside the EU), you have to comply with the strict GDPR rules. GDPR?The General Data Protection Regulation is a very strict privacy protocol installed by the European Commision, the European Parliament and the Council of the European Union. It will prohibit companies from asking for data they don’t need, and from storing and using private data in a non-compliant way. The fines for non-compliance are substantial. Even if you’re not in Europe, you could theoretically get a penalty for not complying. But even if you don't, not playing by the rules will cost you your European B2B customers. Is the end of data harvesting near? And what does this mean for content and UX? That's what we discuss in this month's podcast.COOKIE CONSENT WAS JUST A TASTER, GET READY FOR THE MAIN COURSE.   EXTRA BACKGROUND ON THE GDPRTHE 6 principles of privacyLawfulness, fairness and transparency Private data should only be used by organisations in a lawful and fair way. It should be crystal clear to the user how their personal data will be processed. Purpose limitationsOrganisations are only allowed to use the consensually obtained data for the goals they communicated at the time of the transaction. They can no longer take a database and use it for purposes other or unrelated to what was communicated to the user.Data minimisationOrganisations can only ask for the information that is essential for their service. Profiling or marketing are (most of the time) not essential for servicing the client.AccuracyInformation has to be straightforwardly interpreted and not out of date. It should be rectifiable by the user. Storage limitationsPersonal data can only be stored for a few years, and only in a secure file or document, on a secure server that is physically in Europe. Integrity and confidentialityPrivate data should be stored and processed in a way that the data is protected from loss, destruction or damage.Consent is king, transparency is queen The magic word in the new GDPR regulations is ‘consent’. As an organisation, you need to get consent of the user, or 'data subject' in GDPR terms, that is...Informed: they need to know what they’re consenting to.Freely given: you can’t force someone to give their data to use your service.Specific: they are only agreeing to what you are specifically saying they are agreeing to.Unambiguous: just like in other cases where you need consent: consent is a clear yes, not the absence of a no.Privacy by design and Privacy by defaultPrivacy by Design is about the whole engeneering process of a service. It takes privacy into account at every step. We also describe this as value sensitive design, in which human values are taken into account, in a well-defined maner throughout the whole process. Privacy by Default: all the privacy settings are set to optimal privacy. You will be asked for consent when prompted for personal details. Also, only the bare minimum will be asked for. Privacy by Default can be seen as a subset of Privacy by design.Meet our 5 experts Aral Balkan - Ind.ie Aral Balkan is a cyborg rights activist, one third of ethical software company Ind.ie and part of the DiEM initiative. In all these roles, he passionately strives for a better, safer and more democratic web. Clovis Six - Internet Architects Clovis Six is a UX researcher at Internet Architects, and one of my favourite people to work with. After dealing with some GDPR related issues for his clients, he decided to specialise in the matter. He inspired me to make this podcast and helped out in shaping it. (Thanks buddy!) Katryna Dow - Meeco I met Katryna Dow at a professional event on data. Personal data is at the core of what Katryna's company Meeco does. I’m curious to learn how the GDPR will affect her business. Seppe Van Steelant - City of Ghent Government is one example of organisations that own loads of private data. Seppe Van Steelant is the Data Protection Officer (DPO) at the City of Ghent.  Bart Van den Brande - Sirius Legal With only one year to go until GDPR goes into full effect, this seems like a good time to lawyer up! So that’s what we did. Meet Bart Van den Brande at Sirius Legal. LinksGDPR mindmap by J4vv4dBedtime reading: the complete text of the General Data Protection RegulationGood overview of what the GDPR entails by Duthler Associates: