Indian companies must comply with the EU Data Privacy Directive (GDPR)
At the data and IT-Security event on the 18th December 2017 in Mumbai, participants will learn how the EU's GDPR legislation will bring definition, clarity and accountability to data practice in all EU countries, incl. UK. to comply Indian companies must enforce transparency and create a GDPR framework to document clarity and accountability to the IT and data practice.
India is not on the approved list of countries where personal data can be transferred to a third country. (However, countries like Argentina and Venezuela are on the positive list!)
- How can Indian companies be compliant and protect and safeguard customer's personal identifiable information?
- How can Indian IT companies ensure agility, accessibility and flexibility as part of the data strategy?
- How can Indian companies control the data through better policies and parameters, to be compliant with the GDPR?
The EU GDPR law will apply to any organisation around the globe that handles the data of European companies or citizens, regardless of industry. By 25th May 2018, Indian businesses will have to follow the GDPR, or face the consequences of non-compliance.
Every company dealing with the EU citizens has to comply with the new EU GDPR by May 2018. The General Data Protection Regulation will require Indian companies that are doing business in the EU or associated with the data of an EU national to comply. India is not on the approved list of countries for data transfer and portability which requires additional certifications.
- During the sessions at the IT Security Conference in New Delhi and Mumbai, you get the facts on GDPR implementation strategy, methodology, roadmap and framework for compliance
- International data transfers.
- Multijurisdictional & territorial scope of the EU GDPR
- Data protection by design and default, Reporting data breaches
- How to place data privacy at the heart of all new applications and processes
- Privacy by design will need to be part of the organisation's mindset
- How and when to report a breach, understand when it occurred, who and what has been affected, and how to decide what the next steps for the right and timely GDPR implementation.
Tuesday 18th December 2017
Taj Mahal Palace, Colaba, Mumbai
Session start from 09:00-16:30.
Registration at 08:30
INR 4500/- for the course
INR 2200/- for certification
Kersi F Porbunderwalla
Cyber Law Consulting
Head (Security Practice)
Tata Communications Ltd.
Besides a GDPR certification seminar there will be three speeches on GDPR and Data privacy at the event
YOU HAVE BREACHED: WHAT NEXT?
- Is current cyber security strategy "Protect, Detect, Respond" a correct one?
- Why Incident Response and Digital Forensics, an integral component of Cyber Security life-cycle.
- What are the business & technical requirements of Incident Response
HOW CAN INDIAN COMPANIES COMPLY WITH THE GDPR?
- India is not considered by the EU as having adequate data protection laws and is not on the approved list of countries for data transfer and portability.
- How can Indian IT and Data companies ensure EU GDPR Compliance as the world’s leading service provider, under the expanded scope and jurisdictions of GDPR?
The EU General Data Protection Regulation (GDPR)
- 2016 Annual Report - The state of privacy 2017: EDPS provides mid-mandate report
The GDPR has been, and will continue to be, the point of reference for our work. As set out in the Strategy for the EDPS mandate, the aim is to make data protection as simple and effective as possible for all involved.
- GDPR Course in Copenhagen
The first two comprehensive GDPR seminars were held in Copenhagen on n November 2016 and March 2017; both were a tremendous success
- The multijurisdictional scope of the EU GDPR
Crucial to the General Data Protection Regulation (GDPR) and integral to the entire legislation, is its explicitly extended territorial scope. This rather ambitious piece of legislation obviously seeks to exercise control and impose sanctions in jurisdictions beyond the EU and when EU citizen data protection rights are at risk.
- The correct GDPR implementation can protect the organisation on data and IT Governance
Getting started the right way to assess, compile and measure the tremendous amount of effort required for GDPR compliance cannot be performed by other than in-house staff who know the idiosyncrasies of digital platforms, software ecosystems and how to streamline the current data and communication structures.
- If you get GDPR certified, you get recognised for your privacy efforts and data knowledge
There is a rush to solve the GDPR problem. However, it is important to secure the right approach at the right time with the right process and above all the right certification. At our GDPR events you can get certified as the holder of an EU GDPR FAS exam certificate and register your qualification on the international The EuroSox Institute® Successful Candidate Register for free.
- Preparing The Structure and Plan For EU General Data Protection Regulation
Learn how to change your practices within your IT platform and data environment to comply with GDPR, data privacy regulation. At the seminar on the 20th April 2017 at The Confederation of Danish Industries we focus on the following GDPR implementation issues.
- How will the new EU data protection requirements (GDPR) affect your organisation?
The EU General Data Protection Regulation (GDPR) is new legislation that provides a single, harmonised data privacy law for the European Union. With the increasing risk of data breaches from cyber-attack, the GDPR aims to prevent the loss of personal data by improving data security for all individuals living in EU member states.
- The why, the how, the who, the what, the exceptions, the consequences and the solution to GDPR compliance
The aim and goal of the EU General Data Protection Regulation (GDPR) are to both strengthen and unify the data protection rights of individuals within the European Union (EU) and at the same time address the transfer of personal data outside the EU. The compliance deadline for GDPR is May 2018; however, the amount of internal collaboration to address on how data is collected, stored, used and archived means that planning compliance to GDPR cannot wait any longer
- Personal accountability for data protection at the board level is an issue.
In the good old days, the board of directors were accountable to the shareholders for its actions. This limitation has now changed forever. The Board and the committee members are now more responsible to the oversight authorities as well as to the annual assembly and the shareholders.
- Characteristics of a Responsible Lift-Off of the General Data Protection Regulation (GDPR) implementation.
The timeline & milestones for EU general data protection regulation require that companies throughout the EU address the significant challenges in handling personal data when the General Data Protection Regulation (GDPR) goes live. The new GDPR regime cannot be automatically translated into the current IT platforms and data structures within the organisation. However, when stakeholders figure out how the current data is collected, stored, accessed, disclosed and utilised the difficulties in complying are activated.
- Principle GDPR definitions that will have a considerable impact on the IT, Data and security policies of the organisation
- GDPR is an opportunity for organisations to re-balance their total digital engagement
From time to time, companies are faced with regulatory Governance, Risk Management, Compliance (GRC) and IT-Security issues that are on the onset extremely cumbersome. It probably started with SOX (Sarbanes-Oxley Act) in 2004 for added good Governance, after the financial crisis in 2008. The Glass-Steagall Act, (37 pages) was replaced by Dodd-Frank (848 pages) for added Risk Management processes. 20,000 new regulatory requirements for the financial services industry were created in 2015 for added Compliance and to avoid big banks to fail. Now added IT-Security and Data Protection systems must be implemented under The General Data Protection Regulation (GDPR) to protect and preserve all corporate data.
- Ready or not, GDPR is round the corner
Another year has passed with a collection of massive data breaches. The year 2015 had some massive violations. However, 2016 has proved to be worst year, with two of the largest data breaches in the history of mankind. Besides the massive hack at the Democratic National Committee with significant global political implications and a continued onslaught of breaches from healthcare, to point pf sale technology.
- Do not mess up the EU Data Protection Compliance
Based on recent research, a recent survey indicates that up to 75 percent of Nordic organisations could be at risk of sanction under the new EU GDPR rules. Primary results: more 52% have done nothing at all to prepare themselves for GDPR, 36% were unaware of its existence.
- GDPR spelt backwards is Regulation on Protecting Data with Governance
Getting started head on to assess, compile and measure the tremendous amount of effort required for GDPR compliance cannot be performed by other than in-house staff who know the idiosyncrasies of digital platforms, software ecosystems and how to streamline the current data and communication structures.
- The Changing Dynamics of Data Protection, IT Governance and the International Transfer of Data
Many organisations face the challenge of needing to comply with the new EU General Data Protection Regulation (GDPR) by May 2018. There is no shortage of advice as to what these organisations need to live up to, but currently, there is little information or guidance as to how to do it. Developing a GDPR Roadmap with an implementation framework should be an early priority to ensure an organisation is focused on doing the right things, in the right way and at the right time.
- GDPR workshop and assessment.
We recommend that when you address the EU GDPR compliance requirements, all organisations must take the following two steps before launching the implementation process.
We will help you conduct the workshop and perform the audit, to get a clear idea of the shared personal data being stored and where it originates. The workshop and the data review is a vital part of the EU GDPR data protection compliance regime that ultimately will develop the plan, roadmap and framework, specific to your organisation.
- Conduct an in-house workshop to identify the key impacts of GDPR and determine and prioritise the exact number of key deliverables, with a description of each key task and deliverables and the resources needed.
- Get a regular data audit of the personal data in your organisation and receive a data flow map that identifies where your GDPR relevant data is stored. The review will enable you to implement measures to reduce the risk of an information security breach and be in-compliance with the GDPR mandates.
For details see: http://www.copenhagencompliance.com/gdpr/GDPR-Key-Framework.pdf