Categories Corporate
Professional eBook

Data Protection (GDPR) Guide

Managing Personal Data Better

56
Language :  English
This guide contains a set of guidelines related to protecting the personal data of a private company or public organization.
Professional Plus subscription free for the first 30 days, then $6.99/mo
Access this book on our eReader, no adverts inside the book
Description
Content

This guide contains a set of guidelines related to protecting the personal data of a private company or public organization (hereby referred to as ‘The Company’) by both the management as well as the employees of the company in order to comply with the requirements of GDPR (European General Data Protection Regulation).

About the author

John Kyriazoglou obtained a B.A. (Honours) from the University of Toronto, Canada, also earning a Scholastic award for Academic Excellence in Computer Science. John has worked in Canada, England, Greece and other countries for over 35 years, as a Senior IT manager, Managing Director, IT auditor and consultant, in a variety of clients and projects, in both the private and the public sectors. He has published several books and articles in professional publications, has served in numerous scientific committees and is a member of several professional and cultural associations.

He is currently the Editor-in-Chief for the Internal Controls Magazine (U.S.A.).

  1. General Data Protection Regulation (GDPR)
    1. Introduction: The new data privacy regime in Europe
    2. GDPR Highlights
    3. Migrating to the new privacy (GDPR) regime  
    4. Examples of personal data
    5. Sensitive personal data
    6. How should data protection work?
    7. Effects of incorrect management of personal data
    8. How to rectify the situation
  2. Corporate Data Protection Framework
    1. Data Governance Operating Framework of the company
    2. Data Protection Model ‘TRUST’
    3. Commitment of the company
    4. Compliance with Data Protection (DP) Principles
    5. Authority, Purpose and Use Limitation of PD
    6. Data Subjects
    7. Satisfaction of Requests of Data Subjects
    8. Privacy Notice
    9. Data Protection Requirements for Third Parties  
    10. Data Protection Impact Assessment  
    11. Breach of personal data
    12. Data Protection and Privacy Enhanced System Design and Development  
    13. Destruction of Data  
    14. Data Protection Officer
    15. Awareness and training of employees
    16. Data Protection Monitoring and Auditing  
    17. Data Protection Reporting  
    18. Personal Data and IT Assets Inventories  
    19. Filing a complaint  
    20. Policy violation
  3. Personal Data Management Obligations for Employees
    1. OBL 1. Understand Personal Data Definitions
    2. OBL 2. Security, confidentiality and disclosure of personal data
    3. OBL 3. Following instructions and supporting management  
    4. OBL 4. Avoiding benefit to staff or other parties  
    5. OBL 5. Unfair actions to personal data
    6. OBL 6. Contact with management and the Data Protection Officer
    7. OBL 7. Legal disclosure of personal data
    8. OBL 8. Employee Termination
  4. Personal Data Management Actions for Employees
    1. Data Life Cycle  
    2. Personal Data Collection Actions
    3. Personal Data Maintenance Actions
    4. Personal Data Use Actions  
    5. Personal Data Storage Actions
    6. Personal Data Publishing Actions
    7. Personal Data Purging Actions
    8. Personal Data Security Actions
  • Appendix
  • Appendix 1: Information security and data privacy risks
  • Bibliography
  • Disclaimer
About the Author

John Kyriazoglou