The Foundation for GDPR Compliance and PI/PII Protection: Understand Where Data Resides and Who Processes It
- LANGUAGE: English DATE: Tuesday, April 02, 2019 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
Records of Processing Activity (RoPAs or GDPR Article 30) documentation of data flows is a key compliance requirement. The challenge that many organizations face is that their current approach based on surveying stakeholders is time-consuming, manual and impressionistic at best. Because the output is also divorced from the data, enterprises that are required to produce documentation for regulators and auditors are constantly playing catch up - and cannot transition to a 'continuous compliance' model as prescribed under the EU GDPR.
By contrast, a data-driven approach can automate the building and maintenance of processing activity reports based on machine insights that incorporate human input, ensuring record keeping accuracy while simplifying collaborative business context augmentation. This approach offers benefits in terms of automation, but also provides a path to privacy assurance - and a systematic approach to the GDPR principle of accountability for both internal stakeholders as well as auditors and regulators.
Join this webinar to learn more about:
- Why RoPAs are critical to compliance
- How to better automate the process through integration of business stakeholder input and data-driven insights
- Detecting unstructured data in your IT systems and identifying data owners
- Application of uniform governance guidelines in heterogeneous IT landscapes
- Automate security and compliance controls to ensure real-time problem resolution
In the first part of the webinar, Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, will talk about the need for getting a grip on PI/PII, beyond GDPR. Data Governance and Continuous Compliance must become an integral element of the IT Risk Management and IT Security Architecture.
In the second part, Nimrod Vax, Chief Product Officer at BigID, will speak about the capabilities to automate data processing reports, how they fit into a continuous compliance model with services and technology partners, and the concept or privacy assurance.
BigID aims to transform how enterprise protect and manage the privacy of personal data. Organizations are facing record breaches of personal information and proliferating global privacy regulations like the EU GDPR with fines reaching 4% of annual revenue.
Today enterprises lack dedicated purpose built technology to help them track and govern their customer data at scale. By bringing data science to data privacy, BigID aims to give enterprises the software to safeguard and steward the most important asset organizations manage: their customer data.
Most organizations are aching under the pressure the feel from auditors in delivering information. A large portion of that is based on access reviews, i.e. demonstrating that the least privilege principle and related regulatory requirements are met.
Blockchain is still on everyone’s lips and the 2019 can be the year when large enterprises finally embrace the distributed ledger technology. KuppingerCole's inaugural blockchain-themed event will go beyond the hype and will present you real use cases and applications for your enterprise. Blockchain Enterprise Days (#BeDays19) will take place on September 18-19, 2019 in Frankfurt, Germany.