29 avsnitt

How does GDPR, data privacy and data protection impact your business? In this podcast, Tom Fox, the Voice of Compliance hosts Data Privacy/Data Security expert Jonathan Armstrong, co-founder of Cordery Compliance. They use the framework of GDPR to discuss a wide range of issues relating to data privacy and data protection. If you are a compliance professional, business leader or InfoSec security expert this is the podcast to learn about what is happening in the UK, EU, US and beyond.

Life with GDPR Tom Fox

    • Näringsliv

How does GDPR, data privacy and data protection impact your business? In this podcast, Tom Fox, the Voice of Compliance hosts Data Privacy/Data Security expert Jonathan Armstrong, co-founder of Cordery Compliance. They use the framework of GDPR to discuss a wide range of issues relating to data privacy and data protection. If you are a compliance professional, business leader or InfoSec security expert this is the podcast to learn about what is happening in the UK, EU, US and beyond.

    Coronavirus and GDPR

    Coronavirus and GDPR

    In this episode of Life with GDPR, Jonathan Armstrong and Tom Fox consider the multiple data privacy/data protection risks which have arisen under the coronavirus health crisis.
     Some of the highlights in this episode include:

    How does coronavirus impact GDPR compliance?

    What issues arise with working from home?

    What is consent and why is it so critical now?

    What is the role of a DPIA in this process and why is it so critical?

    Can you monitor employees working from home?

    What about customer communications?

    What are some basic best practices to minimize risk at this point?

    What does this mean for companies and clients going forward?

    Resources
    Cordery Breach Navigator
    Cordery Client Alert “Coronavirus and Data Protection”
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 26 min
    Special Valentine’s Day Edition-Facebook Dawn Raid in Ireland

    Special Valentine’s Day Edition-Facebook Dawn Raid in Ireland

    In this episode of Life with GDPR, Jonathan Armstrong and Tom Fox have their first emergency podcast. Earlier this week, the Irish Data Protection Commission raided Facebook in Ireland over the company’s announced plan to begin a dating service on Valentine’s Day.
    Some of the highlights in this episode include:

    What is the to-do all about?

    Do European data protection authorities have dawn raid powers?

    What might the Irish Data Protection Commission have been looking for in this raid?

    What is the role of a DPIA in this process and why is it so critical?

    When should a DPIA be carried out?

    How can a DPIA a mitigating or aggravating factor?

    What is the importance of training around DPIAs?

    What does this mean for companies and clients going forward?

    Resources
    Cordery Breach Navigator
    Cordery Client Alert “Ireland’s Data Protection Authority Halts Facebook Dating Service”
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 25 min
    Episode 36- Extension of BA Response Time

    Episode 36- Extension of BA Response Time

    In this episode of Life with GDPR, Jonathan Armstrong and Tom Fox are back to discuss the recent ICO announcement that it was extending the time for British Airways and Marriott to respond to its proposed fine and penalty. Some of the highlights in this episode include:

    What makes the background of the case so complex?

    What did the ICO say and why did they extend the deadline for BA to respond?

    What are some of the possible reasons for the delay?

    What if anything does Brexit have to do with this?

    In view of Brexit, will the EU be watching the ICO in this matter?

    What might be the relationship between the ICO and EU on data privacy going forward?

    Background of British Airways (BA) enforcement action.

    Resources
    Is the BA Fine in the Departure Lounge?
    Cordery Breach Navigator
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 17 min
    Episode 35- What does Brexit Mean for GDPR?

    Episode 35- What does Brexit Mean for GDPR?

    In this episode Jonathan Armstrong and I consider the implications of GDPR enforcement going forward after Brexit. Recognizing the situation is incredibly fluid, there are nevertheless some areas of risk management that you can begin to prepare for in the event of a deal for an orderly Brexit, a no-deal Brexit or an extension of the deadline Some of the highlights in this episode include:

    What does Brexit mean for GDPR enforcement?

    How will the UK-ICO move forward after Brexit?

    What are the implications of a no-deal Brexit? What can a company do to prepare at this point?

    How will the Irish regulators react to Brexit?

    What will Brexit mean for internal investigations, both in the UK and EU?

    What happens if there is an extension?


    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 16 min
    Role of Vendors in Data Breaches

    Role of Vendors in Data Breaches

    In this episode of Life with GDPR, Jonathan Armstrong and Tom Fox are back to discuss the role of vendors in data breaches and the corporate response thereto. Some of the highlights in this episode include: 
    How much due diligence did you perform on your vendors from the data protection risk perspective?How much due diligence did you engage in for any M&A activity or acquisitions?Do you have the full cooperation of your vendors in any data breach?What is the role of a vendor in responding to a data breach?Does your risk management strategy have a fall back if you have to terminate a vendor over a data breach?For more information on vendor data breaches, check out the following resource on the Cordery Compliance website, https://www.corderycompliance.com/dealing-with-a-data-breach/ . Also if you have not done so, check out the Cordery Breach Navigator here,  https://www.corderycompliance.com/solutions/breach-navigator/



    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 20 min
    Episode 33- Lessons Learned in Year 1 of GDPR, Part 3

    Episode 33- Lessons Learned in Year 1 of GDPR, Part 3

    In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. In this episode, we conclude our three-part series of some of the key lessons learned from the first year of GDPR. Some of the issues and highlights are:
    Remediate then report. The remediation of an issue before reporting can be the key issue for regulators on whether they will move forward with a more public spanking. It is important to show that you have learned lessons and applied them to the facts of your data breach. Don’t try and cheat the victims by imposing new contractual terms such as Equifax did in its recent settlement. Think of the simple way for a data breach to occur, a briefcase left on the Tube.
    Don’t Diss the DPA. Why would a company take on the regulator? You must respect the regulator even if you disagree with them. You can make a bad situation worse by attacking the regulators. This does not mean you cannot forcefully argue you position or zealously represent you client but calling regulators idiots in public filings will not help you position or your case. 

    Keep logs. This is important in case you need to revisit a decision later. Regulators can ask to see these logs at any time, not simply during an investigation or enforcement action. A compliance officer should be involved in the maintenance of the log system. Document Document Document. Unannounced inspections are beginning to occur.
    Debrief and Learn. Revisit the facts to see what lessons are to be learned. Continuous improvement. Even on a journey of 1000 miles, it is important to look back. Once again if you make a change due to a breach or other event, document what you have done so you can show the regulators.
    For more information on Cordery Compliance, go their website here.
    For more information on data breaches, see here.
    Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 27 min

Mest populära podcaster inom Näringsliv

Andra som lyssnade prenumererar på