GDPR & Content Management
Added Wednesday 24 May 2017
GDPR & Content Management Event
Date & Time: Thursday 22 June 2017, 13:00 – 17:00pm
Location: Arrow ECS, 6 Dowgate Hill, London EC4R 2SU
Does your organisation store its business-critical customer content in an enterprise content management (ECM) system?
Will you be at least partly responsible for ensuring you’re fully prepared by the time the new General Data Protection Regulation (GDPR) comes into force in May 2018?
If so, this event from Insight2Value (I2V) is a great opportunity to meet with your colleagues and peers to discuss the impact of the GDPR and how you can ensure compliance.
Our thought leadership experts will explore:
- The current state of ECM
- The economic and operational impact of the GDPR
- Driving GDPR processes from your existing ECM solution:
- Subject Access Requests
- Data Breach Incidents
- Privacy Risk Impact Assessments
Why should you attend this event?
The new GDPR legislation comes into effect in 2018 and means that the cost of a security breach could attract fines of 4% of global turnover or €20m - whichever is greater. The UK Payment Cards Industry Security Standards Council has calculated that even if UK data breaches remain at 2015 levels, when fines amounted to £1.4bn, UK organisations could see a near 90-fold increase in fines paid to the European regulator - amounting to £122bn! Even SMBs are set to see a 60-fold increase in fines to £52bn, which the PCI SSC suggests would average out at £13,000 per small business.
So the upshot is that companies need to act now to ensure they’re ready for GDPR and minimise potential cost and risk to the business.
Think you’re compliant? Prove it!
Whilst many organisations are rightly looking at the GDPR as an impetus to clean up their legacy data, simply going through the motions won’t suffice. The new legislation demands that you not only comply with the principles outlined in the GDPR, but can also demonstrate the process by which you will ensure ongoing compliance.
The UK Information Commissioners Office couldn’t be clearer.
“The GDPR requires you to show how you comply with the principles – for example by documenting the decisions you take about a processing activity.”
Handling Subject Access Requests:
As the new GDPR is designed to protect the right of every EU citizen to determine whether, when, how and to whom his or her personal data is revealed – as well as how it can be used – your organisation needs to be ready to handle ‘subject access requests’, quickly and efficiently. While this obligation already exists, under GDPR organisations will no longer be permitted to charge a fee per request, which will inevitably lead to an increase in the volume and frequency of requests.
How will you ensure that once a request is triggered, you are able to gather all the relevant data and communications relating to that subject – whether it exists in structured (e.g. within a database) or unstructured (e.g. email or social communications) format?
This event will include a demonstration of a workflow-centric solution that enables you to track each request over time, with supporting analytics, full audit trails and SLA management ensuring an efficient process and GDPR compliance.
Managing Data Breaches:
Under the GDPR, any data breach must be reported to the Information Commissioner’s Office within 72 hours, to avoid a significant financial penalty.
Will you be able to provide a full audit of the steps taken to respond to an incident - demonstrating to the ICO that you are in control of your data breach investigation processes, no matter how small and trivial the breach?
This event will show you how to manage data breaches in a way that complies with the GDPR.
Privacy Risk Impact Assessments:
Under the GDPR, some activities such as large-scale data processing require a Privacy Impact Assessment. Organisations will be required to demonstrate that they are undertaking annual risk impact assessments and provide the ICO with updates in response to those assessments.
How will you manage that process, to ensure this statutory activity gains the necessary review and approval by those inside and outside of your business?
This event will demonstrate how you can ensure that your Privacy Risk Impact Assessment process complies with the GDPR, using a collaborative process to schedule, store and maintain reviews, as well as managing third party suppliers effectively.
Those organisations that don’t just pay lip service to the GDPR, but actually build compliance into their processes and core business strategy, have a real opportunity to gain a competitive advantage.
Please note in order for this event to provide real value and as numbers are limited we are asking attendees to ensure they invite their GDPR counterpart in their organisation and for those who have responsibility for GDPR, we would ask you to invite your ECM colleagues.