万本电子书0元读

万本电子书0元读

顶部广告

Intro to GDPR: A Plain English Guide to Compliance电子书

售       价:¥

9人正在读 | 0人评论 6.2

作       者:Punit Bhatia

出  版  社:Advisera Expert Solutions Ltd

出版时间:2018-04-27

字       数:14.5万

所属分类: 进口书 > 外文原版书 > 经管/金融

温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
Intro to GDPR is written by experienced data protection professional Punit Bhatia. Bhatia has served as the Privacy and Protection Officer in an EU-based bank and lecturer at the Solvay Brussels School of Economics and Management. He is Certified Information Privacy Professional ? Europe (CIPP-E), Certified Information Privacy Manager (CIPM), and Certified Outsourcing Professional (COP). Bhatia will lead you through the complex journey to the GDPR compliance with the simple language and many practical examples. Whether you are a complete beginner or experienced data protection practitioner this book is the right resource for you. Intro to GDPR is a complete guide to compliance. Bhatia uses the simple language, understandable to everyone in order to lead you from the introduction all the way to getting your organization GDPR compliant. In this book you will learn: 1. Which organisations need to be compliant with the GDPR? 2. Key terms in the GDPR. You will get familiarized with key terms that form the basis of the GDPR. You will learn definitions of terms: “Personal data”, “Special categories of personal data”, “Processing” difference between terms “Controller” and “Processor” and others. 3. Myths about the GDPR like “the GDPR is only applicable in the EU”, “The GDPR is about fines” and others. 4. Transparency through the privacy notice. As written in the book, “transparency is one of the key principles in the EU GDPR” so it is important to understand what is transparency and privacy notice but also what are the key requirements and contents of a privacy notice. 5. Data breaches. “GDPR requirements on data breaches are different for controllers and for processors” – this chapter will make you aware of data breach requirements and key actions that are required once a breach is detected. 6. What is the first thing to do to become compliant and what are the key factors to remain compliant with the GDPR, and much more. Written in plain English, with many practical examples, Intro to GDPR is the only book you need on the subject of GDPR.
目录展开

ABOUT THE AUTHOR

ACKNOWLEDGEMENTS

1. INTRODUCTION

1.1 Which organisations need to be compliant with the GDPR?

1.2 The positive side of the GDPR

1.3 How is this book structured?

1.4 Who is this book for?

1.5 Additional resources

2. ORIGIN OF PRIVACY AND GDPR BASICS

2.1 Introduction

2.2 History of privacy

2.3 What is the GDPR?

2.4 Objectives of the GDPR

2.5 Who does the GDPR apply to?

2.6 Related frameworks (ISO 27001 and other)

2.7 e-Privacy regulation

2.8 Key terms in the GDPR

2.9 Myths about the GDPR

2.10 Business activities that are most impacted by the GDPR

2.11 Success factors

3. LEGITIMATE PURPOSES, PRINCIPLES AND ROLES

3.1 Introduction

3.2 Legitimate Purposes of processing personal data

3.3 Principles

3.4 Success factors

4. TRANSPARENCY THROUGH THE PRIVACY NOTICE

4.1 Introduction

4.2 What is meant by transparency?

4.3 What is a privacy notice or statement?

4.4 Who is the privacy notice meant for?

4.5 What are the key requirements for a privacy notice?

4.6 What are the contents of a privacy notice?

4.7 Who are the key contributors to a privacy notice?

4.8 How often should this be updated?

4.9 Success factors

5. INVENTORY OF PROCESSING ACTIVITIES AND RETENTION

5.1 Introduction

5.2 Inventory of Processing Activities – What, and why?

5.3 Retention of personal data – What, and why?

5.4 Fulfilling inventory and retention requirements – Who, and how?

5.5 Success factors

6. DATA SUBJECT ACCESS RIGHTS AND CONSENT

6.1 Introduction

6.2 Consent – What is it?

6.3 What are the key requirements related to consent?

6.4 Who is responsible for seeking consent?

6.5 Who are the data subjects who need to provide consent?

6.6 What are the scenarios in which consent may be required?

6.7 Data Subject Access Rights

6.8 Who can make a request in line with Data Subject Access Rights?

6.9 How can a data subject make a request in line with Data Subject Access Rights?

6.10 How long can a company take to answer a DSAR?

6.11 Can the data subject be charged for a DSAR?

6.12 How should a DSAR be handled?

6.13 Are there any exemptions when answering a DSAR?

6.14 Can a DSAR be rejected?

6.15 Success factors

7. DATA PROTECTION IMPACT ASSESSMENT

7.1 Introduction

7.2 What is a Data Protection Impact Assessment?

7.3 What is the purpose of a DPIA?

7.4 When should a DPIA be conducted?

7.5 What are the steps of a DPIA, and who should conduct it?

7.6 Success factors

8. DATA SECURITY AND PRIVACY BY DESIGN

8.1 Introduction

8.2 What is privacy by design?

8.3 What are the consequences of privacy by design?

8.4 What are the policies that should be implemented to ensure security of personal data?

8.5 Best practices to implement privacy by design policies

8.6 Success factors

9. PERSONAL DATA TRANSFERS AND MANAGING THIRD PARTIES

9.1 Introduction

9.2 What is meant by data transfers?

9.3 What are the requirements when transferring data, both in the EU and outside of the EU?

9.3.1. How can data transfers be enabled?

9.3.2. How to manage third parties

9.3.3. Managing existing third parties

9.4 Handling new contracts with third parties

9.5 Success factors

10. DATA BREACHES

10.1 Introduction

10.2 What is a data breach, and what are the fines related to a data breach?

10.3 What are the contents of a data breach notification?

10.4 How should a personal data breach be reported?

10.5 What should be done once a data breach is identified?

10.6 Informing supervisory authorities and data subjects

10.7 What should be done after a data breach?

10.8 Success factors

11. DATA PROTECTION OFFICER

11.1 Introduction

11.2 What is the DPO role, and why is it needed?

11.3 What are the responsibilities of a DPO?

11.4 Can you hire an external DPO?

11.5 Important to note if you chose to appoint a DPO

11.6 Success factors

12. GETTING YOUR ORGANISATION TO GDPR COMPLIANCE

12.1 Introduction

12.2 What is the first thing to do?

12.3 Who are the key stakeholders?

12.4 Establish the project

12.5 Choosing an external consultant

12.6 GDPR readiness assessment

12.7 Identify risks and make a plan

12.8 Define a data protection policy

12.9 Communication

12.10 Awareness and training

12.11 Key success factors to remain compliant with the GDPR

12.12 Review awareness on privacy and protection matters

12.13 Internal or external audit

12.14 Regular reviews and continual improvement

12.15 Keep looking forward

12.16 Success factors

APPENDIX A – PROJECT CHECKLIST FOR EU GDPR IMPLEMENTATION

APPENDIX B – DIAGRAM OF THE EU GDPR IMPLEMENTATION PROCESS

APPENDIX C – KEY DELIVERABLES FOR COMPLIANCE WITH GDPR

BIBLIOGRAPHY

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部