What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR) imposes new rules on organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents, no matter where they are located.  Most people in the US don’t know or don’t think this affects them, but he key phrase is “no matter where they are located” is what US business should be worried about.  It means if you offer a service in Europe or just have a website that people in Europe can access and provide information, this may affect you too.

There are 4 key components of the GDPR:

  1. Enhanced personal privacy rights – Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it.​Part of the expanded rights is the right for data subjects to obtain from the data controller confirmation as to whether or not personal data concerning them is being processed, where and for what purpose.  Also Data Erasure entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.
  2. Increased duty for protecting data – Privacy by design is becoming part of a legal requirement with the GDPR.  Privacy by design calls for the inclusion of data protection from the onset of the designing of systems.
  3. Mandatory breach reporting – Breach notification will become mandatory in all member states where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This must be done within 72 hours of first having become aware of the breach.
  4. Significant penalties for non-compliance – Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million.

To get the full details of the GDPR, visit this link: https://www.eugdpr.org/eugdpr.org.html

 

Chicago Data Governance Meetup

I am excited to announce the first meeting of the Chicago Data Governance Meetup is this Thursday, July 26th.  I have been doing SharePoint\Office 365 and Azure user groups for the better part of 8 years now.  I was beginning to transition out of the SharePoint world and let my SharePoint group go, it was a hard decision but necessary at the time.

A short time later, I started my career with AvePoint and was thrust back into the SharePoint\Office 365 space.  Now I am focused more on getting clients migrated to new platforms, and helping them figure out how to best manage and protect their information.

Governance always seems to be a huge topic in the SharePoint world, but it is one of the most difficult things to accomplish.  I thought it would be nice to get a group of people together to talk about common problems and solutions to them.

We will go over the goals of the group and what we want the direction to be, Intro to Governance, the importance of good governance

Schedule:
5:30-6:00 pm – Networking
6:00-6:20 pm – Intro to the Group
6:20-7:10 pm – Presentation
7:10-7:30ish – Questions and Group Discussion

I encourage you to attend and help grow our group by spreading the word!

Aon Center / Microsoft Office

200 E Randolph – Microsoft Office
Suite 200
Chicago, IL (edit map)