Denley, Andrew
QRcode
자료유형 | E-BOOK |
---|---|
서명/저자사항 | GDPR : how to achieve and maintain compliance/ Andrew Denley, Mark Foulsham and Brian Hitchen. |
개인저자 | Denley, Andrew,author. Foulsham, Mark,author, Hitchen, Brian,author, |
발행사항 | Abingdon, Oxon ; New York, NY: Routledge, 2019. |
형태사항 | 1 online resource. |
ISBN | 9780429449970 0429449976 9780429832291 042983229X 9780429832277 0429832273 9780429832284 0429832281 |
일반주기 |
Includes index.
|
내용주기 | Cover; Half Title; Title Page; Copyright Page; Table of Contents; The Authors; Acknowledgements; Introduction; Structure of this book; Italic text; The journey of GDPR to statute; Penalties; Practical application; GDPR history; Key roles defined; GDPR principles; Your GDPR project; Section 1: Does the GDPR apply to you?; What information is covered by the GDPR?; The GDPR is not just a European issue; Can you choose a Supervisory Authority (SA)?; Does the GDPR affect your whole organization?; Pan-national data; Section 2: GDPR principles; Consent; Section 3: Key roles Data Protection Officer (DPO)The role of the Data Protection Officer; Data controller; How to determine whether an organization is a data controller or a data processor; Data processor; Sub-processor; Section 4: Rights of the data subject; The right to be informed; Section 5: Your GDPR project; GDPR tools; GDPR: a breakdown; Create an action plan and from your project team(s); The role of IT; Review what data your suppliers hold; Audit your suppliers; Create a data privacy governance structure; Review your right to process; Check your incident response plan Disaster Recovery and Business Continuity PlanTransitioning to BAU; Change management; Controller obligations in BAU; Data subject rights in BAU; Risk management and information security in BAU; HR and communications in BAU; Section 6: Information security best practice; The need for a robust information security framework; ISO27001/2:2013; Implementing ISO27001; The ISO2700 series of standards; NIST security framework; Cyber essentials; Security testing; Vulnerability scanning; Penetration testing; Tiger Attack; Risk; Understanding risk; Assessing your suppliers for security Key areas of security you should considerSection 7: Awareness; Information security policy; Induction; Refresh and update; Awareness; Security testing; Incident response plan; Whistle-blowing policy/Hot-line; Section 8: Data handling and management; Data holdings and retention; Understand the value of your data; Data ownership; Data Protection Impact Assessment -- DPIA; Data protection by design and default; The data flows; Reflections; Data coming in; Data going out; Risk assessment; Risks to the individual; Anonymization and pseudonymization; Data retention; Binding corporate rules Lawful processingLawfulness of processing special categories of data; Consent; Transferring data outside of the EU; Defensive data; Data protection by design and default; Section 9: Data breaches; Penalties; Compensation; Breaches; Incident response plan; Who should be involved?; Victim or villain?; Monitoring; Perimeter; Security testing; Section 10: Your technology environment; Introduction; Website; Intranet; Extranet; Mobile apps; Social media; On-line file sharing; Bring your own device -- BYOD; Backend systems; Legacy systems; Where do you process your data? |
요약 | Following the implementation of the new General Data Protect Regulation on 25 May 2018, organizations should now be fully compliant with their national interpretation of this far-reaching data protection standard. The reality is that most are not; whether through their inappropriate use of online cookies or ineffective physical data security, businesses continue to struggle with the increasing pressure from regulators to apply the Regulation. Non-compliance is widely due to misinterpretation, lack of real-world thinking, and challenges in balancing costs against business practicalities. This book provides insight into how to achieve effective compliance in a realistic, no-nonsense and efficient way. The authors have over 100 years' collective international experience in security, compliance and business disciplines and know what it takes to keep companies secure and in-line with regulators' demands. Whether your organization needs to swiftly adopt GDPR standards or apply them in "Business as Usual" this book provides a wide range of recommendations and explicit examples. With the likelihood of high-profile penalties causing major reputational damage, this book explains how to reduce risk, run a remedial project, and take immediate steps towards mitigating gaps. Written in plain English, it provides an invaluable international reference for effective GDPR adoption. |
주제명(단체명) | European Parliament. --General Data Protection Regulation. |
주제명(지명) | Europe --European Union countries. --fast |
일반주제명 | Data protection --Law and legislation --European Union countries. Privacy, Right of --European Union countries. LAW / Business & Financial. LAW / Privacy. LAW / International. Data protection --Law and legislation. Privacy, Right of. BUSINESS & ECONOMICS / E-Commerce / Internet Marketing BUSINESS & ECONOMICS / E-Commerce / Online Trading BUSINESS & ECONOMICS / E-Commerce / General (see also COMPUTERS / Electronic Commerce) |
언어 | 영어 |
바로가기 | URL |
서평 (0 건)
*주제와 무관한 내용의 서평은 삭제될 수 있습니다.
서평추가