Ever since the introduction of the EU General Data Protection Regulation (GDPR) in May last year, data protection has become a topic that’s hard to avoid. It’s been a popular subject of news items, online posts and training courses. Always lock the screen and the office and do not keep personal data accessible to everyone, don’t leave it on your desk for others to see and don’t process it without protecting it from prying eyes.
Should be easy, right? Actually, data protection should have become second nature to us by now. After all, it’s in our own interest. But especially in everyday working life, many people often stumble because of the pitfalls of the new EU GDPR. And that can have serious consequences. Whereas the supervisory authorities initially assumed an advisory function and provided technical support when the GDPR was introduced, more and more checks have been announced in recent weeks. This has already resulted in a few written warnings – and more are expected to follow. Fines have been imposed, for example, for breaches of confidentiality in the medical field and for the failure to enter into contract data processing agreements. That’s good reason to take another closer look.
Opportunities and risks of a data-driven society
Our society is increasingly data-driven, and electronic data exchange has long been an everyday occurrence in both professional and private life. In addition to the opportunities offered by easier handling of data, there are also risks that must always be taken into account. Even one year after the GDPR came into force, there is still a great need for information, especially since data protection in companies can no longer be viewed in isolation. Those responsible must at the same time also focus on IT security and cybersecurity.
Is there a management system in place in which data protection can be integrated or is the data protection management system (DPMS) a stand-alone system within the company? And is the company’s information system secure enough? Where is the cloud located and what impact does this have on data protection? The General Data Protection Regulation presents companies with a variety of challenges in all areas.
The TÜV Rheinland Academy has already trained more than 1,500 data protection officers; last year alone, 2,400 people attended data protection training of some kind. Given the persistently high demand, we have decided to support companies, public authorities and all organizations by offering an additional training format to meet the new requirements.
The Data Protection Conference organized by TÜV Rheinland on 24 and 25 October in Hamburg will focus on data protection issues that are relevant to day-to-day business. From a review of the GDPR (a look back) to innovations such as ePrivacy and blockchain (a look ahead) to the implementation of requirements relating to information security and the cloud as well as co-determination in cybersecurity (a look at what needs to be done) – this conference will be all about practical relevance. Experts from TÜV Rheinland as well as partners and representatives of companies and public authorities will provide clear information of how companies can avoid liability risks and comply with the law, demonstrating vividly that transparent and functional data protection management can be very useful rather than annoying.
Top speakers and live hacking
The German-language conference program includes lectures by experts from renowned companies such as HP, Microsoft, AWS and SAP, from the Fraunhofer Institute, the State Criminal Police Office and the Hamburg Data Protection Commissioner. In addition, the TÜV Rheinland specialists will demonstrate in live hacking sessions how data protection vulnerabilities can be detected by way of simulated cyberattacks. And of course, attendees will have an opportunity to network and swap notes with colleagues from other industries. After the event, many conference attendees will return home and say: “Data protection – it isn’t really that hard, you just have to know how it works.”
See you soon in Hamburg!
• When? 24/25 October 2019
• Where? Hamburg
• Registration firstname.lastname@example.org or www.tuv.com/seminar-32129
• Contact: Yvonne Diedrich, tel. ++49 (0)40 3787904 153, email@example.com
For more information on all topics relating to data protection see: www.tuv.com/datenschutz (available in German only)