BA
Uploaded byBusola Awani
PPTX, PDF636 views

GDPR – Data Portability

This document discusses individual rights under the GDPR, including the right to be informed, right to access data, right to rectification, right to erasure, right to restrict processing, right to object, and right to data portability. It provides details on the elements of data portability, specifying that it applies to personal data provided by the individual based on consent or contract, must be in a structured and machine readable format, excludes inferred data, and considers third party rights during transfer between controllers. The document also compares the process for an access request versus a data portability request, noting they have similar timelines and identification requirements but data portability applies only to automated personal data.

Downloaded 20 times
GDPR – Individual Rights 1. Right to be informed 2. Right to access (SAR) 3. Right to rectification 4. Right to erasure ( right to be ‘forgotten’) 5. Right to restrict processing 6. Right to data portability 7. Right to object 8. Right related automated decision making and profiling
Elements of data portability • Access to personal data based on consent or contract (which data subject is a party) • Strictly limited to automated processing by Data Controller • Data must be structured, commonly used and machine readable • Access to data subject’s personal data without ‘hindrances’ by other data controllers • Limited to information provided by data subject • Includes information generated due to use of service • Excludes inferred information generated by data controller • Must consider third party personal data during transfer - individual rights/personal use and • Data transfer between data controllers ought to be ‘interoperable’
GDPR – Data Portability Access Request Data portability Time One month One month Type of data All personal data •Personal data provided to a controller; •Processing based on consent or for the performance of a contract; and •Processing is carried out by automated means. fee Possibly ( excessive and repetitive) Free of charge Proof of identity Yes – drivers licence, recent utility bill etc. Yes – password or unique identifier Procedure Individual/third party Individual/third party (other than solicitors firm). Request extension Two months ( write to explain reason for extension within a month) Two months ( write to explain reason for extension within a month)
Way forward • Check your business areas for data portability and inform team leader • Website and Intranet will be updated re: changes ( before the end of the next financial year i.e. 2017 - 18) • Develop templates to support process?

More Related Content

PDF
ACI Europe - GDPR CUPPS Presentation
byStephen H. Baird
 
PPTX
ICSA Irish Region General Data Protection Regulation event, 10 October 2017
byInstitute of Chartered Secretaries and Administrators
 
PPTX
Privacy Discusssion GM667 Saint Mary's University of MN
bySaint Mary's University of Minnesota
 
PDF
Privacy by Design
byVectr.Consulting
 
PPTX
IRBsearch | GLBA data
byIRBsearch, LLC
 
PDF
GDPR Overview
byTrish McGinity, CCSK
 
PPTX
Managing GDPR and Other Uses of Integrated Email Marketing | Gold-Vision CRM
byGold-Vision CRM
 
PPTX
General Data Protection Regulation
byGrittyCC
 
ACI Europe - GDPR CUPPS Presentation
byStephen H. Baird
 
ICSA Irish Region General Data Protection Regulation event, 10 October 2017
byInstitute of Chartered Secretaries and Administrators
 
Privacy Discusssion GM667 Saint Mary's University of MN
bySaint Mary's University of Minnesota
 
Privacy by Design
byVectr.Consulting
 
IRBsearch | GLBA data
byIRBsearch, LLC
 
GDPR Overview
byTrish McGinity, CCSK
 
Managing GDPR and Other Uses of Integrated Email Marketing | Gold-Vision CRM
byGold-Vision CRM
 
General Data Protection Regulation
byGrittyCC
 

What's hot

PPTX
The Impact of Cloud: Cloud Computing Security and Privacy
byCharles Mok
 
PDF
Preparing your Business for the Data Protection Bill
bySymptai Consulting Limited
 
PPT
Is Security Team 2 Glba
byguestfd062
 
PPT
Database & Data Security
byCloudbells.com
 
PPTX
Principles of Data Protection
byMartyn Ripley
 
PDF
State specific (1)
byKamal Gregory, MBA
 
PPTX
Simple GDPR Overview
byGydeline Ltd
 
PDF
Energy Data Privacy Presentation
byBrian Orion
 
PPTX
Revision of Legal issues for Unit 11.pptx
byBreach_P
 
ODT
Data protectionpolicyliec
byvrishi31
 
PPTX
EU data protection and security update COCIR annual meeting 2016
byErik Vollebregt
 
PPTX
Texting and e mail with patients 2020
byRobertAByrdr
 
PDF
Data Processing - data privacy and sensitive data
byOpenAIRE
 
PPTX
GDPR for Security Professionals
bySaumya Vishnoi
 
PPTX
The GDPR Armageddon – One year on
byInsight Data
 
PDF
Québec's Privacy Modernization: Bill 64
byAlexander Davis
 
PPTX
California's New Privacy Policy Guidelines
byBrian Heidelberger
 
PPTX
HIPAA wise - 2017b
byfaemont
 
The Impact of Cloud: Cloud Computing Security and Privacy
byCharles Mok
 
Preparing your Business for the Data Protection Bill
bySymptai Consulting Limited
 
Is Security Team 2 Glba
byguestfd062
 
Database & Data Security
byCloudbells.com
 
Principles of Data Protection
byMartyn Ripley
 
State specific (1)
byKamal Gregory, MBA
 
Simple GDPR Overview
byGydeline Ltd
 
Energy Data Privacy Presentation
byBrian Orion
 
Revision of Legal issues for Unit 11.pptx
byBreach_P
 
Data protectionpolicyliec
byvrishi31
 
EU data protection and security update COCIR annual meeting 2016
byErik Vollebregt
 
Texting and e mail with patients 2020
byRobertAByrdr
 
Data Processing - data privacy and sensitive data
byOpenAIRE
 
GDPR for Security Professionals
bySaumya Vishnoi
 
The GDPR Armageddon – One year on
byInsight Data
 
Québec's Privacy Modernization: Bill 64
byAlexander Davis
 
California's New Privacy Policy Guidelines
byBrian Heidelberger
 
HIPAA wise - 2017b
byfaemont
 

Similar to GDPR – Data Portability

PPTX
Niall Rooney FD Event 05.09.19
byNiall Rooney
 
PPTX
GDPR: Training Materials by Qualsys
byQualsys Ltd
 
PPTX
GDPR Summary
byMartyn Ripley
 
PPTX
Reddico GDPR Presentation
byLuke Kyte
 
PPTX
Cyber safe lambeth | GDPR taster
byThe Integrate Agency CIC
 
PPTX
GDPR Data Lifecycle
byJatin Kochhar
 
PPTX
GDPR Practicalities - The Data Shed
byStewart Norriss
 
PPTX
Presentation on GDPR
byDipanjanDey12
 
PDF
Impact of GDPR on User Experience
byWSO2
 
PPTX
GDPR
byNitin Kala
 
PPTX
GDPR Data Life Cycle
byJatin Kochhar
 
PPTX
GDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
byBrightPay Payroll and Auto Enrolment Software
 
PPTX
GDPR Introduction and overview
byJane Lambert
 
PDF
The UK's Data Protection Legislation - Content Summary.pdf
byglobibo
 
PPTX
GDPR- GENERAL DATA PROTECTION REGULATION
bySaurabh Pandey
 
PPTX
GDPR- GENERAL DATA PROTECTION REGULATION
bySaurabh Pandey
 
PPTX
Introduction to GDPR
byPriyab Satoshi
 
PDF
Gdpr in a nutshell
byMatthew Butler
 
PPTX
Gdpr presentation
bySudarsan Reddy
 
PDF
Tim Fransen - Klaw
byDigitopia
 
Niall Rooney FD Event 05.09.19
byNiall Rooney
 
GDPR: Training Materials by Qualsys
byQualsys Ltd
 
GDPR Summary
byMartyn Ripley
 
Reddico GDPR Presentation
byLuke Kyte
 
Cyber safe lambeth | GDPR taster
byThe Integrate Agency CIC
 
GDPR Data Lifecycle
byJatin Kochhar
 
GDPR Practicalities - The Data Shed
byStewart Norriss
 
Presentation on GDPR
byDipanjanDey12
 
Impact of GDPR on User Experience
byWSO2
 
GDPR
byNitin Kala
 
GDPR Data Life Cycle
byJatin Kochhar
 
GDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
byBrightPay Payroll and Auto Enrolment Software
 
GDPR Introduction and overview
byJane Lambert
 
The UK's Data Protection Legislation - Content Summary.pdf
byglobibo
 
GDPR- GENERAL DATA PROTECTION REGULATION
bySaurabh Pandey
 
GDPR- GENERAL DATA PROTECTION REGULATION
bySaurabh Pandey
 
Introduction to GDPR
byPriyab Satoshi
 
Gdpr in a nutshell
byMatthew Butler
 
Gdpr presentation
bySudarsan Reddy
 
Tim Fransen - Klaw
byDigitopia
 

GDPR – Data Portability

  • 1.
    GDPR – IndividualRights 1. Right to be informed 2. Right to access (SAR) 3. Right to rectification 4. Right to erasure ( right to be ‘forgotten’) 5. Right to restrict processing 6. Right to data portability 7. Right to object 8. Right related automated decision making and profiling
  • 2.
    Elements of dataportability • Access to personal data based on consent or contract (which data subject is a party) • Strictly limited to automated processing by Data Controller • Data must be structured, commonly used and machine readable • Access to data subject’s personal data without ‘hindrances’ by other data controllers • Limited to information provided by data subject • Includes information generated due to use of service • Excludes inferred information generated by data controller • Must consider third party personal data during transfer - individual rights/personal use and • Data transfer between data controllers ought to be ‘interoperable’
  • 3.
    GDPR – DataPortability Access Request Data portability Time One month One month Type of data All personal data •Personal data provided to a controller; •Processing based on consent or for the performance of a contract; and •Processing is carried out by automated means. fee Possibly ( excessive and repetitive) Free of charge Proof of identity Yes – drivers licence, recent utility bill etc. Yes – password or unique identifier Procedure Individual/third party Individual/third party (other than solicitors firm). Request extension Two months ( write to explain reason for extension within a month) Two months ( write to explain reason for extension within a month)
  • 4.
    Way forward • Checkyour business areas for data portability and inform team leader • Website and Intranet will be updated re: changes ( before the end of the next financial year i.e. 2017 - 18) • Develop templates to support process?