My EDPO Data Protection Officer Services 1 Agenda

  • Slides: 30
Download presentation
My. EDPO Data Protection Officer Services 1

My. EDPO Data Protection Officer Services 1

Agenda 2 Theory to Practice… Data & Pandemics GDPR & Corona Functioning with Covid

Agenda 2 Theory to Practice… Data & Pandemics GDPR & Corona Functioning with Covid Questions

Agenda 3 We’re getting started… Data & Pandemics GDPR & Corona Functioning with Covid

Agenda 3 We’re getting started… Data & Pandemics GDPR & Corona Functioning with Covid Questions

Hamagen – The Shield

Hamagen – The Shield

Agenda 9 Moving from pandemics and data, to GDPR provisions Data & Pandemics GDPR

Agenda 9 Moving from pandemics and data, to GDPR provisions Data & Pandemics GDPR & Corona Functioning with Covid Questions

Vital Interest GDPR anticipated this. Amazingly. Article 9(2)(c): …processing is necessary to protect the

Vital Interest GDPR anticipated this. Amazingly. Article 9(2)(c): …processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent 10

Vital Interest GDPR anticipated this. Amazingly. Recital 46: …Some types of processing may serve

Vital Interest GDPR anticipated this. Amazingly. Recital 46: …Some types of processing may serve both important grounds of public interest and the vital interests of the data subject as for instance when processing is necessary for humanitarian purposes, including for monitoring epidemics and their spread or in situations of humanitarian emergencies, in particular in situations of natural and man-made disasters. 11

Public Interest GDPR anticipated this. Amazingly. Article 9(2)(g): …“necessary for reasons of substantial public

Public Interest GDPR anticipated this. Amazingly. Article 9(2)(g): …“necessary for reasons of substantial public interest, on the basis of Union or Member State law”. 12

International Transfer GDPR anticipated this. Amazingly. 13 Article 49(1)(d) Recital 112: “public health, for

International Transfer GDPR anticipated this. Amazingly. 13 Article 49(1)(d) Recital 112: “public health, for example in the case of contact tracing for contagiou diseases. . . ”.

Agenda 15 This is where we discuss how it really affects us, and what

Agenda 15 This is where we discuss how it really affects us, and what we must do Data & Pandemics GDPR & Corona Functioning with Covid Questions

Functioning with Covid-19 16 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 16 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Data Mapping Privacy Policy

Functioning with Covid-19 17 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 17 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Data Mapping Privacy Policy

Legal Obligation 18 Perhaps we MUST process this data Irish data protection authority: “…Employers

Legal Obligation 18 Perhaps we MUST process this data Irish data protection authority: “…Employers also have a legal obligation to protect their employees under the Safety, Health and Welfare at Work Act 2005 (as amended). This obligation together with Article 9(2)(b) GDPR provides a legal basis to process personal data, including health data, where it is deemed necessary and proportionate to do so. . . ”

Functioning with Covid-19 19 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 19 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Employee duty Data Sharing

Transparency Let them know what you’re doing 20

Transparency Let them know what you’re doing 20

Functioning with Covid-19 21 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 21 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Employee duty Data Sharing

Confidentiality Who is accessing this data? 22

Confidentiality Who is accessing this data? 22

Functioning with Covid-19 23 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 23 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Employee duty Data Sharing

Data minimization Think twice before you collect CNIL: “For example, employers must refrain from

Data minimization Think twice before you collect CNIL: “For example, employers must refrain from collecting in a systematic and generalized manner, or through individual inquiries and requests, information relating to the search for possible symptoms presented by an employee. . . ” 24

Functioning with Covid-19 25 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 25 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Employee duty Data Sharing

Data sharing Think twice before you share 26

Data sharing Think twice before you share 26

Functioning with Covid-19 27 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 27 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Employee duty Data Sharing

Functioning with Covid-19 28 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 28 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Employee duty Data Sharing

Functioning with Covid-19 29 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization

Functioning with Covid-19 29 Eight Highlights Lawful basis Security Transparency Confidentiality Accountability Data minimization Employee duty Data Sharing

Finishing up 30 But you should stay in touch Data & Pandemics GDPR &

Finishing up 30 But you should stay in touch Data & Pandemics GDPR & Corona Functioning with Covid info@myedpo. com Questions