Welcome to Scribd!

EU Data Protection: Compliance Risks: Julie Kudyba Global Privacy Officer Novartis Pharma AG

Uploaded by

0% found this document useful (0 votes)

27 views7 pages

This document discusses EU data protection compliance risks for international organizations. It identifies three main risk areas: 1) international data flows and transfers outside the EU, 2) outsourcing business processes and managing external vendors, and 3) changing environments like cloud computing, mobile devices, and social media. For each risk area, it provides examples of legal and regulatory requirements organizations must address, such as data transfer agreements, consent requirements, security standards, and reporting obligations. It emphasizes that legal departments must be structured to properly manage these privacy risks across global operations and environments.

Original Description:

Original Title

JulieKudybaNovartisEUDataProtection

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

27 views7 pages

EU Data Protection: Compliance Risks: Julie Kudyba Global Privacy Officer Novartis Pharma AG

Uploaded by

api-44865350

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 7

Search inside document

EU Data Protection: Compliance Risks

Julie Kudyba
Global Privacy Officer
Novartis Pharma AG
Where are your risks?
¾International Data Flows
1
¾Data transfers outside the EU
¾Safe Harbor and German requirements

¾Outsourcing Business Processes

2 ¾Managing external vendors
¾Internal centralized databases & processing

¾Changing Environment
3 ¾New Platforms: Cloud computing, mobile devices, etc
¾Social Media

2 | Presentation Title | Presenter Name | Date | Subject | Business Use Only

International Data Flows

•Where is your data? •Data Transfer

agreements •Registration of
•With whom do you databases
share it? •Consent of data
subject •Notices to data
•Does your IT group subjects
understand the impact •Binding Corporate
of changing your Rules •Notifications to DPA’s
infrastructure?
•Safe Harbor •Security for Data
•Are you planning on
moving to the cloud? •Adequacy Finding

3 | Presentation Title | Presenter Name | Date | Subject | Business Use Only

Outsourcing Business Processes

Assess the Legal Requirements

Incident
Contracts Due Diligence
Management
•Standard Language •Security Standards
that account for •Assessments for •Reporting Obligations
strongest country vendors •Response plan with
requirements •Standard reporting outsourcing partners
•Processing that meets regulatory (including affiliates).
agreements scrutiny
•Data transfer
agreements

4 | Presentation Title | Presenter Name | Date | Subject | Business Use Only

Changing Environment
Cloud Computing
• Can you have a managed cloud?
• Negotiating controls with the cloud provider
• How to manage E-discovery in the cloud

Mobile Applications
• Informed consent on a mobile application
• Application developers and tracking technologies

Social media
• Create social media guidelines and policies
• Monitoring blogs in a regulated industry
• Ensuring compliance with country data protection laws.
5 | Presentation Title | Presenter Name | Date | Subject | Business Use Only
Is your Legal Department Structured to Manage
these Privacy Risks?

6 | Presentation Title | Presenter Name | Date | Subject | Business Use Only

Key Considerations
Your data travels across borders....don’t just focus on the
EU.
• Understand global legal requirements

Train your lawyers!

Don’t underestimate the workload!
Assess skill set of your privacy officers.
• Legal analysis & counsel
• Operational leadership
• Must understand the business
• Some technical savvy helps

7 | Presentation Title | Presenter Name | Date | Subject | Business Use Only

Vendor Risk Management 4-20-2018 Guidepoint
Document18 pages
Vendor Risk Management 4-20-2018 Guidepoint
Gil Quiroz Romano
No ratings yet
Asif Currimbhoy The Refugee Final Notes
Document4 pages
Asif Currimbhoy The Refugee Final Notes
Kirran Khumar Golla
67% (3)
2023-01 Mission Critical Data Centers - Slides
Document52 pages
2023-01 Mission Critical Data Centers - Slides
zul
No ratings yet
Man Eg Manet
Document37 pages
Man Eg Manet
Mohsen Mohammad
No ratings yet
Developing The Business Case: For Engineering Information Management
Document39 pages
Developing The Business Case: For Engineering Information Management
Raja Polishetty
No ratings yet
08 Leon Izquierdo
Document28 pages
08 Leon Izquierdo
christian
No ratings yet
Awareness To CyberSecurity Standard Dan Audit
Document21 pages
Awareness To CyberSecurity Standard Dan Audit
rudy
No ratings yet
IP-guard Presentation Slides
Document30 pages
IP-guard Presentation Slides
Rendy Aldo
No ratings yet
ITIS362 Chapter 1
Document9 pages
ITIS362 Chapter 1
mst112003
No ratings yet
K2 Harter Keynote Going Big or Staying Local 2
Document16 pages
K2 Harter Keynote Going Big or Staying Local 2
jcherrand
No ratings yet
Rebit Dfra
Document23 pages
Rebit Dfra
Dharmil Badami
No ratings yet
Informatica GDPR Overview Steve Holyer
Document43 pages
Informatica GDPR Overview Steve Holyer
biohzard
No ratings yet
An EDI Testing Strategy: Rosemary B. Abell Director, National HIPAA Practice Keane, Inc
Document19 pages
An EDI Testing Strategy: Rosemary B. Abell Director, National HIPAA Practice Keane, Inc
KarthikAV
No ratings yet
ForeScout Next Generation NAC Presentation
Document35 pages
ForeScout Next Generation NAC Presentation
sisiwans
No ratings yet
Annual Internal Audit Plan
Document8 pages
Annual Internal Audit Plan
Muri EmJay
No ratings yet
0702 How Global Data Management GDM
Document30 pages
0702 How Global Data Management GDM
sdhiraj1
No ratings yet
Bridging Blockchains: Interoperability Is Essential To The Future of Data Sharing
Document8 pages
Bridging Blockchains: Interoperability Is Essential To The Future of Data Sharing
Leslie Gordillo
No ratings yet
Technology Track: Technology Infrastructure Group (TIG)
Document20 pages
Technology Track: Technology Infrastructure Group (TIG)
Harisha Gowda
No ratings yet
Syllabus
Document14 pages
Syllabus
TheSpooky Ghostツ
No ratings yet
Global Sourcing Options
Document25 pages
Global Sourcing Options
Kazi Zaman
No ratings yet
Data Loss Prevention Next Steps Joa Eng 0218
Document11 pages
Data Loss Prevention Next Steps Joa Eng 0218
Nguyễn Thành
No ratings yet
Session 11-12 PDF
Document31 pages
Session 11-12 PDF
rajesh shekar
No ratings yet
Direct Riz Muest Reo Product Os
Document2 pages
Direct Riz Muest Reo Product Os
acamposbr
No ratings yet
IoT-M2M Sales Development Trainings - v1 1
Document20 pages
IoT-M2M Sales Development Trainings - v1 1
Prashant Singh
No ratings yet
Ffiv2016 3
Document30 pages
Ffiv2016 3
karthikswamy
No ratings yet
Cloud Ediscovery Autonomy
Document7 pages
Cloud Ediscovery Autonomy
Chuck Rothman
No ratings yet
NORSOK Z Standards For Technical Information (Z-TI) : Rolv Werner Erichsen/Robert Skrede Bjørn Berli
Document17 pages
NORSOK Z Standards For Technical Information (Z-TI) : Rolv Werner Erichsen/Robert Skrede Bjørn Berli
Andrei Gasanov
No ratings yet
Sla Webinar: Setting Expectations in Saas
Document45 pages
Sla Webinar: Setting Expectations in Saas
siiaAdmin
100% (1)
WFH Factsheet
Document2 pages
WFH Factsheet
kaliwat kanan
No ratings yet
CSX2018 - GDPR 3rd Party
Document88 pages
CSX2018 - GDPR 3rd Party
Marco Ermini
No ratings yet
Ais Development Strategies: 2010 Foster Business School Acctg. 320 Ais L.Ducharme
Document57 pages
Ais Development Strategies: 2010 Foster Business School Acctg. 320 Ais L.Ducharme
Badhon Khan
No ratings yet
Commvault Overview
Document12 pages
Commvault Overview
mohamed hosni
No ratings yet
MongoDB Security Architecture WP
Document17 pages
MongoDB Security Architecture WP
santos alarcon
No ratings yet
1.01 - Guardium Data Protection Overview
Document20 pages
1.01 - Guardium Data Protection Overview
ishtiaq
No ratings yet
CB Insights Yardstiq Vendor Scorecard Global Employment 2022
Document2 pages
CB Insights Yardstiq Vendor Scorecard Global Employment 2022
Alisa
No ratings yet
Article Effective Knowledge Transfer 11
Document7 pages
Article Effective Knowledge Transfer 11
Indumathi Kumar
No ratings yet
Architect's Open-Source Guide For A Data Mesh Architecture: Lena Hall Microsoft
Document48 pages
Architect's Open-Source Guide For A Data Mesh Architecture: Lena Hall Microsoft
Christopher
No ratings yet
CSM - Lecture 5 PDF
Document38 pages
CSM - Lecture 5 PDF
Shreyas Puddoo
No ratings yet
Lecture01-Main Motivation and Drivers For Big Data Adoption
Document16 pages
Lecture01-Main Motivation and Drivers For Big Data Adoption
jhonjairoaza
No ratings yet
Managing The Digital Firm: Chapter (6) CNT'D Introduction To BI
Document21 pages
Managing The Digital Firm: Chapter (6) CNT'D Introduction To BI
Ahmad Yasser
No ratings yet
Risk Assessment-Config
Document14 pages
Risk Assessment-Config
mukesh
No ratings yet
Cyber Security
Document84 pages
Cyber Security
Anjali Mahajan
No ratings yet
Data Governance Definition
Document13 pages
Data Governance Definition
Jane
No ratings yet
Microsoft Corporate: Strategic Management
Document26 pages
Microsoft Corporate: Strategic Management
kashan khan
No ratings yet
Who Has The Ball in (Cyber - IT - Information) Security?
Document40 pages
Who Has The Ball in (Cyber - IT - Information) Security?
Indumati Yadav
No ratings yet
Outsourcing: Global Practice Guide
Document9 pages
Outsourcing: Global Practice Guide
Jonalyn Baggayan
No ratings yet
Designing Employee Privacy Program
Document17 pages
Designing Employee Privacy Program
melissaoktem
No ratings yet
Oracle E-Business Suite Release 12: Ron Nawojczyk
Document66 pages
Oracle E-Business Suite Release 12: Ron Nawojczyk
Ganesh Venugopal
No ratings yet
Strat Epm Roadmap
Document26 pages
Strat Epm Roadmap
abacusdotcom
No ratings yet
Unit 5
Document22 pages
Unit 5
Lakshmi Prasanna Kalahastri
No ratings yet
The Data Security Checklist For Business 1701221498
Document12 pages
The Data Security Checklist For Business 1701221498
Creative Preneur
No ratings yet
Ots-Handbook 341 Tech Risk Controls
Document20 pages
Ots-Handbook 341 Tech Risk Controls
Theplaymaker508
No ratings yet
Unit-5: Security, Standards, and Applications
Document50 pages
Unit-5: Security, Standards, and Applications
MarieFernandes
No ratings yet
Describe Security and Compliance Concepts: 1. Describe The Shared Responsibility Model
Document71 pages
Describe Security and Compliance Concepts: 1. Describe The Shared Responsibility Model
santuchetu1
No ratings yet
CS2063-2marks With Answer
Document15 pages
CS2063-2marks With Answer
Stella Sarkunam
100% (1)
Disaster Recovery Planning
Document22 pages
Disaster Recovery Planning
rachel
No ratings yet
MIS UNIT 5a
Document23 pages
MIS UNIT 5a
Vaibhav Shrotri
No ratings yet
Case Analysis - Xerox Outsourcing Global Information Technology Resources
Document5 pages
Case Analysis - Xerox Outsourcing Global Information Technology Resources
Arjun Rao
No ratings yet
Industrial Security Solutions Summary of Capabilities: Revision 3
Document30 pages
Industrial Security Solutions Summary of Capabilities: Revision 3
Tu Khiem
No ratings yet
Cloud Security Issues
Document19 pages
Cloud Security Issues
জয়দীপ সেন
No ratings yet
Online Dispute Resolution For Business: B2B, ECommerce, Consumer, Employment, Insurance, and other Commercial Conflicts
From Everand
Online Dispute Resolution For Business: B2B, ECommerce, Consumer, Employment, Insurance, and other Commercial Conflicts
Colin Rule
No ratings yet
Land Title and Deeds - Facts
Document13 pages
Land Title and Deeds - Facts
Red Hood
No ratings yet
As With Brothels, Boarding Houses Will Happen One Way or The Other
Document2 pages
As With Brothels, Boarding Houses Will Happen One Way or The Other
Matthew
No ratings yet
Judicial Review of Impeachment
Document41 pages
Judicial Review of Impeachment
Greg Pallugna
No ratings yet
School Based Child Protection Policies
Document4 pages
School Based Child Protection Policies
Gem Lam Sen
No ratings yet
The Shar'ī Ruling On The Oaths of Citizenship Taken in The Countries of The Original Kuffār
Document6 pages
The Shar'ī Ruling On The Oaths of Citizenship Taken in The Countries of The Original Kuffār
Jeedaran Arshaad
No ratings yet
Environment Degradation
Document39 pages
Environment Degradation
Deepak Prajapati
No ratings yet
Script Writing On Gender Stereotypes
Document8 pages
Script Writing On Gender Stereotypes
srinikesh goud
No ratings yet
Aswat v. Galido
Document2 pages
Aswat v. Galido
Rando Torregosa
No ratings yet
Patnanungan, Quezon
Document3 pages
Patnanungan, Quezon
SunStar Philippine News
No ratings yet
Federal Courthouse Photography Settlement
Document4 pages
Federal Courthouse Photography Settlement
DavidWDunlap
No ratings yet
Young Karl Marx
Document24 pages
Young Karl Marx
Communist Party
100% (2)
Vizier Magazine Media Pack
Document6 pages
Vizier Magazine Media Pack
zulhijr
No ratings yet
Varangur 2.3k 01
Document2 pages
Varangur 2.3k 01
diego refort
No ratings yet
SGTM 5 B Attitudes & Behaviour " Cultural Awareness"
Document29 pages
SGTM 5 B Attitudes & Behaviour " Cultural Awareness"
Maggi Bold
No ratings yet
Admin Order No.239
Document3 pages
Admin Order No.239
meme bolongon
100% (1)
Korean War
Document9 pages
Korean War
819-Sagar kumar
No ratings yet
Gakondo: Images of Royal Rwanda From The Colonial Period
Document116 pages
Gakondo: Images of Royal Rwanda From The Colonial Period
chevalier63
100% (1)
Oklahoma Publishing v. Walling
Document2 pages
Oklahoma Publishing v. Walling
Mindy Bautista
No ratings yet
Moppets Worker Application
Document3 pages
Moppets Worker Application
api-89463374
No ratings yet
HSE353E W10 (July Crisis)
Document41 pages
HSE353E W10 (July Crisis)
Ngan Ping Ping
0% (1)
Republic of The Philippines Regional Trial Court 6 Judicial Region Branch - City
Document4 pages
Republic of The Philippines Regional Trial Court 6 Judicial Region Branch - City
Daryl Ann Nardo
No ratings yet
ACT To Conduct Protest Actions
Document2 pages
ACT To Conduct Protest Actions
Llednew Lavodnas
No ratings yet
Appiah-Agyekum 2013
Document20 pages
Appiah-Agyekum 2013
Dany Trainer
No ratings yet
Amin - 1973 - Underdevelopment and Dependence in Black Africa Their Historical Origins and Contemporary Forms
Document21 pages
Amin - 1973 - Underdevelopment and Dependence in Black Africa Their Historical Origins and Contemporary Forms
xenlogic
100% (1)
Multicultural and Social Justice Counseling Compet
Document22 pages
Multicultural and Social Justice Counseling Compet
kafi na
No ratings yet
School Information Booklet 2008-2009
Document19 pages
School Information Booklet 2008-2009
brog
No ratings yet
06 Popular Culture in A Theoretical Lens
Document3 pages
06 Popular Culture in A Theoretical Lens
Mark Angelo Valido
No ratings yet
The MRTP Act
Document4 pages
The MRTP Act
Kuber Bisht
No ratings yet
Webhoist of Qualified Candidates
Document430 pages
Webhoist of Qualified Candidates
Srikant Mishra
No ratings yet