Privacy and Data Protection

Data protection is about safeguarding our fundamental right to privacy, which is enshrined in international and regional laws and conventions. We are very attached to our personal data.
Your response to privacy issues

What is Data Protection?

Data protection is about safeguarding our fundamental right to privacy, which is enshrined in international and regional laws and conventions. We are very attached to our personal data.




Data Privacy Assessment

  • Transparency
  • Purpose Specification
  • Use and disclosure of information
  • Personal information security
  • Accurateness and update of personal information stored
  • Retention time
  • The individual right of access
  • Data privacy awareness training
  • Regulatory compliance visibility

Privacy VS Security

Privacy

  • Privacy policy/ statements
  • Notification of registries/ processing to DPAs
  • Rights of data subjects
  • Purpose binding
  • Proportionality
  • Data quality
  • Lawful onward data transfer
  • Collection of personal information
  • Access to personal information

Security

  • Security organization
  • Personal security
  • IT service management
  • System development
  • Data is reliable and accurate
  • Data is available for use when it is needed

Privacy + Security

  • Security policy
  • Data classification
  • Logical access security
  • Availability
  • Compliance
  • Protection of personal information

Personal Data Processing Principle

  • Processed lawfully, fairly and in a transparent manner
  • Collected for specific and legitimate purposes, It cannot be used for anything other than these stated purposes
  • Relevant and limited to whatever the requirements are for which they are processed
  • Accurate and, where necessary, kept up to date. Any inac- curacies must be fixed or removed without undue delay
  • Stored for only as long as is required, as specified in the records retention policy
  •  Secured with an appropriate security solution. which should protect against unauthorized or unlawful process- sing and against accidental loss, destruction or damage

Redefining Data Security

Assessment

  • Vulnerability assessment
  • Data loss and endpoint
  • Application security
  • Website vulnerability
  • Data classification
  • Code review
  • Technical and program health checks for data loss prevention

Solutions

  • Data Encryption
  • Messaging security
  • Application security
  • Web security
  • Endpoint security
  • DLP
  • Implementation services
  • Upgrade service
  • Managed/ Cloud hard disk encryption

Testing

  • Audit and compliance
  • Network penetration
  • solutions training
  • Product and deployment knowledge transfer

Strategic Consulting

  • Security strategy development
  • Policy and procedures creation
  • Architecture planing and design
  • compliance

Information Life Cycle




Collection

  • No consent given
  • Illegal/unfair/excessive collection
  • Forced consent/ no choice
  • Prohibition of consent
  • Unsecured collection
  • Misleading purpose
  • Unauthorized secondary purpose
  • Indiscreet conversation
  • Tracking of usage

Usage

  • Illegal access/usage
  • Sale of data
  • Negligent usage/misuse
  • Invasion of privacy/analytics
  • Error in processing
  • Inaccurate/outdated data
  • Data/account hacked
  • Phishing
  • Identity theft

Storage/Disposal

  • Loss of data
  • lost archives
  • Improper disposal
  • Improper disposal
  • Unlimited retention
  • Unsecured data
  • Virus/malware
  • Data compromised
  • lost device
  • Unprotected device

Disclosure/Transfer

  • Social engineering
  • Unauthorized disclosure
  • Misrepresentation
  • Confidentiality breached
  • Cross-border violation
  • Illegal access
  • Dental of access
  • Insecure transmissions

4 Steps of Privacy

Step 1 : Embed

A culture of privacy that enables compliance

Step 2 : Establish

Robust and effective privacy processes

Step 3 : Evaluate

Your privacy processes to ensure continued effectiveness

Step 4 : Enhance

Your response to privacy issues