Salesforce appoints a data protection officer

Pierre Moscovici

Pierre Moscovici

This data governance can range from an internal Information Governance (IG) team to a dedicated Data Protection Officer whose sole job is to monitor the use and protection of the data.

Basingstoke-based company The Data Support Agency claims many businesses don't know how to tackle looming pressure to be GDPR compliant by May 25. More than simply an administrative compliance, the regulation will bring with it dramatic changes to data protection laws and provide individuals with enhanced rights to data privacy. In the light of the ongoing Facebook data privacy scandal, the Equifax breach, and the Uber data breach, people are becoming more aware and concerned about their privacy and security online.

They also have the right to know who is processing their information and for what goal as well as to have information deleted.

Firm data: Personal data held by a firm in relation to its own management, employees, and affairs.

The GDPR regulates the collection and processing of personal data by processors and controllers.

Processor: the person or organisation who acts on the controller's instruction. Data controllers have specific responsibilities and liabilities, under Article 24 of the GDPR, for any data a company processes and any data processed on its behalf. GDPR compliance may therefore require new privacy and security procedures for a broad array of business operations, including but not limited to: (i) data collection, use and disclosure; (ii) data retention and deletion; (iii) responses to requests for information about Personal Data by data subjects; (iv) employment policies; (v) communications with current and potential customers; and (vi) marketing procedures. The risk to image and reputation, as well as the financial penalties foreseen in cases of non-compliance, should encourage companies to focus on building knowledge of the regulation and ensuring compliance on time for the deadline.

The company promises better user transparency thanks to an updated Privacy Policy that will make it easier for users to understand what kind of data is collecting.

Lyft follows Uber's shift on sexual misconduct
Uber said it hoped to have the system, which it is working on with 80 women's groups, in place by the end of the year. That would include rides and deliveries, as well such incidents that happen before pick up or after drop off.

Burnley defender Tarkowski dreaming of World Cup call-up
Burnley goalkeeper Nick Pope is being tipped to usurp Hart, joining Everton's Jordan Pickford and Stoke City's Jack Butland on the plane.

ESPN, Netflix Announce 10-Hour Documentary On Michael Jordan
The news item also notes that "Jordan, other Bulls figures and dozens of sports luminaries signed on [to provide] commentary". Films and Netflix are collaborating on a 10-part docuseries about basketball legend Michael Jordan , Deadline reports .

Parents will decide for children until they reach the age of consent, which member states will set anywhere between 13 and 16 years old.

Another important requirement under GDPR is that customers must be able to decide with knowledge, from a text that is clearly explained, what they are committing to and what a company will do with their data. Along with expanding what constitutes a data breach, after a company is alerted to a data breach, it is required to report the breach to the government and to notify the individuals affected by the breach.

The new regulation will no doubt change the way stakeholders in the health travel industry address personal data belonging to medical tourists from the EU. What is at stake for all organisations is the confidence of customers, knowing that if they agree to communicate personal data, they expect it to be managed respectfully.

Subject to certain conditions, you are entitled to have your personal data erased (also known as the "right to be forgotten").

But the GDPR also offers the opportunity to develop a new confidence pact with customers by enforcing transparency around objective of data collection and storage. For example where your personal data is no longer needed for the purposes it was collected for, or where the relevant processing is unlawful. The U.S. Congress is considering controls on how data can be used.

Silicon Valley giants like Facebook, Google and Twitter as well as banks and public bodies will have to comply with the rules or face massive fines.

Under the GDPR rule, consent must be sought from the patient before processing their personal data and according to the provisions of the rule, the consent must be freely given, specific to the objective for which the data is to be processed, informed, unambiguous, and explicit. Depending on the nature of the violation, an entity in violation of the GDPR could be fined up to €20 million (which amounts to over US$24 million) or up to 4 percent of a company's global revenue, whichever is higher.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.