GDPR [electronic resource] : how to achieve and maintain compliance

상세정보

자료유형	e-Book
서명/저자사항	GDPR: [electronic resource]: how to achieve and maintain compliance / Andrew Denley, Mark Foulsham and Brian Hitchen.
개인저자	Denley, Andrew, author. Foulsham, Mark, author. Hitchen, Brian, author.
발행사항	Abingdon, Oxon ; New York, NY: Routledge, 2019.
형태사항	1 online resource.
ISBN	9780429449970 0429449976 9780429832291 042983229X 9780429832277 0429832273 9780429832284 0429832281
일반주기	Includes index.
내용주기	Cover; Half Title; Title Page; Copyright Page; Table of Contents; The Authors; Acknowledgements; Introduction; Structure of this book; Italic text; The journey of GDPR to statute; Penalties; Practical application; GDPR history; Key roles defined; GDPR principles; Your GDPR project; Section 1: Does the GDPR apply to you?; What information is covered by the GDPR?; The GDPR is not just a European issue; Can you choose a Supervisory Authority (SA)?; Does the GDPR affect your whole organization?; Pan-national data; Section 2: GDPR principles; Consent; Section 3: Key roles Data Protection Officer (DPO)The role of the Data Protection Officer; Data controller; How to determine whether an organization is a data controller or a data processor; Data processor; Sub-processor; Section 4: Rights of the data subject; The right to be informed; Section 5: Your GDPR project; GDPR tools; GDPR: a breakdown; Create an action plan and from your project team(s); The role of IT; Review what data your suppliers hold; Audit your suppliers; Create a data privacy governance structure; Review your right to process; Check your incident response plan Disaster Recovery and Business Continuity PlanTransitioning to BAU; Change management; Controller obligations in BAU; Data subject rights in BAU; Risk management and information security in BAU; HR and communications in BAU; Section 6: Information security best practice; The need for a robust information security framework; ISO27001/2:2013; Implementing ISO27001; The ISO2700 series of standards; NIST security framework; Cyber essentials; Security testing; Vulnerability scanning; Penetration testing; Tiger Attack; Risk; Understanding risk; Assessing your suppliers for security Key areas of security you should considerSection 7: Awareness; Information security policy; Induction; Refresh and update; Awareness; Security testing; Incident response plan; Whistle-blowing policy/Hot-line; Section 8: Data handling and management; Data holdings and retention; Understand the value of your data; Data ownership; Data Protection Impact Assessment -- DPIA; Data protection by design and default; The data flows; Reflections; Data coming in; Data going out; Risk assessment; Risks to the individual; Anonymization and pseudonymization; Data retention; Binding corporate rules Lawful processingLawfulness of processing special categories of data; Consent; Transferring data outside of the EU; Defensive data; Data protection by design and default; Section 9: Data breaches; Penalties; Compensation; Breaches; Incident response plan; Who should be involved?; Victim or villain?; Monitoring; Perimeter; Security testing; Section 10: Your technology environment; Introduction; Website; Intranet; Extranet; Mobile apps; Social media; On-line file sharing; Bring your own device -- BYOD; Backend systems; Legacy systems; Where do you process your data?
소장본주기	Master record variable field(s) change: 072
요약	Following the implementation of the new General Data Protect Regulation on 25 May 2018, organizations should now be fully compliant with their national interpretation of this far-reaching data protection standard. The reality is that most are not; whether through their inappropriate use of online cookies or ineffective physical data security, businesses continue to struggle with the increasing pressure from regulators to apply the Regulation. Non-compliance is widely due to misinterpretation, lack of real-world thinking, and challenges in balancing costs against business practicalities. This book provides insight into how to achieve effective compliance in a realistic, no-nonsense and efficient way. The authors have over 100 years' collective international experience in security, compliance and business disciplines and know what it takes to keep companies secure and in-line with regulators' demands. Whether your organization needs to swiftly adopt GDPR standards or apply them in "Business as Usual" this book provides a wide range of recommendations and explicit examples. With the likelihood of high-profile penalties causing major reputational damage, this book explains how to reduce risk, run a remedial project, and take immediate steps towards mitigating gaps. Written in plain English, it provides an invaluable international reference for effective GDPR adoption.
주제명(단체명)	European Parliament. --General Data Protection Regulation.
주제명(지명)	Europe --European Union countries. --fast
일반주제명	Data protection --Law and legislation --European Union countries. Privacy, Right of --European Union countries. LAW / Business & Financial. LAW / Privacy. LAW / International. Data protection --Law and legislation. Privacy, Right of. BUSINESS & ECONOMICS / E-Commerce / Internet Marketing BUSINESS & ECONOMICS / E-Commerce / Online Trading BUSINESS & ECONOMICS / E-Commerce / General (see also COMPUTERS / Electronic Commerce)
분류기호(DDC)	343.240999
언어	영어
바로가기