iapp KnowledgeNet Hrvatska i HUP vas pozivaju na Dan zaštite podataka 2020

Poštovani članovi,

Hrvatska udruga poslodavaca i IAPP KnowledgeNet chapter Hrvatska obilježavaju Dan privatnosti podataka 2020. konferencijom koja će se održati u utorak, 28. siječnja 2020. g. u Hrvatskoj udruzi poslodavaca, Radnička cesta 52/I., Zagreb, (Green Gold, ulaz R2).  Svoj dolazak molimo potvrdite na e-mail: hup@hup.hr

Naime, dana 28. siječnja 1981. godine Vijeće Europe prihvatilo je konvenciju broj 108 kao prvi obvezujući međunarodni zakonski instrument na području zaštite podataka, a posebno razmjenu osobnih podataka između država kao važni element međunarodne zaštite osobnih podataka. Članicama Vijeća Europe (njih 47) na potpis je proslijeđen dokument „Konvencija 108“, te se izostavljanjem „europska“ željelo naglasiti važnost zaštite korištenja osobnih podataka na globalnom nivou. Time je omogućeno i zemljama koje nisu članice Vijeća Europe da prihvate konvenciju i olakšaju svojim kompanijama digitalno poslovanje i korištenje osobnih podataka. U Europi se na taj dan obilježava „Data Protection Day“. Kasnije, 2008. godine SAD i Kanada su proširile tu obljetnicu kroz „Data Privacy Day“ te se danas u cijelom svijetu praktički 28. siječnja obilježava kao Dan privatnosti (SAD, Kanada i druge zemlje) ili kao Dan zaštite podataka (EU termin).

Kvaliteta digitalne transformacije i uspješnost 4.0 industrije u direktnoj je korelaciji sa zaštitom podataka. Koliko su poslodavci više svjesni važnosti prihvaćanja zaštite podataka to će manji biti rizik korištenja osobnih podataka. Analiza izrečenih sankcija u EU u proteklih 18 mjeseci od početka primjene Opće uredbe o zaštiti podataka (GDPR) pokazuje da je veliki broj kazni uzrokovan upravo nedostatkom općeg i kvalitetnog obrazovanja na području zaštite podataka svih zainteresiranih osoba koje u djelokrugu svojega poslovanja prikupljaju i obrađuju osobne podatke.

Cilj ove konferencije je stoga pored obilježavanja Dana zaštite podataka i privatnosti dati i vrlo konkretne primjere edukacije i ukazati na moguća područja poboljšanja zaštite podataka.

Suorganizator konferencije je hrvatski ogranak International Association of Privacy Professionals. IAPP je najveća svjetska neprofitna i neovisna organizacija koja se bavi privatnošću i zaštitom podataka te okuplja preko 50.000 profesionalaca iz skoro 100 zemalja svijeta u kojima je prisutna preko svojih KnowledgeNET ogranaka. Pojedincima i organizacijama omogućava stjecanje potrebnih kvalifikacija i znanja na području zaštite podataka uz polaganje traženih CIPP certifikata te dostup do velikog broja potrebnih resursa.

Ljubazno Vas molimo da potvrdite dolazak na hup@hup.hr do 27.siječnja 2020.

PROGRAM

8:30 – 9:00            Registracija

09:00 – 09:10      „Data Protection Day 2020“, pozdravni govor u ime HUP-a

09:10 – 9:20        „Data Privacy Day 2020“, pozdravni govor u ime IAPP KnowledgeNET Hrvatska

09:20 – 9:45        „Digitalna transformacija i kibernetička sigurnost“, Kristina Posavec, Središnji državni ured za razvoj digitalnog društva

09:45 – 10:10      „Rezultati EU projekta T4Data i edukacijski portal“, Marko Trošelj, AZOP

10:10 – 10:35     „Uređivanje odnosa voditelja i izvršitelja obrade“, Maja Šutalo CIPP/E, odvjetnički ured Šutalo

10:35 -11:00       „Osposobljavanje osoba uključenih u zaštitu podataka“, William Bello CIPP/E CIPT FIP, Bello Consulting

11:00 – 11:15      Pauza

11:15 – 11:25      Uvod u temu panel diskusije “Osviještenost tvrtki: temelj usklađenosti GDPR-om”, Patricio Marcos Petrić, PwC Hrvatska

11:25 – 11:55      Panel diskusija

11:55 – 12:00      Zaključak i zatvaranje konferencije

Hrvatska udruga poslodavaca Vaše podatke obrađuje u skladu sa politikom o obradi podataka koju možete naći na sljedećem linku:https://www.hup.hr/obavijest-o-obradi-podataka.aspx

S poštovanjem,

Obuka

Vi osobno ili vaše kolege naslušali ste se o GDPR i pitali se nakon završetka predavanja – pa što je to GDPR? Vjerujem da ste se naslušali svačega. E – pa obuka koju ćete proći s nama je nešto sasvim drugo. Ako ste do sada slušali o tome što ne smijete i kako morate za sve dati ili tražiti privolu, na našim predavanjima ćete saznati pravu istinu: što se smije i koje su stvarne zakonske osnove pojedinih obrada osobnih podataka.

Prvo – obuke su prilagođene vašim potrebama i predznanju. Zato se radi u manjim grupama, predavanje je više nalik radionici u kojoj se stiču praktična znanja. Radi se na stvarnim primjerima iz prakse.

Drugo – formalno obuka može biti informativna ali i vrlo zahtjevna sa završnim ispitom. Neki puta trebate educirati svoje zaposlenike ili članove projektnog tima. Međutim, u nekim situacijama potreban vam je međunoradno priznati certifikat koji će vam jamčiti prepoznatljivost na svjetskom tržištu rada.

Treće – područje koje se obrađuje može biti općeg karaktera ali i usko specijalizirano za pojedinu temu ili industriju. One općeg karaktera prolaze kroz Opću uredbu o zaštiti podataka i daju vam pregled što uredba znači za vas i što se očekuje od vas da poduzmete po tom pitanju. Specijalizirane teme obuhvaćaju postupke i metode uvođenja Privacy by Design / Redesign, rada na analizi rizika, izrade LIA i DPIA i sl.

Četvrto – konkretna metodologija primjene (program privatnosti) zasnovana je na dobroj praksi svjetski prepoznatih organizacija poput IAPP i Nymity ali i besplatnim alatima za pomoć DPO te specijalistima za privatnost. Podio4GDPR je besplatni alat za provođenje programa privatnosti za DPO zasnovan na Nymity frameworku.

Peto – mnoge organizacije su konačno shvatile nužnost usklađivanja s ISO27001 ali i ISO27701. Od pripreme, provođenja gap analize pa do rada na donošenju pojedinih dokumenata koji prate implementaciju standarda, niste prepušteni sami sebi već imate čvrsto vodstvo i ekspertno znanje stečeno na mnogim projektima.

Popis programskih cjelina:

  1. Opća uredba o zaštiti podataka, 1 dan
  2. EU i globalno zakonodavstvo na području privatnosti i zaštite podataka (vidi CIPP/E), 2 dana
  3. Uvođenje i provođenje programa privatnosti (vidi CIPM), 2 dana
  4. Tehnički preduvjeti i značajke privatnosti i zaštite podataka (vidi CIPT), 2 dana
  5. Priprema za polaganje IAPP certifikata CIPP/E, CIPM i CIPT, 2 dana za pojedini certifikat
  6. Priprema za ISO27001 i ISO27701, 2 dana
  7. Privacy by Design, 1 dan
  8. Izrada posebnih dokumenata: LIA, PIA, DPIA – 1 dan
  9. Školovanje za DPO, 4 dana
  10. DevOps i GDPR za razvoj on-line i mobilnih aplikacija
  11. Posebne teme (1 dan / temi): video nadzor, WiFi4EU, iOT, Podio4GDPR i sl.

Termini i cijene pojedinih programskih cjelina dostupne su na upit.

Privacy Training Classes (now in Zagreb)

TWO DAYS TO A CAREER UPGRADE

Why not get away for a little privacy—or a lot? Our two-day privacy training classes, held all over the world, are robust, interactive ways to learn critical privacy concepts that are also integral to the certification exams. You’ll meet great people, gain essential skills and connect with our Professional Privacy Faculty—the best in the business for what they know and how they teach it.

Training is appropriate for professionals who plan to certify, as well for those who want to deepen their privacy knowledge. Note that these are not purely “test prep” courses, nor does taking training guarantee you’ll pass your exam (hey, it’s not that easy).

Take a look at our course outlines below and see how privacy training can help in the work you do—or want to do. And if you decide to aim for a credential, you’ll have a head start!

Take IAPP privacy training classes in Zagreb. Check next available slot: here.

The inaugural class of Privacy Law Specialists is unveiled

For the first time in IAPP history, 27 members were named Privacy Law Specialists Aug. 10. The designation carries with it an acknowledgment that a candidate has successfully demonstrated a knowledge of relevant privacy laws, regulation and technology; a commitment to staying ahead of new developments in the field; and substantial time devoted to practicing law related to safeguarding personal information. Representing privacy professionals looking to distinguish themselves in the field, a few of the inaugural class members spoke with The Privacy Advisor on why the distinction is important to them.

When the first submission window opened April 2 promising to usher in the first wave of Privacy Law Specialists, Cassandra Porter, CIPP/US, CIPM, FIP, PLS, jumped on it. She had known she wanted to achieve the PLS distinction since learning about it in 2016. Porter said, “I told my colleagues, ‘I’m going to apply as soon as applications are open,’ and [I] started studying for the CIPM.”

Porter added the PLS affords lawyers in the privacy space an edge when working with clients or negotiating with other lawyers. She also considers “IAPP certifications to be a litmus test” for how a negotiation with opposing counsel will go. “If I’m negotiating with a fellow IAPP member, I know it will be a fruitful discussion.” She added, “It’s because IAPP members care about the same issue: What is the right thing to do?”

Chris Cwalina, CIPP/US, CIPM, FIP, PLS, global co-head of cyber risk at Norton Rose Fulbright, explained how the PLS designation helps to measurably demonstrate experience. Its existence, he said, establishes privacy as an area of law that requires specialized knowledge and expertise.

“The growth of the privacy profession has been tremendous. What the PLS does is to help distinguish privacy lawyers who have devoted themselves to the field and helps solidify privacy law as an area of expertise that requires a certain level of knowledge, years of experience and credentials. It’s no longer regarded as an area of law that can be practiced superficially, and the PLS helps to reinforce that fact,” Cwalina said.

He went on to explain that the American Bar Association’s recognition of privacy as a specialty helps lawyers highlight their work in a meaningful way. “It’s a formal recognition that privacy is not only an area of law but one that is growing, complicated and worthy of its own distinction,” he said.

Likewise, Denise Farnsworth, CIPP/E, CIPP/US, CIPM, PLS, deputy data protection officer at Facebook, said, “For lawyers, it’s a great opportunity to demonstrate a very specific and deep knowledge about privacy and data security. I think it’s incredibly valuable. As a lawyer, these types of specialty designations are needed to help our clients understand who has a deep understanding of specific areas. I think this is going to help open the door for several of these types of designations. It’s a leap forward in the legal profession.”

Farnsworth added, “If people see the privacy designation attached to names, it’s going to help create a market. I believe the privacy designation will help broaden the privacy and data security knowledge base for lawyers in general.”

The next submission window closes Sept. 30. Find more information here.

Author: Molly Hulefeld

Article link

IAPP certifications now globally recognized under new Multilateral Recognition Arrangement


Since 2015, the IAPP’s CIPM, CIPP/E, CIPP/US and CIPT credentials have been accredited by the American National Standards Institute under the International Organization for Standardization standard 17024: 2012. Originally, the IAPP chose ANSI to distinguish the certifications based on ANSI’s standing as an internationally respected accrediting body and rigorous standards. Now, the signing of a Multilateral Recognition Agreement with the International Accreditation Forum has allowed ANSI’s gold standard to go global, and IAPP certificates, as a result, have become virtual passports.

ANSI became recognized as a signatory to the International Accreditation Forum Multilateral Recognition Arrangement for ISO/IEC 17024: 2012 in an agreement signed Oct. 30, 2018. In a press release, ANSI said, “Being recognized by IAF provides further confidence that ANSI accreditation conforms to global requirements for accreditation bodies (ISO/IEC 17011) and has successfully demonstrated its competence through a rigorous peer-evaluation process. As a signatory to these MLAs, ANSI demonstrates ISO/IEC 17011 compliance attesting to equal reliability worldwide.”

Effectively, the agreement, which applies to IAF accrediting bodies, shows that the organizations they accredit are all meeting the same standard.

“Bottom line,” said IAPP Certification Director Douglas Forman, “accrediting bodies that are IAF members must recognize the certificates issued by one another’s accredited certifying bodies.” Under the mantra, “Certified once-accepted everywhere,” members with credentials recognized by ANSI will find themselves accepted worldwide under the new agreement.

This is great news for IAPP certification holders, Forman said. He added that internationally, most governments in the EU and Asia-Pacific only recognize certifications that are accredited by an IAF MLA signatory. Under the new agreement, CIPM, CIPT, CIPP/US and CIPP/E are accepted globally, giving them an international stamp of approval that so many governments look for.

“This provides incredible value to those with certifications,” Forman said. “As global privacy professionals find they have a certification they can take anywhere and have it recognized as something that’s valuable, that will be huge. Our certifications have truly gone international,” said Forman.

While multilateral agreements are often reserved for products and processes, Forman said, “this is a major milestone because it’s 17024: 2012 specific.” He added, “It underscores why we went with ANSI in the first place. As a signatory to this MLA, ANSI has even more of a prominent international stature that it can now share with IAPP certifications.”

While the IAPP has always been international in focus, this move is the latest to take the IAPP international in practice.

By Molly Hulefeld

article link

IAPP Privacy Day 2018

Get Ahead While You Kick Back.
It’s Privacy After Hours

In recognition of Data Privacy Day, the next Privacy After Hours is scheduled for Thursday, January 25, 2018.

Each year, the IAPP sponsors Privacy After Hours nights in dozens of cities around the world. These casual, fun, member-organized gatherings welcome everyone interested in privacy—IAPP member or not.

RSVP to a Privacy After Hours Near You!

25th January 2018

CULTO BAR

Strojarska cesta 18
Zagreb, Croatia

Info about place

Postati i ostati pouzdan

To be accountable.

Biti odgovoran. 

Postati i ostati pouzdan.

Privatnost treba štiti. I to je osnovni cilj Opće uredbe o zaštiti podataka. GDPR uredba – kako je popularno zvana – ima za cilj ujednačiti i osnažiti zaštitu osobnih podataka.

Od sredine 2016 na snazi a od 25. svibnja 2018. godine u punoj primjeni.

Jeste li spremni?

Jeste li usklađeni?

Možete li dokazati svoju pouzdanost?