GDPRandLogistics 38daysandcounting

Lynn Parnell 16th April 2018

LynnParnellIndependentLogisticsConsultantSpecialistinLogisticsITprojects–software&hardwareInLogisticssince1990,startingwitha3PLinoperationalrolesSpecialistinITinLogisticssince1991EstablishedLogisticsPartnersin2000Selection,Design,Implementation,AuditNotalegalspecialistButGDPRimpactsalotofwhatIdoTransaidAmbassador

QuestionsWhohasheardaboutGDPR?WhothinksGDPRisrelevanttotheirjob?WhohashadspecifictrainingaboutGDPR?WhoseorganisationhasnewproceduresforGDPR?

WhatisGDPR?TheEUGeneralDataProtectionRegulation(2016/679)ReplacesUKDataProtectionAct1998Effective25thMay2018“Thebiggestchangetodataprotectionlawforageneration”Finesupto£17millionor4%ofglobalturnover

ICOView“Ifyourorganisationcan’tdemonstratethatgooddataprotectionisacornerstoneofyourbusinesspolicyandpractices,you’releavingyourorganisationopentoenforcementactionthatcandamagebothpublic

reputationandbankbalance.Butthere’sacarrothereaswellasastick:getdata

protectionright,andyoucanseearealbusinessbenefit.”InformationCommissionerElizabethDenham

MythsGDPRisonlyaboutemailmarketingGDPRwillnotberelevantafterBREXITIoutsourceoperationssodonotneedtoworryItisonlyaboutdataoncomputersOnlyaffectsdataheldintheEU

KeyRequirementsPrivacybydesignPrivacybydefaultDataProtectionOfficersDataPrivacyimpactassessmentDataControllersandDataProcessorsPersonalDatashallbe

CollectedLawfullySpecificpurposeAdequaterelevantandlimitedAccurateanduptodateNolongerthannecessaryfororiginalpurposeAppropriatesecurity

WhatisPersonalData?IdentifiesapersondirectlyorindirectlyExamples

NameAddressDateofBirthPassportNumberDrivinglicensenumberTelephonenumberEmailaddressIPaddressCarregistration

Thislistisnotexhaustive!

DataSubjectrightsClearconsentorlegitimateuseTransparencyTobeinformedofabreachRighttobeforgottenPortabilityofdataAccesstodataRectificationofdataRestrictautomatedprocessing

CompanyObligationsAccountableDemonstrateCompliance

KeepdatasecureAllowaccessFacilitateeditordelete

SafeguardsfordatatransferredtoothersIfappropriateappointDataProtectionOfficerReportDatabreachPayafeetoICO

ExamplesofLogisticsUsesPersonnelrecordsDriverdetailsCustomerdetailsPickinglistsinwarehousesPODdevicesPrinteddeliverynotesonclipboardsSpreadsheetsforKPIsSigninginBooksTestdataTHISISNOTANEXHAUSTIVELIST!

RealExamples

IsyourOrganisationReady?🤔"😄😎🍹&😱🤯💩⏱⏳🏔👣

StepstoComplianceDoyouneedaDataProtectionOfficer?IdentifyDataController/DataProcessorIdentifywhatdataisheldwhereDataProtectionImpactAssessmentComplianceplanforalldataContractsforoutsourceddataprocessorsTraining&AwarenessContinuousauditforcomplianceInfoatwww.ico.org.uk

Don’tForgetNonCompliance

Fineofupto£17millionor4%ofglobalturnover

SO!WhohasheardaboutGDPR?WhothinksGDPRisrelevanttotheirjob?WhothinkstheirteamneedspecifictrainingaboutGDPR?WhothinkstheirorganisationneedsnewproceduresforGDPR?WHOHASSOMEWORKTODO?38Daysandabout4hourstogo!

Any Questions?

GraphiccourtesyofInterimTeam

Contact www.logisticspartners.co.uk lynn@logisticspartners.co.uk

@LogisticsPartne

LynnParnell

07771 623929