Topics
- Round up of this weeks Offline work
- (Break)
- This weeks Labs
GDPR
- Introduced in 2018
- Provides Legal Protections for an Individual and their data
- Main thing that got attention was the Fines….
Key Points
- You need a legal basis for gathering, processing or storing Personal Information
- PII is anything that could identify (or is about) an individual
Your View on GDPR
- Some really interesting points made in Aula about this.
Legal Basis
- Consent
- Contract
- Legal Obligation
- Vital Interest
- Public Task
- Legitimate Interest
Consent
- User signs their life away in return for memes.
- Freely Given
- Can be revoked
Legitimate Interest
- Your organisation demonstrates it is in the interest of the company (or the person) to do the processing.
Posts on Legitimate Interest
POV1
POV2
Data Minimisation
- Only collecting what is needed to get the job done
Transparency for Data Subjects
- Users have the right (under most situations) to know what is happening with their data.
Documentation
- Need to demonstrate how the data is:
- Stored
- Processed
- Collected
- Deleted
Implementing GDPR
- Identify PII
- Think about how you store the data
- Support user rights
- Think about 3rd party software
Tasks and Discussion for This week