How To De-classify Data and Rethink Transfer of Data between US and EU

Presented by

Ulf Mattsson, Chief Security Strategist, Protegrity

About this talk

Companies need immediate rethink on transfer data to the United States since the Privacy Shield transatlantic pact is declared invalid. The Court of Justice of the European Union found that the Privacy Shield does not meet the GPDR requirements and cannot ensure a level of protection. We will discuss how to achieve compliant pseudonymization, including protecting not only direct identifiers but also indirect identifiers and additional attributes, while still preserving the data’s utility for its intended use. We will also discuss different international privacy standards, the new Schrems II, clarify pseudonymization and other data privacy techniques. We will also discuss • Data privacy and working remotely • That GDPR does not apply to data that is no longer identifiable • Pseudonymization used nationally, as well as for trans-border communication • Pseudonymization use cases for privacy protection of personal health information • Re-identification attacks, full and partial • Extracting new information out of an anonymous or pseudonymous database through re-identification • Linkage mechanisms • The data de-classification process and workflow • Pseudonymization services best practices and trustworthy practices for operations • Policy framework for operation of pseudonymization services • When to use pseudonymization and/or anonymization

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (208)
Subscribers (42931)
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.