Brussels / 3 & 4 February 2018


Capture the GDPR with Identity management

Crafting Identity management tool to handle GDPR requirements

Capture the GDPR with Identity management A new era of Data Privacy begins this year and May approaches unstoppably. The media present the GDPR on a daily basis in volumes no one has expected. The whole commercial sector is hyped with articles about the GDPR, recommendations, warnings and in the end MYTHS! The GDPR is not only multinational corporations’ concern any more. Individuals and small entrepreneurs are looking for the answers too. This makes space for speculations and many partial solutions are offered in a form of a GDPR project draft templates or migration of processing into the new safe environment without appropriate paperwork. Even software solutions usually offer only partial safety measures and you will need a bunch of them to fulfill the GDPR project. A complete solution exists only as cooperation of legal person analyzing interpretation of EU legislative and IT technician able to incorporate those requirements into daily operations. The complete solution still does not mean 100% compliance because there are so many threats you can never be utterly safe from. This presentation will tell what you must not omit to be compliant, how to give effects to the rights of data subjects and how to craft your GDPR solution. We will discuss lawful basis for data processing, consent requirements and tools able to manage them effectively. In the end, we may think about the design of identity management tool that combines the advantages of identity management into one solution dealing with various GDPR issues. Included GDPR areas in light of Identity management: Lawful basis and consent management, risk assessment, data breach tool, DPO’s control tool and data subject’s rights control tool.

I intent to speak about how to think about GDPR solution, what is required and how to achieve it by either customizing existing tool or designing a brand new tool of your own preferences. As a lawyer working amid programmers, in this speech I will be considering both fields of view and looking for conjunctions. Touched areas of speech are lawful basis management, consent management, risk assessment, data breaches, DPO and rights of data subjects.


Juraj Benculak