Taking a GDPR Journey – Mike Resseler – Ep63

GDPR has been a constant business conversation over the last 18 months or so, it’s discussed in the press, on the news and social media, as well as a handful of episodes of this podcast. However, much of the conversation has focussed on what you should be considering and doing to take on the GDPR challenge, while very little has come from those who have already made great strides on their compliance journey.

With that in mind, a few weeks ago I read a fascinating series of blogs from software company Veeam, this series discussed the 5 principles they followed to build their compliance program. What was interesting, was this series of posts talked about the practical steps they took, not about the technology they deployed, or how their technology could help you, but a series of posts that shared their experiences and challenges they faced building their business compliance program.

As many of us are currently on our own compliance journey, I thought the opportunity to chat with someone who is already well down this path would be of real interest, so in this week’s podcast I’m joined by Mike Resseler, Mike is a Director of Product Management but is also a key member of Veeam’s global compliance team and has played a significant part in the way they have dealt with the challenges posed by GDPR.

In this week’s show Mike shares with us Veeam’s experience. We start at the beginning with the initial advice they took and research they did into what GDPR meant to them. We discuss the importance of putting together the right team to deal with business compliance and why it was important to realise the scope of the work they were about to undertake.

Mike also explains how it was important that Veeam saw GDPR as something that would have a positive impact on the business and how, although technology would play a part, this was something that would need a focus on people, workflow and procedures.

We also discussed how not everyone was enthused by the idea of business compliance and how they saw GDPR as just a European problem and how it was important that the compliance team educated all the business to the importance of compliance.

We also look at the practicalities of building a compliance program as Mike shares the 5 principles Veeam developed to help them, we look at those steps, knowing your data, managing your data, protecting the data, documentation and continual improvement. We discuss the importance of each step and the part they have played in building a global compliance program.

We wrap up looking at the future, discussing continual improvement, training and the way that Veeam are making compliance integral to everything they do across their business.

I hope you enjoy the fantastic insight that Mike provides into the way a company builds a compliance programme and tackles regulation such as GDPR.

To find out more from Mike you can find him on twitter @MikeResseler.

The original blog posts that inspired this episode can be found here https://www.veeam.com/executive-blog/our-journey-to-be-gdpr-compliant.html

Mike and his team have also produced this video in which they discuss how to accelerate your GDPR efforts https://www.veeam.com/veeamlive/accelerate-your-gdpr-efforts.html

Hope you enjoy the show and until next time, thanks for listening.

Advertisements

Don’t Build Your Data Privacy House Upside Down – Sheila Fitzpatrick – Ep 18

There is no doubt that there are many difficulties presented to organisations when it comes to their data.

We understand it’s an asset, something that, if we make the most of it, can be a significant advantage to us, but of course we also understand maintaining the security and privacy of it is critical.

I think it’s fair to say, as organisations and IT professionals we are becoming much more mature in our attitudes to data privacy and security and we understand more than ever the risks posed to it.

This increased level of maturity is going to become even more important, especially with significant regulation changes on the horizon and none are more significant than the EU’s General Data Protection Regulation (GDPR).

In this weeks podcast, the second part of my conversation with Global Data Protection Attorney Sheila Fitzpatrick (You can find part one here), we discuss exactly what GDPR is going to mean to us as organisations, including those organisations that are outside of the EU (including the impact on the UK).022617_1150_Besttakecar1.jpg

Not only do we look at the impacts of the legislation, Sheila also shares with us some of the initial steps you can take to start to build robust data privacy policies.

How important it is to get the foundation right. How we need to understand our data, where we get it from, how we get it and what we keep and how this is much more important, initially, than finding technology tools to deal with the problem. Build the foundation before you build the second floor!

We also explore how data privacy and GDPR is NOT the problem of IT, it’s a business challenge, IT are certainly a key part in helping to deliver security, privacy and compliance, but it not an issue to throw back at IT to solve.

I hope you’ve found these two episodes with Sheila useful in providing an outline of the problem, as well as some of the steps you can take to address it.

If you want to catch up more with Sheila, you can find her on twitter @sheilafitzp and on Linkedin.

Next week, we look at a different part of the data security challenge, People.

I chat with Dom Saunders from NETconsent as we look at how we can make our people a key asset in dealing with the data challenge.

If you want to make sure you don’t miss that episode, then please subscribe on iTunes, Soundcloud or wherever you get your podcasts.

Thanks for listening…

Subscribe on Android

http://feeds.soundcloud.com/users/soundcloud:users:176077351/sounds.rss

Best Take Care Of Those Crown Jewels – Sheila Fitzpatrick – Ep 17

Data, it’s the new oil, new gold, your Crown Jewels. We’ve all heard these phrases, but it is hard to deny that data is a fantastic asset, companies who know how to mine true value from it have a distinct advantage over their competitors and we are continually creating more of it.

However, it’s fair to say that data also comes with its challenges, we must store it all, make sure we protect it all and of course we need to make sure it’s secure.

The challenge of data security and privacy is right at the top of the list of priorities for most IT executives, and, if it isn’t already, it should be high on the list of priorities for business owners and boards as well.
Maintaining the security and privacy of our data is going to continue to be a complex problem, from the multi-faceted security threat, to the introduction of more stringent data privacy laws.

To try to help to address this, this week’s podcast is the first of a short series focussing on the twin challenges of data security and privacy. First is a two-part episode exploring the issue of Data Privacy, with my guest Global Data Privacy Attorney Sheila Fitzpatrick.

Sheila is NetApp’s Chief Privacy officer and World Wide Data Governance and Privacy Council, and has nearly 35 years of experience in the field of data privacy, so is well placed to comment on the current data privacy landscape, the challenges of managing data and the issues presented by changing regulation.

In this first part, we look at what data privacy is, what defines personal data, why it’s important to understand the full lifecycle of your data management procedure, the difference between data security and privacy, as well as an introduction to the upcoming EU General Data Protection Regulation (GDPR).

Sheila couples her huge experience of data privacy with a tremendous enthusiasm for her topic, which makes her a fantastic person to learn from. Enjoy the episode.

If you want to catch up more with Sheila, you can find her on twitter @sheilafitzp and on Linkedin.

Next week we’ll be focussing on the biggest change to data privacy in the last 20 years, the EU General Data Protection Regulation (GDPR), its impact, what it means to us and how to start to build a data privacy strategy.

If you want to make sure you don’t miss that episode, then please subscribe on iTunes, Soundcloud or wherever you get your podcasts.

Subscribe on Android

http://feeds.soundcloud.com/users/soundcloud:users:176077351/sounds.rss

The Data Privacy Challenge – Sheila Fitzpatrick – Ep8

The security of our data is a significant challenge for us all, as individuals and as organisations, big or small, keeping our data secure and maintaining privacy is no longer a nice to have, it’s a necessity.

In this episode, global data privacy expert Sheila Fitzpatrick joins me, Sheila is data privacy officer for global storage giant NetApp. Her job is not to sell NetApp solutions, her role is to ensure they comply with global data privacy legislation.

In our chat, we discuss the difference between privacy and security, is the data security challenge a myth?, the impact of GDPR and how to start building robust data privacy solutions.

Sheila is an attorney and renowned global expert in her field. She is truly passionate about the topic of privacy and shares some fantastic tips.

So dive in and enjoy the episode.

if you’d like more information from Sheila you can follow her on LinkedIn and also on twitter @sheilafitzp

I also had the pleasure while at NetApp Insight to interview Sheila for NetApp’s own event coverage, you can find that brief interview here.

I hope you enjoyed this latest episode, next week, I’m chatting software developer careers with Joshua Lowe as he tells me about his already exciting progress as a developer, oh and did I mention he is only 12!

If you want to make sure you don’t miss out, you can subscribe to the podcast on iTunes, Soundcloud or wherever you get your podcasts.

You can of course catch up on all the back catalogue here in the TechStringy Interview section of the site.

Subscribe on Android