Megan Bell has been working with regulated data for more than 15 years.
And when you think about regulated data and 2018 – GDPR is at the top of the list for business. Even if you “don’t do business” in Europe.
Says Bell, “The GDPR does not have geographic boundaries. If an organization is not established in the EU but offers goods or services to, or monitors the behavior of, EU data subjects, then compliance with the GDPR is required. “
Megan will bring her expertise in privacy-by-design, data anonymization and security and privacy analytics to lead the session “GDPR: A Check-In on Readiness, Rollout, and Watch-outs” to SecureWorld Bay Area on October 5.
One of her ‘watch-outs’ as she calls it, is around Personally Identifiable Information (PII). She says any direct or indirect data that can be used to identify an individual is considered PII and likely falls under the GDPR.
“This includes the various types of machine data produced by electronic devices and relatable to individuals. Vetting machine data to filter PII versus non-PII data that exists in sources such as log and configuration files or software code will require time, investment, and technology. Understanding how data sets can be combined for re-identification of individuals is also an important consideration.”
There are many other 'watch-outs' as well, which she will discuss October 5 at the SecureWorld Cybersecurity Expo at the Santa Clara Convention Center. Make this session a part of your prep-work for GDPR compliance.
Here is the complete agenda for the October 5 Bay Area cybersecurity conference. You can also explore attendee options and register here for a day of powerful takeaways to help you secure your organization.