GDPR + CIAM

Turning GDPR Compliance into a Competitional Advantage Through Customer Identity Management (CIAM)

In looking at the upcoming EU Privacy Regulation (General Data Protection Regulation - GDPR), we need to not only understand its impact on our businesses and find our best path to compliance, but also find out how we can reach beyond pure compliance thinking, capturing the business opportunities coming along with implementing GDPR into our business models, processes, policies and tools. And, btw., GDPR is relevant not only for EU companies, but also for any organization dealing with personally identifiable information (PII) of EU citizens. Join this great panelists lineup to find your best approach to not only successfully implement GDPR compliance, but also introducing the new “privacy-by-design” – inspired business world where the connected customer sets the rules.

Key Takeaways:

• The basics of GDPR: Scope, timing, intention. Will it be the same all over Europe or will there be local exemption rules?
• Can Non-Compliance hurt? And if so: How?
• Consent Lifecycle Management: Why it is important now and how to implement it
• Privacy by Design, Governance by Design – What the law requires and how to comply
• How does all this fit with the connected consumer´s sharing economy? How to make a business out of a compliance indicated need for change

Consent Lifecycle Management

Digital identity is now an essential element for our interactions online, bringing with it all the social complications and new norms describing how these new relationships should work.

A lot of attention has been garnered by Content and Privacy, although largely as an expression of desire, and a sense of personal invasion, than as a technical enabler. With the rise of GDPR from the EU, and PIPEDA in Canada along with regulations requiring open data, like PSD2 there is a veritable minefield of compliance issues.

Introducing “Consent Lifecycle Management” as new paradigm for looking at and managing content and privacy related issues. Discussing consent as a lifecycle rather than a discrete event and how it relates to, and defines the trust relationships involved.

I will discuss the lifecycle of consent, and iterate the stages, and the important aspects of each stage. The trust relationship that develops and ultimately ends, is integral in this lifecycle, and needs to be considered as such.

Regulation is the lowest form of incentive, with compliance being emphasized which ultimately leads to a mindset of lowering expense, and doing the minimum necessary to avoid penalty. I will discuss the business realities of Consent Lifecycle Management, and how they become competition drivers, and how embracing the consent lifecycle leads to increased satisfaction, and consumer adoption.

Addressing specific examples of how understanding and managing the consent lifecycle empowers the consumer, and allows features to be delivered that would otherwise be impractical.

With the GDPR as a backdrop, I will show how Consent Lifecycle Management can enhance the user experience while at the same time satisfying the requirements of regulation. We will also address the implications of consent revocation, and the related privacy and data retention requirements.