Data Privacy By Design
An e-talk was held on 30 October 2021 by Ms. Reetwika Banerjee who is the Cluster Lead of Global Client Information Security. The topic of the e-talk was ‘Data Privacy By Design’. The faculty chief guest for the e-talk was Prof. Vidyavati Ramteke.
Ms. Banerjee started the e-talk by sharing the agenda. The speaker further moved on to introduce the topic for the e-talk. She very well differentiated between data security, data privacy and data protection. She shared many informative concepts, some of which were PII, PHI, PCI, BCI, Sensitivity, CIA, Encryption, DLP, Masking and many more. The speaker further moved on to explain the need for security and privacy. Ms. Banerjee talked about the key roles and pillars of the data privacy governance which are data subject rights, data controller obligations, data processor obligations, consent, accuracy and accountability and many more.
The speaker further moved on to explain the meaning of ‘Data privacy by design’. She very briefly explained the meaning by mentioning that one has to integrate or ‘bake in’ data defense into one’s processing activities and business practices, from the design stage right through the lifecycle. She further added that GDPR now makes privacy by design mandatory over advisory. Ms. Banerjee also explained the key principles of data privacy that are data minimization, lawfulness, fairness and transparency, no automated decision making and profiling, purpose limitation and storage limitation. She further moved on to explain the importance of privacy in design. She explained that privacy by design ensures that an ‘uncompromisable’ safeguard for the data in question is embedded throughout its entire lifecycle from collection to deletion.
Ms. Banerjee further moved on to explain the data privacy framework (DPF) in detail. She talked about Personal Information Security as well as Information Usage and Access, Monitoring and Training. She also talked about the privacy strategy and processes.
The speaker finally concluded the talk by sharing the different career paths in the data security domain. She also briefed about the different opportunities that are available in the data security domain. Overall, it was an extremely informative session for the students.
-Khyati