1
GDPR and Oracle Cloud Applications ORACLE WHAT IS GDPR? GDPR The General Data Protection Regulation is set to take effect in May 2018. The GDPR affects all organizations, government agencies, and companies globally that offer goods and services in the European Union (EU) or collect or analyze data tied to EU Residents. Organizations Government Agencies Companies MAY 2018 The General Data Protection Regulation Collecting and handling personal data about individuals WHY DOES THIS MATTER? REFINED ROLES UNDER GDPR Stronger responsibilities for data processors and data controllers. With new rights for individuals, accountability requirements for companies, and increased scrutiny by regulators, organizations collecting and handling personal data from EU residents will need to manage their data handling practices more carefully than ever before. Accountability Requirements for Companies Rights for Individuals NEW Increased Scrutiny by Regulators Cloud Provider Data Processor The ‘ data processor’ is the natural or legal person, public authority, agency or other body, which processes personal data on behalf of the data controller . To find out more about Oracle Cloud Applications and GDPR now and into the future, visit www.oracle.com/applications/gdpr Oracle’s capabilities built into Oracle Cloud Applications, can help customers in addressing their GDPR requirements. To get details download the Oracle Cloud Applications and GDPR whitepaper here. KNOW MORE Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Cloud Customers as Data Controller As a data controller, organizations are responsible for any required notices and consents from individuals, and for determining the purposes for which they collect and handle personal data. EU GDPR Article 5: the controller shall be responsible for, and be able to demonstrate compliance with, the principles relating to processing of personal data. These are: lawfulness, fairness and transparency, data minimization, accuracy, storage limitation and integrity, and confidentiality of personal data. Data Controller Cloud Customer Oracle as a Data Processer As a data processor, among other things, Oracle provides its customers appropriate technical and organizational measures that have been designed to protect customer personal data against risks associated with unauthorized processing. Here are some examples: Advanced security controls External audit certifications Data breaches: detection and notification to customers Here are some examples: Providing notices and obtaining required consents from individuals Determining the relevant data uses and purposes Addressing rights of individuals

GDPR and Oracle Cloud Applications v7€¦ · GDPR and Oracle Cloud Applications ORACLE WHAT IS GDPR? GDPR The General Data Protection Regulation is set to take effect in May 2018

  • Upload
    others

  • View
    35

  • Download
    0

Embed Size (px)

Citation preview

Page 1: GDPR and Oracle Cloud Applications v7€¦ · GDPR and Oracle Cloud Applications ORACLE WHAT IS GDPR? GDPR The General Data Protection Regulation is set to take effect in May 2018

GDPR and Oracle Cloud Applications

ORACLE

WHAT IS GDPR?

GDPR

The General Data Protection Regulation is set to take effect in May 2018. The GDPR affects all organizations, government agencies, and companies globally that offer goods and services in the European Union (EU) or collect or analyze data tied to EU Residents.

Organizations Government Agencies Companies

MAY2018

The General Data Protection

Regulation

Collecting and handling personal data about individuals

WHY DOES THIS MATTER?

REFINED ROLES UNDER GDPRStronger responsibilities for data processors and data controllers.

With new rights for individuals, accountability requirements for companies, and increased scrutiny by regulators, organizations collecting and handling personal data from EU residents will need to manage their data handling practices more carefully than ever before.

Accountability Requirements for Companies

Rights for Individuals

NEW

Increased Scrutiny by Regulators

Cloud Provider

Data Processor

The ‘data processor’ is the natural or legal person, public authority, agency or other body, which processes personal data on behalf of the data controller.

To �nd out more about Oracle Cloud Applications and GDPR now and into the future, visit

www.oracle.com/applications/gdpr

Oracle’s capabilities built into Oracle Cloud Applications, can help customers in addressing their GDPR requirements. To get details download the Oracle Cloud Applications and GDPR whitepaper here.

KNOW MORE

Copyright © 2017, Oracle and/or its af�liates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its af�liates. Other names may be trademarks of their respective owners.

Cloud Customers as Data Controller

As a data controller, organizations are responsible for any required notices and consents from individuals, and for determining the purposes for which they collect and handle personal data.

EU GDPR Article 5: the controller shall be responsible for, and be able to demonstrate compliance with, the principles relating to processing of personal data. These are: lawfulness, fairness and transparency, data minimization, accuracy, storage limitation and integrity, and con�dentiality of personal data.

Data Controller

Cloud Customer

Oracle as a Data Processer

As a data processor, among other things, Oracle provides its customers appropriate technical and organizational measures that have been designed to protect customer personal data against risks associated with unauthorized processing.

Here are some examples:

Advanced security controls

External audit certi�cations

Data breaches: detection and noti�cation to customers

Here are some examples:

Providing notices and obtaining required consents from individuals

Determining the relevant data uses and purposes

Addressing rights of individuals