Are you aware of the new European General Data Protection Regulation (GDPR) coming into force in May 2018? A detailed understanding of privacy and personal data regulations is essential for anybody handling personal data within their projects, and if you want to be more confident in the management of the legal and regulatory aspects of data protection then this talk is relevant to you. In it we will look at the key legal principles and concepts of data protection and cover how you can build personal data management into your projects from the beginning.
The talk will explain the role of the Data Protection Officer at University of Luxembourg as well as the different actors and entities involved in regulating data protection, including the Data Protection Authority and the various commissions and committees at University and national level. The concept of personal data will be explained in relation to legal principles and the field of research; The talk will place particular emphasis on the SnT’s role with regard to data protection, addressing its obligations in terms of security and confidentiality. The talk will conclude by going through the key elements of the GDPR, focusing on their specific implications for research (accountability, privacy by design, Data Protection Impact Assessments etc).
Regulations require that high-level data protection is built into the development of business processes for products and services from the start and implemented throughout: given the complexity of the issue and the level of possible sanctions it has never been more important to be prepared.
Sandrine Munoz holds a PhD in European and French law focused on internet issues, from the University of Nice-Sophia Antipolis (South of France). She began her career at the Ministry of the Economy, Luxembourg as an expert in electronic commerce legal issues and subsequently moved into the private sector during the period of expansion of internet activities.
She has held several positions at Banque Internationale à Luxembourg (BIL), allowing her to acquire a broad range of experience as a lawyer and compliance officer. In her final four years at the bank she was responsible for personal data protection within the compliance department. Her responsibilities included advising commercial and administrative staff, providing best practices and guidance for personal data processing, reviewing contracts with regard to personal data protection issues, and applying for authorizations from and notifications to the Commission nationale pour la protection des données (CNPD).
She has been in charge of Personal Data Protection at the University of Luxembourg since June 2016, and is a member of the Association pour la protection des données (APDL) where she is involved in the Data Protection Impact Assessment Working Group.