Data Protection for Financial Firms: A Practical Guide to Managing Privacy and Information Risk
Data Protection for Financial Firms deals with the practical application of privacy legislation and offers direction in developing and maintaining an effective privacy regime.
The book provides the reader with practical guidance across a broad range of data protection issues, from dealing with marketing concerns from a legal and practitioner perspective to providing training and awareness to staff.
The contributors have given advice from their practical experience as practitioners or advisors and have provided viewpoints from a legal, technical, and operational perspective.
Recent years have seen an explosion in the volume of data collected and processed by financial firms and the public have a justifiable interest in how this personal data is used and protected. Privacy professionals must ensure they comply with the 1998 Data Protection Act and associated legislation and guidance from regulators, while also implementing and managing a sound privacy and information risk regime within their individual companies. There is often a degree of conflict as businesses wish to gather and use ever increasing amounts of information about people, yet this is only permitted in compliance with laws that safeguard the rights of individuals.
The public have a legitimate and ongoing interest in how financial firms use and protect the personal data that they collect and create. The use of personal data is a balancing act, between the business need for flexibility and innovation, against the need to respect the rights of individuals as laid out in privacy legislation and guidance.
A rational and sound approach to privacy does not prevent business, nor place costly and time consuming requirements on the business. It sets a foundation for good business practice through building trust between you and your customer.
Containing many useful features such as templates for data sharing and risk assessment and flowcharts for dealing with subject access requests, Data Protection for Financial Firms is an essential purchase for all privacy practitioners, auditors, lawyers, compliance professionals and consultants working in this area. SHOW LESS READ MORE >
1 Introduction to Privacy and Information Risk
Hunton and Williams
2 Privacy and Information Risk Training – practical tips
3 Subject Access Requests
4 Managing Privacy Breaches
Hunton and Williams
5 Marketing – The legal requirements
6 Marketing – Practitioner issues
Rhys Jones, Suzanne Rodway and Fedelma Good
7 Data Privacy Standards as Models for Best Practice and Their Role in Compliance
European Privacy Partnership
8 Data Sharing
9 Outsourcing to third party vendors
10 Data Transfer Solutions: Navigating Through the Maze
11 Employee Monitoring
12 Whistleblowing and Data Protection
Tim Gough is the Regional Head of Privacy and Information Risk for Europe and Asia at the Royal Bank of Canada. Prior to working at RBC, Tim worked for the Royal Bank of Scotland, and in the Governance and Regulation practice at Deloitte. Prior to working in the financial services industry, Tim spent a year as a graduate trainee at Macmillan publishers, working on academic politics and economics titles, and previously edited Anti-Money Laundering: A Guide for Financial Firms for Risk Books.
Tim is a member of the BBA Data Protection Panel and a committee member of the Data Protection Finance Group, and holds the ISEB Certificate in Data Protection.