SESSION 2 – Challenges in Data Privacy and Cyber-Security


Day 1 | Thursday, November 10, 2016

08.30.–09.00.   Registration & Welcome Coffee
10.30.–10.45.   Coffee Break
12.15.–13.30.   Networking Lunch
13.30.–15.00.   SESSION 3 | PHARMA “Implications of EFPIA Transparency Codes”
15.00.–15.15.   Coffee Break
16.45.–17.00.   Closing Remarks

Session Chair

Codru VRABIE, Anti-Corruption Expert (Funky Citizens)





The Cyber Future: Security and Privacy Challenges

Rob CLYDE, Board Director (ISACA)

At a breathtaking pace new technology arrives that amazes us – yet also scares us in some fashion. At the same time attackers are becoming more innovative and not only stealing and selling information, but also holding data and systems for ransom. Security becomes more challenging and privacy may be doomed. Security, risk and assurance professionals struggle to keep up and have to fight the natural instinct to just say “no” to new things. It seems like there is hardly a device or function that can’t be connected to the Internet. This Internet of Things collects all kinds of data. The cloud gives new power to quickly spin up new workloads and scale with business needs. Big Data and AI provide insights that are enabling amazing new ways to improve efficiency, reach customers, cure cancer and diseases, and predict outcomes. Augmented reality and artificial intelligence applications create new security and privacy implications. New technologies enable governments, criminals, and just about anyone to easily spy and gather information.



Data Privacy Program

Maria MAXIM, Senior Manager (EY Romania, Fraud Investigation & Dispute Service)

Protection of personal data and cyber security become a top priority of each business entity in the context of digital era. The new EU General Regulation on Data Protection approved in April 2016, after 12 years of negotiations on the data privacy reform, provides certain consistency mechanisms, through a closely cooperation between the national data supervisory authorities. Every data controller or processor within the European Union has to adapt its data privacy approach for the personal data related projects. The principle of accountability increases a clear point of focus in the business relationship of the data controller and the data processor: both of them need to closely cooperate each other in safeguarding the personal data, remaining jointly liable towards the data subject for any potential data security incident, or any other breach of data subject’s rights. Eventually, we shall ask ourselves: Is the consent of data subject enough for every processing of his or her personal data? Certainly not! Therefore, the implementation of appropriate safeguarding measures, along with an end to end data privacy process flow, shall not be diminished in their significance. In details, this is to be found out in the field operations, following a thorough analysis case by case, pursuing the relevant guidance offered by a robust data privacy program, and a business specific data privacy impact assessment.



Dimensions of Data Privacy

Mihai G. POPA, Country Head of Law, Patents and Compliance (Bayer, Country Group Romania/Bulgaria/Moldova)