"GDPR is not a one size fits all policy but requires a risk-based approach. In that sense, it is business friendly"

Ivana Bartoletti, Head of Privacy and Data Protection, Gemserv, UK on the ongoing, transformative journey that is GDPR

What's your name?

Ivana Bartoletti

What position do you hold?

Head of Privacy and Data Protection at Gemserv.

How long have you held the position?

I have been at Gemserv for a year.

What are your day to day responsibilities?

My days are never the same! I advise clients from all sectors including health, finance, adtech, and within the energy market. I support them with Privacy by Design, Privacy Impact Assessments, data breach handling, international data sharing agreements as well as digital advertising and ePrivacy. Lately, I have advised on more complex privacy and technology issues, including Artificial Intelligence, Machine Learning and the Internet of Things.

I regularly speak and train on data privacy and digital ethics, in both the UK and overseas. I write in the Guardian amongst other newspapers and am often talking privacy on the BBC.

Finally, I have co-founded the Women Leading in AI Network and we convene meetings with researchers, developers, thinkers and politicians to understand how we can build governance around AI and use of big data, whether in relation to automated decisions and their impact on individuals – or micro-targeting and its impact on democracy.

What is your professional background?

I started in privacy and data protection because I am passionate about it! I started over a decade ago as an adviser to the Human Rights Minister in Italy. I then headed up Information Governance in an NHS organisation, worked as global privacy manager at Sky and Barclays before heading up the data protection practice at Gemserv.

Tell me about yourself away from work?

I am fortunate that I work in the same area that I like to research in my spare time. I am the vice chair of a think tank and love researching digital ethics and how microtargeting and social media influence our democracies. Other than that, I enjoy flamenco dancing and travelling.

Tell us something very few people know about you?

I love flamenco music, and sometimes I end up on the dance floor!

You are speaking at our GDPR Summit in November. What are you speaking about?

I will discuss three different challenges I have seen organisations struggling with and advise on how to address them. I will try and be as practical as possible to really help attendees with what I have seen my clients struggling with.

What challenges do you see for organisations implementing the new regulations?

Firstly, Technology. It is rapidly evolving and the GDPR can feel like it’s struggling to keep up with pace.

Secondly, the GDPR is a transformative journey, and ongoing one. A business needs to make sure every department is involved.

Thirdly, the challenges that arise when organisations lose focus. The GDPR is not a one size fits all policy but requires a risk-based approach. In that sense, it is business friendly and businesses should be taking advantage of this.

Ivana Bartoletti will be appearing at The GDPR Summit. The agenda and further details for this important national event at Croke Park on November 6th, are available atwww.gdpr18.com