Thursday April 9, 2020

"GDPR is not a one size fits all policy but requires a risk-based approach. In that sense, it is business friendly"

Ivana Bartoletti, Head of Privacy and Data Protection, Gemserv, UK on the ongoing, transformative journey that is GDPR

26th September, 2018

What's your name?

Ivana Bartoletti

What position do you hold?

Head of Privacy and Data Protection at Gemserv.

How long have you held the position?

I have been at Gemserv for a year.

What are your day to day responsibilities?

My days are never the same! I advise clients from all sectors including health, finance, adtech, and within the energy market. I support them with Privacy by Design, Privacy Impact Assessments, data breach handling, international data sharing agreements as well as digital advertising and ePrivacy. Lately, I have advised on more complex privacy and technology issues, including Artificial Intelligence, Machine Learning and the Internet of Things.

I regularly speak and train on data privacy and digital ethics, in both the UK and overseas. I write in the Guardian amongst other newspapers and am often talking privacy on the BBC.

Finally, I have co-founded the Women Leading in AI Network and we convene meetings with researchers, developers, thinkers and politicians to understand how we can build governance around AI and use of big data, whether in relation to automated decisions and their impact on individuals – or micro-targeting and its impact on democracy.

What is your professional background?

I started in privacy and data protection because I am passionate about it! I started over a decade ago as an adviser to the Human Rights Minister in Italy. I then headed up Information Governance in an NHS organisation, worked as global privacy manager at Sky and Barclays before heading up the data protection practice at Gemserv.

Tell me about yourself away from work?

I am fortunate that I work in the same area that I like to research in my spare time. I am the vice chair of a think tank and love researching digital ethics and how microtargeting and social media influence our democracies. Other than that, I enjoy flamenco dancing and travelling.

Tell us something very few people know about you?

I love flamenco music, and sometimes I end up on the dance floor!

You are speaking at our GDPR Summit in November. What are you speaking about?

I will discuss three different challenges I have seen organisations struggling with and advise on how to address them. I will try and be as practical as possible to really help attendees with what I have seen my clients struggling with.

What challenges do you see for organisations implementing the new regulations?

Firstly, Technology. It is rapidly evolving and the GDPR can feel like it’s struggling to keep up with pace.

Secondly, the GDPR is a transformative journey, and ongoing one. A business needs to make sure every department is involved.

Thirdly, the challenges that arise when organisations lose focus. The GDPR is not a one size fits all policy but requires a risk-based approach. In that sense, it is business friendly and businesses should be taking advantage of this.

Ivana Bartoletti will be appearing at The GDPR Summit. The agenda and further details for this important national event at Croke Park on November 6th, are available at

Related Stories

Leading telecoms investment company APWireless acquired by Landscape Acquisitions Holdings Limited

Business Post Reporter | 4 days ago

Covid-19 means the online space just got a whole lot more competitive, so now is the time to ensure your website is high-viz

Fiona Alston | 4 days ago

With the majority now working from home, businesses need to adapt their security strategies to fight the new threats this brings, writes

Steve Mulhearn | 4 days ago