Submitted by Sandy Silk, Harvard University
The SIM Boston Education Roundtable met on April 19th at Bentley University for networking and a very engaging discussion about the steps educational organizations should be taking to prepare for the imminent May 25 compliance date for the General Data Protection Regulation (GDPR). Sue Bergamo, global CIO & CISO at Episerver, provided key elements and compliance strategies about the new EU-wide privacy regulation, and Keith Moran, CTO of the University of Massachusetts President’s Office, provided an overview of the strategy his institution is following near-term and longer-term for good faith compliance.
The GDPR empowers individuals to take more control over their personal information collected and processed by organization, including the right to obtain a list of data elements collected and shared, the right to correct inaccurate information, and the right to be “forgotten” (data erased). Organizations must be prepared to respond to these requests, and they must also be prepared to respond to breaches of personal information with speedy notifications and fraud protection services to those involved. Attendees discussed case studies of data collection and usage of great importance to our institutions, such as alumni and donor cultivation, marketing of executive education and distance learning programs, and international travel and research by US-based faculty and students.
For more information on the Education Roundtable, visit
~ Sandy Silk, Harvard University