On January 23, 2019, the European Commission announced its decision to adopt adequacy status with Japan for transfers of personal data. Pursuant to the European Union’s (EU) General Data Protection Regulation (GDPR), this decision will allow personal data to flow freely between the 28 EU countries, three additional European Economic Area member countries (Norway, Liechtenstein, and Iceland), and Japan, without the need for additional data protection safeguards or derogations. Japan adopted an equivalent decision with the EU on January 22, 2019. These reciprocal findings of adequacy will create the largest area of safe data flows in the world.
In preparation for the General Data Protection Regulation (GDPR), set to take effect in the EU on May 25, 2018, we have hosted a series of webinars to help attendees navigate the changing data protection landscape. The GDPR is the EU’s most important change in data privacy regulation in 20 years, replacing the 1995 Data Protection Directive, and will affect any company that processes data pertaining to individuals in the EU. Please find more information on the presentations below:
- Overview of Preparing for the General Data Protection Regulation (GDPR): A high-level plan for preparing for GDPR implementation.
- Conducting a Data Inventory and Mapping: The process of conducting a data inventory and mapping.
- Establishing a Data Protection Officer: The requirements and considerations concerning the appointment of a Data Protection Officer.
- Conducting Data Protection Impact Assessments: The requirements and considerations for conducting a data protection impact assessment.
- Determining Your Lead Data Protection Authority: Determining a lead data protection authority and options for companies whose existing structures do not allow them to take advantage of this mechanism.
- Right to Data Portability: Determining the scope of the new data subject right to data portability, when it applies and what it means in practice.
- Legal Bases for Processing: The provisions of legal bases for the processing of personal data.
- Transparency: The provisions of the GDPR transparency requirement and its effects on data subject rights.
- Automated Processing and Profiling: Understanding the automated processing and profiling rights of data subjects under the new GDPR.
- Data Breach Notification: Circumstances in which notification is required and how to implement effective incident response plans.
- International Data Transfers: The key requirements for international data transfers, including actual and potential changes to existing transfer mechanisms.