The European Commission (EC) recently issued online guidance on the General Data Protection Regulation (GDPR), a sweeping European Union (EU) data protection legislation that will take effect on May 25, 2018. The guidance is intended to be used as a tool to help businesses as well as the EC, national data protection authorities, EU Member States, and other national administrations prepare for the GDPR. To date, only 2 EU Member States – Germany and Austria – have adopted the relevant national legislation to be in compliance with GDPR.
In preparation for the General Data Protection Regulation (GDPR), set to take effect in the EU on May 25, 2018, we have hosted a series of webinars to help attendees navigate the changing data protection landscape. The GDPR is the EU’s most important change in data privacy regulation in 20 years, replacing the 1995 Data Protection Directive, and will affect any company that processes data pertaining to individuals in the EU. Please find more information on the presentations below:
- Overview of Preparing for the General Data Protection Regulation (GDPR): A high-level plan for preparing for GDPR implementation.
- Conducting a Data Inventory and Mapping: The process of conducting a data inventory and mapping.
- Establishing a Data Protection Officer: The requirements and considerations concerning the appointment of a Data Protection Officer.
- Conducting Data Protection Impact Assessments: The requirements and considerations for conducting a data protection impact assessment.
- Determining Your Lead Data Protection Authority: Determining a lead data protection authority and options for companies whose existing structures do not allow them to take advantage of this mechanism.
- Right to Data Portability: Determining the scope of the new data subject right to data portability, when it applies and what it means in practice.
- Legal Bases for Processing: The provisions of legal bases for the processing of personal data.
- Transparency: The provisions of the GDPR transparency requirement and its effects on data subject rights.
- Automated Processing and Profiling: Understanding the automated processing and profiling rights of data subjects under the new GDPR.
- Data Breach Notification: Circumstances in which notification is required and how to implement effective incident response plans.
- International Data Transfers: The key requirements for international data transfers, including actual and potential changes to existing transfer mechanisms.