Data governance and privacy are concerns of everyone in the wake of the massive data breaches and hacks which have affected many companies. Many global companies are required to comply with the European Union’s General Data Protection Regulation (GDPR), which is law as of May 25, 2018, and forces anyone who does business in the EU to subject themselves to a number of data governance requirements. There are new rights for individuals and new penalties for businesses. Business must also update their processes to incorporate key data governance principles such as those in the US-EU Privacy Shield– or else be subject to draconian fines. Even domestic US companies who do business only in the US with people holding a valid EU passport must afford those individuals the same privacy rights they would receive in the EU – thus making these rules de facto requirements for most US companies today.
This session will present a high level overview of GDPR, and its key provisions, including the naming of individuals to privacy-related roles, the major responsibilities of those with data under the statute, and its impact on an organization’s ability to lawfully gather, store, or process information on EU citizens. It will also include a high level discussion of data governance and internal controls which may be used to comply with some of the requirements. We will also include some discussion of selected other privacy requirements and major privacy frameworks like Generally Accepted Privacy Principles.
Delivery Method: Individual webcast
CPE Credit: Specialized knowledge
Program Level: Intermediate