Now that it's officially 2017, have you been thinking about your organization's international data collection and compliance in 2018? If not, you need to-a new set of data protection principles will be taking effect May 25, 2018 that will require an extensive overhaul of your data business and practices in the EU to be compliant or face penalties. This is not a project, it is a program. Join this webinar to review the latest on the General Data Protection Regulation (EU GDPR) from our expert Harvey Nusz.
This one-hour webinar which will provide you with essential information on the key changes expected in privacy rules, the repercussions of the GDPR, the costs of non-compliance and how organizations operating in both the US and Europe best adapt in this transitional phase.
Objectives of the Presentation:
- What is Privacy Shield, why is it or other options needed now, in place of Safe Harbor, and which is best for you?
- US and European Perspectives on the Schrems Case
- Who needs to be compliant with the EU General Data Protection Regulation? (NOTE: This presentation will highlight controls from the GDPR that organizations that have sensitive privacy data should utilize even if they do not need to comply.)
- An overview of the General Data Protection Regulation
- Article 25, Privacy (and Security) by Design and by Default - What you need to know and do, even if your organization doesn't profile customers for additional sales and resources available
- What a processor is and controls needed for your processors
- The challenges around Cloud computing - What you need to know and do and resources available
- The need to demonstrate compliance upon demand
- Wrap up
Why Should you Attend:
Recently passed into law, the European Union General Data Protection Regulation (GDPR) imposes a long list of data privacy and security requirements on companies doing business in the EU or selling goods or services to EU residents.
With a global jurisdictional reach and the potential for fines up to 4% of your last year's worldwide gross sales for non-compliance; the GDPR is perhaps one of the most important privacy and security pieces of legislation in the past 20 years.
The result of significant negotiations between European and American regulators, the Privacy Shield, one of the possible replacements to Safe Harbor, which was invalidated in late 2015, is said to impose more stringent data protection obligations on U.S. companies, create greater transparency regarding U.S. government access to personal data, enhance the legal rights of EU citizens whose personal data is transferred to the U.S., and provide for more robust enforcement mechanisms.
The European Union (EU) General Data Protection Regulation (GDPR) is due to come into effect in May 2018. The new EU Regulation will have a legally binding impact on the working of all 28 member states. Following the upheaval caused by last fall's Schrems decision invalidating the Safe Harbor framework, and after months of anxious speculation about a potential replacement, the EU-U.S. Privacy Shield has arrived. Our speaker will explain.
- What do multinational businesses need to know about this new transatlantic data transfer arrangement?
- How does Privacy Shield differ from the dearly departed Safe Harbor and should you be utilizing Privacy Shield or one of the other alternatives, which we will briefly discuss?
Security and Privacy, GDPR Consultant ,
Harvey Nusz, CIPM, CISSP, CISA, CRISC, CIA, is an independent Privacy, Security, GRC, and Audit professional focusing now on assisting companies in preparing for the EU GDPR, and in the various core competencies needed to achieve compliance by May 25, 2018, and to maintain and prove compliance upon demand.Harvey's core competencies also include Disaster Recovery and Business Continuity Planning and Management, Security Architecture, Identity Access Management, Policies and Procedures, Risk Assessments, and Security Strategies.
A member of ACP, IIA, ISC2, ISACA, and ISSA, Harvey gives back to the profession, and is a Past President of ISSA, South Texas Chapter, a co-founder and Past President of ISACA, Kettle Moraine Chapter, a Past VP of Programs for the AITP, Houston Chapter, and is President of ISACA, Greater Houston Chapter.
Harvey was the only speaker at ISC2's 2016 Security Congress focusing on the EU GDPR, and he has written two of the four requested articles on GDPR for the ISC2 newsletter. He also spoke on GDPR as a panel member of two webinars presented by ISC2 in 2016.
Harvey has over 35 years' experience in Privacy, IT Security, Audit, Identity Access Management, Policies and Procedures, Program Management, GRC, and Strategic Planning, and has already assisted two companies in specific areas of preparation for the EU GDPR.
- Information Security Directors
- Data governance and management professionals
- Staff Attorneys
- Privacy and Compliance Professionals
- HR Professionals
- Risk management professionals and Auditors tasked with compliance and risk transfer