USA
Select regional store:

General Data Protection Regulation (GDPR) and Privacy Webinars

The EU General Data Protection Regulation (GDPR) significantly reshapes the data protection landscape for organizations worldwide that collect and process the data of European residents. The Regulation also imposes fines up to 4% of annual global turnover or $23 million (whichever is higher), grants extended rights to data subjects, and allows data subjects to bring legal action against organizations in case of data breach.

As of 25 May 2018, the Regulation imposes fines of up to 4% of annual global turnover or €20 million (whichever is higher), grant extended rights to data subjects and allow data subjects to bring legal action against organizations in case of data breach.

Upcoming GDPR and Privacy webinars

Practical implications of the Schrems II ruling

Date: Tuesday October 6, 2020

Time: 11:00 – 11:45 am (BST)

Presenters:

  • Camilla Winlo, Director of Consulting Services, DQM GRC
  • Preston Bukaty, GDPR Consultant, IT Governance USA

In the wake of complaints from the Austrian privacy activist Max Schrems, who argued that the U.S. government’s mass surveillance practices contradict the protections that the EU–U.S. Privacy Shield was supposed to provide for organizations that make transatlantic personal data transfers, the European Court of Justice ruled that the Privacy Shield is no longer valid.

It also ruled that EU SCCs (standard contractual clauses), also known as model clauses, are valid in principle but not always in practice, depending on the circumstances of those data transfers. This also causes problems for EU-based organizations that intend to transfer personal data to and from the U.S.

Read more

Practical steps to conducting an ISO 27701 gap analysis  

Date: Thursday, 8 October 2020

Time: 10:00 – 10:45 am EST

Presenter: Alice Turley, GDPR Consultant, IT Governance Europe

ISO 27701 offers a best-practice approach to help organizations implement privacy security controls, expanding on ISO 27001’s clauses and Annex A controls that relate specifically to data privacy, as well as providing two additional sets of controls specific to data controllers and data processors.  

Organizations that have implemented an ISO 27001-compliant ISMS (information security management system) can build on their existing work and address data privacy with ISO 27701. By conducting an ISO 27701 gap analysis, you can prioritize work areas to achieve compliance with the Standard and implement a PIMS (privacy information management system).  

In this webinar, GDPR consultant Alice Turley offers practical advice on conducting an ISO 27701 gap analysis, covering:  

  • ISO 27701’s compliance requirements 
  • The mandatory documentation to achieve ISO 27701 compliance 
  • Questions organizations should ask when conducting a gap analysis  
  • Reporting on the results and measuring the closure of gaps  

On-demand GDPR and Privacy webinars

GDPR: Does My North American Organization Need to Comply?

Presenter: Preston Bukaty, IT Governance USA Consultant

The EU’s GDPR (General Data Protection Regulation) has been in force for more than two years, but many North American businesses are still unsure whether they need to comply. Get a high-level understanding of the Regulation and recent developments in data privacy with this insightful webinar which covers:

  • Updates on U.S. state and federal laws and how they compare to the GDPR
  • Whether you need an EU representative
  • The DPO (data protection officer) role
  • The Schrems II decision and what your organization should do about it
  • What the invalidation of the EU–U.S. Privacy Shield means for organizations

Practical advice on how to improve your overall information security in line with the GDPR’s requirements

The webinar covers:

  • An overview of the regulatory landscape and the GDPR’s scope
  • The main responsibilities and obligations of controllers and processers
  • Data breach and incident response management obligations
  • The penalties and liabilities imposed on processers and controllers
  • The limitations and restrictions on appointing joint controllers and subcontracting processors

Do I need to comply with the GDPR? What North American organizations need to know about data privacy.

The EU GDPR (General Data Protection Regulation) has changed the way organizations collect and process personal data. To do business within the European Union, organizations worldwide need to comply with the new law.

The webinar covers:

  • Updates on U.S. state and federal laws and how they compare to the EU GDPR
  • Do I need an EU representative?
  • Is the Privacy Shield enough?
  • What does the Privacy Shield mean for companies?

ISO 27001 and GDPR: How can law firms tackle information security in conjunction with data protection laws?

 

Risk management: How organizations can identify the risk associated with the loss of confidentiality, integrity and availability of information

The webinar covers:

  • Breach reporting and the recommended best-practice approach to identifying, documenting, and investigating incidents
  • How to mitigate risks presented by suppliers that have access to personal data
  • Data mapping/data asset inventories and the procedures for acceptable data use, labelling, and handling

GDPR compliance and information security: reducing data breach risk

The webinar covers:

  • An overview of the GDPR and how an ISO 27001-aligned ISMS (information security management system) can support compliance
  • The benefits of implementing an ISMS
  • The top risks that result in data breaches and what to do in the event of a data breach
  • The technical and organizational requirements to achieve GDPR compliance

Compliance solutions: How can penetration testing support your GDPR project?

The webinar covers:

  • Penetration testing and its role in demonstrating compliance
  • Implementing technical measures to ensure data security and compliance with Article 32 of the GDPR
  • Why penetration tests are vital in uncovering vulnerabilities before criminals do
  • How to meet legislative and regulatory requirements, and achieve an integrated approach with standards such as the PCI DSS (Payment Card Industry Data Security Standard) and ISO 27001

Why should North American organizations comply with the GDPR

 

From May 25, 2018 the EU General Data Protection Regulation (GDPR) changes the way organizations collect and process personal data. To do business within the European Union organizations worldwide will need to comply with the new law.

The webinar covers:

  • Why organizations need to comply with the GDPR
  • The GDPR’s requirements and how this relates to US frameworks and laws
  • Data subject rights (DSARs)?
  • Breach notifications
  • International data transfers
This website uses cookies. View our cookie policy
20% OFFTRAINING