Seyfarth Events

GDPR Webinar Series: What Are the Specific GDPR Provisions Effective May 25, 2018, and What Organizations Need to Prepare Now for Compliance

9/20/2017

Cost: Free

Webinar

1:00 p.m. - 2:00 p.m. Eastern
12:00 p.m. - 1:00 p.m. Central
10:00 a.m. - 11:00 a.m. Pacific

Is your organization ready for the new EU General Data Protection Regulation?

On May 25, 2018, the EU General Data Protection Regulation (“GDPR”) will impose significant new obligations on all U.S. companies that handle personal data of any EU individual. U.S. companies can be fined up to €20 million or 4% of their global annual revenue for the most egregious violations. What does the future passage of GDPR mean for your business?

 
Our experienced eDiscovery and Information Governance (eDIG) and Global Privacy and Security (GPS) practitioners will present four 1-hour webinars in August through October of 2017. The presenters will provide a high-level discussion on risk assessment tools and remediation strategies to help prepare and reduce the cost of EU GDPR compliance.
 

What Are the Specific GDPR Provisions Effective May 25, 2018, and What Organizations Need to Prepare Now for Compliance?

The second webinar in the series will cover: 
 
  • The GDPR provisions will apply to U.S. organizations that process and transfer EU personal data both in the ordinary course of business, and in the context of pre-trial litigation and regulatory discovery
  • The penalties for GDPR violations have been dramatically increased up to 4% of global annual turnover for undertakings or 20,000,000 EUR, whichever greater
  • The GDPR requires organizations to report data breaches within 72 hours 
  • The GDPR and the U.S. Judicial Redress Act allow EU citizens to bring direct actions against U.S. Government under the U.S. federal Data Privacy Act.
  • The GDPR requires organizations to implement, by default, new privacy by design security requirements for existing and new IT systems that handle EU personal data
  • The GDPR requires U.S. organizations to delete EU personal data within 45 days, upon request; and requires them to provide such personal data in a reasonably usable format
  • The GDPR requires certain organizations to appoint a full-time company data protection officer to coordinate with EU Data Protection Authorities, the Department of Commerce, and the Federal Trade Commission
  • The GDPR requires extensive documentation of EU personal data processing and transfer activities, including the particular basis in scope of such activities - auditable by EU Data Protection Authorities and the FTC, for compliance review and potential enforcement actions
 
 
If you have any questions, please contact events@seyfarth.com.
 
*CLE Credit for this webinar has been awarded in the following states: CA, IL, NJ and NY. CLE Credit is pending for GA, TX and VA. Please note that in order to receive full credit for attending this webinar, the registrant must be present for the entire session.