Practical insights on what needs to be done to prepare all levels of staff for the GDPR. Originally broadcast on 31 January 2018.
The EU General Data Protection Regulation (GDPR) will replace the EU Data Protection Directive and the Data Protection Act 1998, with effect from 25 May 2018, regardless of Brexit. GDPR will apply to businesses, public authorities and charities established in the EU, as well as organisations established outside the EU that offer goods and services to, or monitor the behaviour of, individuals within the EU. GDPR brings significant changes, granting individuals enhanced rights and imposing a number of new obligations upon organisations. It also confers new powers upon the data protection authorities that will enforce its provisions. Training your staff to understand the requirements of GDPR is a crucial step in demonstrating compliance with the new accountability principle it will introduce.
The session will cover:
- What is the GDPR and key definitions
- Who is impacted?- compliance, HR and employees too
- Personal data - what is regulated under the GDPR.
- Individual rights - what will this impact
- Consent - how is your company seeking, obtaining and recording consent to the GDPR standard?
- Documentation - do your staff know how to document details of the personal data they hold?
- extension of liability to service providers - are your contracts up to speed?
- the right to be forgotten- is your software compliant?
- data loss and reporting - training staff to look for red flags.
About the speakers
James Castro-Edwards, partner and head of Data Protection, Wedlake Bell
James advises organisations in the private, public and third sectors on data protection issues. His experience includes managing global data protection compliance projects for multinational companies, providing advice on discrete data protection issues and advising companies that have suffered a data breach. James has also developed and delivered data protection audit and training programs to a wide variety of operators. He is the author of the EU General Data Protection Regulation: A Guide to the New Law.
Jonathan Wright, solicitor, Wedlake Bell
Jon specialises in data protection and cyber security and is experienced in advising domestic and international clients on a variety of complex commercial and data protection issues. Jon’s experience includes providing day to day advisory work for a major international bank, which involves advising on complex data protection issues, and he advises global companies on the processing and handling of employee personal and sensitive personal data, both within and outside the EEA. Jon regularly manages global data protection compliance projects for multinationals.
This webinar is discounted to Law Management and Risk & Compliance section members.