The General Data Protection Regulation (GDPR) Webinar Series
November 30, 2017 | Six Months Before GDPR: Why GDPR Is Relevant to U.S. Businesses and How You Can Comply | Webinar
December 19, 2017 | The Requirements of Data Mapping for U.S. Businesses | Webinar
January 9, 2018 | Individual Consent Requirements and Document/Agreement Updates | Webinar
January 30, 2018 | The Risks of Not Having a Data Protection Officer | Webinar
February 21, 2018 | What You Need to Know About Data Subject Rights | Webinar
March 13, 2018 | Data Breaches: Protecting Your Company and Reporting Requirements | Webinar
April 10, 2018 | One Month to GDPR Enforcement: Final Preparations and Review | Webinar
Six Months Before GDPR: Why GDPR Is Relevant to U.S. Businesses and How You Can Comply (presented on November 30, 2017)
Six Months Before GDPR: The Requirements of Data Mapping for U.S. Businesses (presented on December 19, 2017)
Individual Consent Requirements Under GDPR and Document/Agreement Updates (presented on January 9, 2018)
Data Protection Officers: Is It a Requirement? Risks and Obligations Connected with Having or Not Having One (presented on January 30, 2018)
What You Need to Know About Data Subject Rights (presented on February 21, 2018)
Data Breaches: Protecting Your Company and Reporting Requirements (presented on March 13, 2018)
One Month to GDPR Enforcement: Final Preparations and Review (presented on April 10, 2018)
Duane Morris is presenting a series of webinars on strategic planning and compliance with the upcoming General Data Protection Regulation, a far-reaching EU law that affects any company doing business in the European Union. The GDPR establishes a broad range of requirements for enhanced data security, along with significant penalties for non-compliance. As the European Union focuses on protecting the data privacy of EU citizens, the GDPR has greatly expanded jurisdiction:
The GDPR makes its applicability very clear—it will apply to the processing of personal data by controllers and processors in the EU, regardless of whether the processing takes place in the EU or not. The GDPR will also apply to the processing of personal data of data subjects in the EU by a controller or processor not established in the EU, where the activities relate to: offering goods or services to EU citizens (irrespective of whether payment is required) and the monitoring of behavior that takes place within the EU. Non-EU businesses processing the data of EU citizens will also have to appoint a representative in the EU.
Companies in the United States and elsewhere that do business in the EU or market services to the EU must comply with the GDPR by May 25, 2018, or face maximum penalties of up to 4 percent of annual global turnover (gross revenue) or €20 million, whichever is greater, for severe violations. Penalties of up to 2 percent of gross revenue can be imposed for other offenses, such as improper recordkeeping or failure to notify authorities and customers affected by a data breach.
Join an interdisciplinary team of Duane Morris attorneys for an in-depth discussion of GDPR, along with timely and practical strategies to prepare your business for compliance with this complex rule.
Attendees will learn:
- The fundamental requirements for notice, consent, record of processing activities and onward transfer requirements now mandated by GDPR and Privacy Shield
- Practical considerations for your organization’s compliance strategy
- Whether to pursue certification for EU data transfers
- Government and industry recommendations on optimizing and securing cross-border data transfers