Objectives
The EU General Data Protection Regulation has been applicable since 25 May 2018. It applies directly in all EU member states. Being GDPR compliant has been a major challenge for many businesses.
The objectives of this training session are to:
● give a refresh on the fundamental principles of data protection,
● identify the main operational impacts for the person in charge of the treatment and processing and for the data protection officer (DPO),
● provide participants with a view on latest developments and their impacts.
Content
Reminder of the basics under the GDPR and Luxembourg law
Practical guidance
1. Contracting with processors
2. Access right requests
3. Data breaches – How to identify them and how to react?
4. Impact of NIS and DORA on state-of-the-art measures under article 32 of the GDPR
5. Internal investigation, on site inspection by the CNPD
6. Consequences of non-compliance: fines and potential liability
Recent developments
1. Schrems II and the transfers of data outside the EEA to countries which do not offer an adequate level of protection (and the specific case of the USA if relevant)
2. Latest decision of the CNPD
3. How to use AI in a GDPR compliant way?
Question and answer session
Speakers
Our speakers belong to both our specialised and complementary teams and as such cover all legal, regulatory, taxation and advisory aspects of doing business in Luxembourg. We invite you to check our training agenda where the speakers are listed on each training session.
Target Group
In house Counsel, Risk Managers, Chief IT Officers, CEOs, COO’s, Compliance Officers.
Duration
3 hours.
Language
English
For more information please contact us by e-mail at institute@arendt.com
