GDPR compliance – Building confidence through continuous effort

Objectives

The EU General Data Protection Regulation has been applicable since 25 May 2018 and continues to evolve through regulatory guidance, enforcement actions, and new related legislation (such as the Digital Operational Resilience Act, the Data Governance Act, Digital Services Act, NIS2, and AI Act). Ensuring GDPR compliance remains a key challenge for organisations, not only to avoid sanctions but also to maintain trust of their stakeholders and accountability in the digital age.

The objectives of this course are to:

• understand the fundamental principles of data protection and their impacts ,

• identify the responsibilities and main operational impacts for data controllers, processors and  Data Protection Officer (DPO),
• provide participants with practical solutions to oversee data protection activities and a  view on latest regulatory developments including their implications for data protection governance.

Content

Reminder of the basics under the GDPR and Luxembourg law

Practical guidance (including wrap up quiz)

• Contracting with processors 
• The exercise of data subject’s rights
• Data breaches – How to identify them and how to react?
• Data transfers and “Transfer Impact Assessments”
• Impact of NIS and DORA on state-of-the-art measures under article 32 of the GDPR
• Internal investigation, on-site inspection by the CNPD
• Consequences of non-compliance: fines and potential liability 
• Recent developments
• Latest decision of the CNPD
• How to use AI in a GDPR compliant way?
• Question and answer session

Speakers

Our speakers belong to both our specialised and complementary teams and as such cover all legal, regulatory and advisory aspects of doing business in Luxembourg. We invite you to check our training agenda where the speakers are listed on each training session.

Target audience

In house Counsel, Risk Managers, Chief IT Officers, CEOs, COO’s, Compliance Officers and any persons who are or will be implementing a role closely related to data protection and need further training to help support their organisation to comply with data protection laws and best practices

---

For more information please contact us by e-mail institute@arendt.com