May 5th, the European Parliament finally publsihed the GDPR (General Data Protection Regulation), which will take effect on May 25th, 2018. With more than 70% of European companies not even aware of this regulation, let alone be ready to comply to the regulation, LSEC and its Members and Partners started with a series of events and activities that will support the strategic definition, implementation of activities and exchanging expert advice that lead to compliance.

Series of events : During these events all different aspects will be investigated in depth. The major differentiator is that we will not only debate the legal implications, but will deep dive into its implementation best practices, building on top of existing processes and procedures (such as ISO 27k, PCI/DSS, Basel II, ....), using existing technologies (implementing the right rules on NGFW, NGIDS, SIEM, Data Leakage in End Protection, Encryption technologies, ....). 

• Part 1 : Mo 19/12.2016 : GDPR general introduction day – setting out the topics, panels and keynote introductions, Brussels, IBM Client Innovation Center - Bourgetlaan, Diegem
• Part 2 : Th 23/2 – Brussels – personal data localization, which personal data, is it in compliance, did you get  consent for current (and future) actions and activities, ensuring protection against data leakage, ensuring governance and data access management restrictions, assigning DPO, best practices and experiences

 

• Condensed VOKA Vlaams Brabant Day : Fr 17/3 - Actuasessie : New Regulation - Data Protection, Leuven, VOKA - Flanders DC
• Condensed Luxemburg Day : Th 1/06 : GDPR Condensed day including basics - applying legal, advisory and technical solutions, Luxemburg, Micosoft.

 

• Part 3 : Th 8/06 – Brussels – privacy impact assessment (PIA) and assurance, product and marketing PIA,  database protection and accessibility, restricted use, best practices and experiences …- Register Now
• Part 4 : Th 30/11 – scenario planning, data loss management, reporting, crisis management, internal communication, best practices - Register Now
• Part 5 : Th 22/02/2018 – Brussels – issues and identified risks, major hurdles and challenges, policy reflections, best practices - Register Now 
• Part 6 : Fr 25/5/2018 – Brussels– GDPR birthday party Help them connect with European networks and benefit from research and research opportunities - Register Now

These seminars will be supported with various white papers, expert advisory and sessions minutes.

 

Documentation and background information : 

• Introducing : 
  • Official Publication, 04.05.2016  : http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf
  • LSEC Presentation at Infradata event,15.11.2016 
  • Ovum Report : Data Privacy Laws, published 12.2015, 14p
    A market study of data protection readiness and insights into some of the other international data protection regimes (US, South America, ;.. ) in comparison to EU. 
  • Bird & Bird : Guide to the General Data Protection Regulation : published 04.2016, 66p
    clear guidance and todo list, with comments referring to the original regulation text  
  • Linklaters : The General Data Protection Regulation - A Survival Guide : published 06.2016, 56 p
    an excellent overview bringing up front some of the key challenges and timing, with various To Do's and practical advisory. 
    
    GDPR_2016
  • UK Information Commissioners Office (ICO) : 12 steps to 
    
    GDPR_2016
  • European Digital Rights : GDPR Key Issues Explained 
    
    GDPR_2016
• Advisory support
  • An overview of Clearswift services in relation to GDPR 
    
    GDPR_2016
• Data Discovery 
• Policies and Procedures supporting the installation of Data Protection Policies
  • ISO 27000
  • PCI/DSS
  • Communications Directive Article 13
  • Sophos Sample Data Protection Policy
• Awareness activities
• The DPO and its role
• Relations to the DPA
• Technologies supporting Data Protection in the Enterprise
  • General Overview : 
    • IBM Technology Overview
    • Sophos Compliance Check
• • Personal Data Discovery Tools
    • Proofpoint Data Profiler
  • Data Storage 
    • Oracle Database Security Products 
      
      GDPR_2016
  • Privacy Impact Assessment
    • Kenniscentrum Wetgeving en Juridische Zaken, Toetsmodel Privacy Impact Assessment - Dutch Government
    • NOREA (beroepsorganistie van IT-auditors) - Privacy Impact Assessment - introductie, handreiking, vragenlijst - version 1.1, July 2015
    • BSI - German Government - Privacy Impact Assessment - Documentation
  • Next Generation Firewall
  • End Point Protection Technologies
    • Sophos Safeguard Encryption
  • Database Protection 
  • Cloud Services Protection 
    • Sophos Safeguard Encryption
  • Compliance Tools
    • Sophos General Compliance Check
    • SAP Compliance with CSI Tools
  • Governance Risk & Compliance Tools
    • IBM Information Lifecycle Governance 
  • Encryption Technologies & Encryption implementation
    • Sophos SPX Encryption
  • Monitoring - SIEM Tools
    • How to Use Splunk for Regulatory Compliance (74p document)
    • Don't Let GDPR Blow You Away : 5 tips to help you sail - Slideshare 46p
• Other events and activities of importance 
  • CPDP 2017 : the age of intelligent machines

 

Any additional suggestions for information and documentation, please send to gdpr at lsec.eu. 

 

Looking forward meeting you at one of the upcoming events over the next year and a half. 

Join us in making a successfull transfer to compliance and protection personsal data and privacy of your customers, employees, partners and European citizens overall.