Data protection and data breach notification are no longer a media relations issue or opportunistic PR choice: It is law, with fines amounting up to 4% of the organization’s worldwide turnover. Not complying to the EU General Data Protection Regulation (GDPR) can lead to a financial drain equal to breaking EU Competition Law; a devastating amount for any business! The GDPR will affect almost every business that collects or handles the personal data of any European citizen. The legislation is welcome news for consumers who will get more say over how their data is handled, rights to be forgotten and transparency of data breaches. For organizations, the far-reaching nature of the GDPR means every aspect of a business will feel its impact and, in places, entire processes will need to be replaced or set up from scratch. GDPR covers a wide range of issues relating to personal data, such as privacy, monitoring and security. It compels businesses to apply privacy by design, disclose personal data breaches within 72 hours and encrypt the data they hold.
LSEC GDPR Activities 2016-2018
The EU General Data Protection Regulation is the most important change in data privacy regulation in 20 years…and we're here to make sure you're prepared ! Our aim is to provide at least 5 sessions where different aspects of the GDPR implementation will be investigated in depth, on the basis of the legal principles, experiences on implementation and indication which tools might be supportive of these implementations. The seminars are oriented towards DPO’s & other privacy officers, CISO’s, CIO’s, legal counsel, compliance officers, tax & audit, Company Directors, Business and Technology Managers, business people who should be involved in the data protection of their customers and partners. It is a unique combination of regulatory requirements, business impact and challenges for practice that we are focusing on, a difference from either the pure legal or technology perspectives. In a first session, on December 19Th, the aim is to present the basics and the general overview, already with some current challenges and ideas, followed by the detailed sessions in 2017.
Session 3: Privacy Impact Assessment;
hosted by Deloitte
• privacy impact assessment (PIA)
• and assurance, product and marketing PIA
• database protection and accessibility
• restricted use, best practices and experiences
• best practices and experiences
• Case Study: Privacy Impact Assessment at STIB-MIVB, by Jean-Marc Godeau from STIB-MIVB and Laurie-Anne Bourdain from EY
A case study of how PIA was deployed at STIB-MIVB and how Jean-Marc’s project was impacted by new GDPR requirements, starting with the performance of a PIA; how new requirements were handled, what were the challenges and pitfalls.
• Ulrich Seldeslachts, CEO at LSEC
• Fakhreddine El Mourabiti - Data Security Segment Technical Leader- Europe at IBM
• Erik Luysterborg EMEA Privacy & Data Protection Leader at Deloitte
• Hans Graux, lawyer and owner at timelex
• Nicolas Delcroix, partner at RSM
Event Venue & Registration:
Luchthaven Nationaal 1J
Registration is free of charge upon prior registration via the registration page, with special thanks to LSEC Member Deloitte for hosting the event;
please do take note that seats are limited