Data protection and data breach notification are no longer a media relations issue or opportunistic PR choice: It is law, with fines amounting up to 4% of the organization’s worldwide turnover. Not complying to the EU General Data Protection Regulation (GDPR) can lead to a financial drain equal to breaking EU Competition Law; a devastating amount for any business! The GDPR will affect almost every business that collects or handles the personal data of any European citizen. The legislation is welcome news for consumers who will get more say over how their data is handled, rights to be forgotten and transparency of data breaches. For organizations, the far-reaching nature of the GDPR means every aspect of a business will feel its impact and, in places, entire processes will need to be replaced or set up from scratch. GDPR covers a wide range of issues relating to personal data, such as privacy, monitoring and security. It compels businesses to apply privacy by design, disclose personal data breaches within 72 hours and encrypt the data they hold.
LSEC GDPR Activities : Putting Data Protection in Practice, GDPR 2016-2018
The EU General Data Protection Regulation is the most important change in data privacy regulation in 20 years…and we're here to make sure you're prepared ! Our aim is to provide at least 5 sessions where different aspects of the GDPR implementation will be investigated in depth, on the basis of the legal principles, experiences on implementation and indication which tools might be supportive of these implementations. The seminars are oriented towards DPO’s & other privacy officers, CISO’s, CIO’s, legal counsel, compliance officers, tax & audit, Company Directors, Business and Technology Managers, business people who should be involved in the data protection of their customers and partners. It is a unique combination of regulatory requirements, business impact and challenges for practice that we are focusing on, a difference from either the pure legal or technology perspectives.
In this comprehensive Luxemburg Session, we will condense some of the basics putting the perspective, with indications of current challenges and opportunities, but NOT ONLY from a LEGAL perspective, best practices in implementing, and ideas on how to practically manage, setting the scene to Plan, Prepare and Change. Planning includes, preparing activities for internal awareness, top management, legal, but also operations and ict security. It includes starting to organize team meetings with product development and marketeers. Prepare includes to organize DPIA's, start investingating where your personal data records are being kept and if a DPO needs to be hired, how to get organized. It also includes documentating the various steps and preparing for additional activities such as improving security measures, policies and technologies. Change will execute on these development tasks and organizing change actions within the organizations to ensure employees and partners include personal data protection attitudes and to ensure that everybody knows the DPO.
Condensed Day Luxemburg : GDPR - PLAN to be Ready, PREPARE to Set, CHANGE to Go
LSEC is organizing various activities and in depth seminars on GDPR development, but has worked together with ATOS Luxemburg to organize a one day session in 2017 bringing the most important learnings in a condensed way.
• 08.45 : welcome & registration, networking
• 09.45 : introduction & agenda setting by Wim Stoffelen, LSEC, chairman of the day
During this introduction, Wim will outline the LSEC activities in relation to data protection and the interest for the association of ICT security companies and practitioners in being involved.
• 10.00 : Accountability and record keeping under the GDPR, by Hans Graux, partner and lawyer at time.lex
• 10.40 : Introducing data protection & GDPR, identifying key challenges, Ulrich Seldeslachts, CEO of LSEC
• 11.25 : Data protection in a business setting, by Jean-Francois Terminaux, Chairman of Finance & Technology Luxembourg
• 11.55 : Conclusions morning session, agenda setting - afternoon
• 12.00: Lunch
• 13.00: GDPR & data protection from a legal perspective & seizing business opportunities, Renaud Le Squeren, DSM Avocats
• 13.40 : Unified data protection controls to smooth the path to compliance, by Matt Logan, Director of Field Engineering at Digital Guardian
GDPR brings far reaching new requirements for companies processing EU citizen data. Many organizations are struggling to understand where they stand and which combination of people, process and technology they will need to become compliant. This presentation will outline the role Data Loss Prevention (DLP) technology can play in a GDPR program, including an explanation of key functions of DLP such as data discovery, data classification and data egress controls. We will outline how these functions can be used for initial planning and assessment of the GDPR compliance gap, as well as for a fuller program which supports the Data Protection Officer, breach notification processes and general protection of sensitive personal data against insider threats and advanced attackers.
• 14.20 : GDPR with legacy systems, by Dominique Orban de Xivry, CEO of Rever
• 15.00 : Utilising Security Information & Event Management to control and protect from Personal Data Loss, by Koen Maris from Atos Belgium & Luxembourg
• 15.30 : Coffee Break & Networking
• 16.00 : GDPR Compliance Governance (GRC), by Jakob Braun, Expert Governance, Risk & Compliance at RSA (UK)
• 16.30 : Closing reception.
• 17.30 : End of event
For the most recent updates and background information on developments and recommendations on the implications of the GDPR, please visit http://ec.europa.eu/newsroom/just/item-detail.cfm?item_id=50083
Recent clarifications include :
Registration, Event location & Host of the Day:
17 rue Edmond Reuter,
Special Thanks to ATOS Luxemburg and Belgium for co-organizing and hosting this activity
Registration is free of charge for enterprises, upon prior registration via the registration page, take note that seats are limited.
Participation to this event is free of charge. Participants interested in the handouts and presentations of the day will be charged a minor fee (121 €) to accommodate for the handling costs and taxes.LSEC continues to support creating awareness on information security, will try to lower the barrier for ict security professionals. With this mechanism, all attendees have evaluated the value of the presented materials and can easily contribute to the future activities.