Data protection and data breach notification are no longer a media relations issue or opportunistic PR choice: It is law, with fines amounting up to 4% of the organization’s worldwide turnover. Not complying to the EU General Data Protection Regulation (GDPR) can lead to a financial drain equal to breaking EU Competition Law; a devastating amount for any business! The GDPR will affect almost every business that collects or handles the personal data of any European citizen. The legislation is welcome news for consumers who will get more say over how their data is handled, rights to be forgotten and transparency of data breaches. For organizations, the far-reaching nature of the GDPR means every aspect of a business will feel its impact and, in places, entire processes will need to be replaced or set up from scratch. GDPR covers a wide range of issues relating to personal data, such as privacy, monitoring and security. It compels businesses to apply privacy by design, disclose personal data breaches within 72 hours and encrypt the data they hold.
LSEC GDPR Activities : Putting Data Protection in Practice, GDPR 2016-2018
The EU General Data Protection Regulation is the most important change in data privacy regulation in 20 years…and we're here to make sure you're prepared ! Our aim is to provide at least 5 sessions where different aspects of the GDPR implementation will be investigated in depth, on the basis of the legal principles, experiences on implementation and indication which tools might be supportive of these implementations. The seminars are oriented towards DPO’s & other privacy officers, CISO’s, CIO’s, legal counsel, compliance officers, tax & audit, Company Directors, Business and Technology Managers, business people who should be involved in the data protection of their customers and partners. It is a unique combination of regulatory requirements, business impact and challenges for practice that we are focusing on, a difference from either the pure legal or technology perspectives.
In this comprehensive Luxemburg Session, we will condense some of the basics putting the perspective, with indications of current challenges and opportunities, but NOT ONLY from a LEGAL perspective, best practices in implementing, and ideas on how to practically manage, setting the scene to Plan, Prepare and Change. Planning includes, preparing activities for internal awareness, top management, legal, but also operations and ict security. It includes starting to organize team meetings with product development and marketeers. Prepare includes to organize DPIA's, start investingating where your personal data records are being kept and if a DPO needs to be hired, how to get organized. It also includes documentating the various steps and preparing for additional activities such as improving security measures, policies and technologies. Change will execute on these development tasks and organizing change actions within the organizations to ensure employees and partners include personal data protection attitudes and to ensure that everybody knows the DPO.
Condensed Day Luxemburg : GDPR - PLAN to be Ready, PREPARE to Set, CHANGE to Go
LSEC is organizing various activities and in depth seminars on GDPR development, but has worked together with ATOS Luxemburg to organize a one day session in 2017 bringing the most important learnings in a condensed way.
• 08.45 : welcome & registration, networking
• 09.30 : introduction & agenda setting by Ulrich Seldeslachts, LSEC, chairman of the day
During this introduction, Ulrich will outline the LSEC activities in relation to data protection and the interest for the association of ICT security companies and practitioners in being involved. Ulrich will be chair of the day, and as the moderator throughout the day, aiming to learn from the panels in order to provide guidance to both practitioners and advisory throughout 2017.
• 09.45 : introducing data protection & GDPR, identifying key challenges
Ulrich Seldeslachts, LSE
• 10.25 : data protection & privacy from theory to practice, data protection in a business setting
Koen Maris, ATOS
• 11.25 : GDPR & data protection from a legal perspective, and seizing business opportunities
Renaud Le Squeren, DSM Avocats
• 12.00 : Practitioners panel discussion : clarifying key challenges for DPO's and other data protection coordinators
• 13.00 : lunch
• 14.00 : GDPR practical implementation & integration : Technology Practioners Showcases - Data Discovery
• 14.30 : GDPR with legacy systems : Technology Practitioners Showcases
Orban de Xivry, Rever
• 15.00 : Technology Practitioners Showcases : Utilising Security Information & Event Management to control and protect from Personal Data Loss
TBC, ATOS SIEM Solutions
• 15.30 : GDPR Compliance Management Methodology
TBC, Deloitte Luxemburg
• 16.00 : Coffee Break & Networking
• 16.30 : Technology Practitioners Showcases : Data Protection Technologies:
GDPR: an opportunity for Security Transformation, by Maurice Cashman, Director, Enterprise Architects at McAfee
• 17.00 : Technology Practitioners Showcases : GDPR Compliance Governance (GRC)
TBC, RSA - EMC - Dell
• 17.45 : Closing Notes
• 18.30 : Closing reception.
• 19.30 : End of event
For the most recent updates and background information on developments and recommendations on the implications of the GDPR, please visit http://ec.europa.eu/newsroom/just/item-detail.cfm?item_id=50083
Recent clarifications include :
Participation to this event is free of charge. Participants interested in the handouts and presentations of the day will be charged a minor fee (121 €) to accommodate for the handling costs and taxes.LSEC continues to support creating awareness on information security, will try to lower the barrier for ict security professionals. With this mechanism, all attendees have evaluated the value of the presented materials and can easily contribute to the future activities.
Event location & Host of the Day: Microsoft Luxemburg
Special Thanks to ATOS Luxemburg and Belgium for co-organizing this activity and Microsoft for hosting at their facilities.
Registration is free of charge for enterprises, upon prior registration via the registration page, take note that seats are limited.