Home
Use our global calendar of privacy events to locate an event near you.
FILTER BY
As the first anniversary of the Privacy Shield agreement approaches over 1500 companies have taken advantage of the new program for transatlantic data compliance. But after Privacy Shield – what’s next?- Cover latest Privacy Shield regulatory updates
- Examine relationship between Privacy Shield, GDPR & other frameworks
- Share how they have leveraged Privacy Shield for other projects
Spots are limited — make sure to register for this webinar to increase the return on privacy shield investment!
*Can’t make the webinar? Register anyway! We’ll send you a followup email with the slides and recording after the webinar!*
TRUSTe Webinar FAQs
Click here for answers to the most commonly asked webinar related questions!
DAVID FOWLER
AMANDA GRATCHNER
Global Privacy Counsel, NAVEX Global
K ROYAL – JD, CIPP/E/US
Senior Privacy Consultant, TRUSTe
IAPP Web Conference:
Introduction to U.S. Privacy Law
Broadcast Date: March 3, 2017
Time: 10:00 – 11:00 am PT, 1:00 – 2:00 pm ET, 6:00 – 7:00 pm GMT
Free for IAPP members and nonmembers
As information privacy attorneys, we frequently hear certain questions from law students and lawyers with an interest in joining our field: What are the sources of privacy law? What does a privacy lawyer do? How do I start? Should I study administrative law? What about international law? And, most importantly, how do I get a job in privacy?
Lawyers who specialize in information privacy enjoy a surprisingly diverse set of career paths. Though many work in law firms, others deploy their expertise within companies, nonprofits, consulting agencies, advocacy groups, and all levels of government. Privacy lawyers ensure compliance with laws and regulations while also enforcing best practices based on broad cultural norms. They tackle policy questions that affect the day-to-day lives of anyone who uses an internet-connected device. And, increasingly, their work has a direct impact on an enormous swathe of the global economy.
Designed for those just starting out in the field of privacy law, this web conference will provide a crash course in the legal foundations of privacy in the U.S. along with practical examples from the daily lives of privacy attorneys. This hour-long webinar will include time for questions and answers and a useful handout with resources for getting started in the privacy profession.
Moderator:
Cobun Keegan, CIPP/US, CIPM, Westin Fellow, IAPP
Panelists:
Ariel Brio, CIPP/US, Privacy and Data Counsel, Sony PlayStation
Arielle Brown, CIPP/US, Associate, Hogan Lovells
Kelsey Finch, CIPP/US, Policy Counsel, Future of Privacy Forum
As an additional, related reference, “Privacy Law Fundamentals 2017″—the classic privacy law desk reference—is now available for pre-order. Get your copy here:
Privacy Law Fundamentals 2017, The Fourth Edition
Eligible CPE credit: CIPP/US and CIPP/G
1.0 CPE credit
| Many privacy officers seem to be under the impression that Article 30 of the General Data Protection Regulation (GDPR) on records of processing activities creates a legal obligation for a data inventory or data mapping. This is not the case. The GDPR replaces current legal obligations that require you to notify and register your processing activities with local DPAs. Under the GDPR you are no longer required to make such notifications but rather are required to maintain a record of all your organisation’s processing activities internally and to make it available to supervisory authorities upon request. So, just like you had an external register, you now need an on-demand internal record.
This webinar starts with a look at the Supervisor Authority perspective and the rationale behind the creation of Article 30. Then, the webinar will discuss how to incent the business to maintain a processing-based inventory that when used in the EU will turn GDPR article 30 reporting into an outcome. Plus, learn the power of focusing on purposes of data processing and hear from one company who has implemented this approach in practice to understand how it betters aligns with business operations and practices and is much easier to scale, update and maintain. Hear also about local Article 30 GDPR guidance, including the Article 30 template guide recently released by the French data protection authority (CNIL), further highlighting that the intention behind the GDPR records of processing requirement. At the end of the webinar, learn how Nymity created an innovative approach to Article 30 compliance as we spend a few minutes to introduce a software solution that makes Article 30 GDPR compliance the responsibility of the business, with support and oversight coming from the Privacy Office/DPO. It is called Nymity SmartPIA™. Registration Link: https://register.gotowebinar.com/register/4745042867954124801 |
| Many privacy officers are under the impression that the GDPR requires organisations to conduct PIAs and that doing so will largely meet their GDPR compliance obligations. This is not the case. The GDPR is an accountability-based regulation and requires organisations to demonstrate compliance with all aspects of the GDPR: over 39 Articles require a technical or organisational measure to demonstrate compliance and Article 35 on data protection impact assessments is only one of them. Furthermore, DPIAs are required in only limited circumstances: when the processing is likely to result in a high risk to the rights and freedoms of natural persons.
In this webinar, learn about Nymity’s latest compliance innovation: an expert system that, when subject to GDPR, enables organisations to leverage their existing accountability mechanisms, meet their obligations under Article 30 (Records of processing activities) and, when DPIA-Triggered™, under Article 35 GDPR (Data Protection Impact Assessments). Understand how the burdensome traditional step of lengthy or incomplete questionnaires is avoided and how the solution enables organisations to carry out more data processing activities with the same data, within the boundaries of the law. In addition, you will learn how this solution provides the business a defensible position of evidenced compliance. In this webinar we will review: 1. The overlap between accountability and traditional PIA frameworks Registration Link: https://attendee.gotowebinar.com/register/3000191581952780545 |
| The EU General Data Protection Regulation (GDPR) is considered a risk-based and accountability regulation. Article 24 (Responsibility of the controller) compels organisations to put in place appropriate technical and organisational measures through policies, procedures and other accountability mechanisms.
Addressing the GDPR accountability obligations early on in your compliance program has significant benefits. Learn to identify existing policies, procedures and other accountability mechanisms that are already providing rules and guidelines for processing personal data in your organisation. Understand how this key step, accomplished early in your GDPR compliance strategy, provides significant benefits by leveraging what is already in place to comply with the GDPR providing the privacy office a running start and early successes. In the webinar, we will also identify how to prioritise creation of new accountability mechanisms to further embed GDPR compliance. Plus, we will show additional benefits such as these accountability mechanisms being repurposed in an Accountability PIA to demonstrate compliance at a project level and repurposed once again to demonstrate compliance at an organizational level. Registration Link: https://register.gotowebinar.com/register/3452361340829179137 |