GDPR in a Nutshell

Combined Session

Wednesday, May 10, 2017 11:00—12:00

Location: AMMERSEE I

In January 2016, the European Commission had passed the GDPR, which will take effect in May 2018. One of the main purposes is to harmonize European Data Protection law. The new regulation will automatically take effect, without any need for ratification by local governments. The impact of the GDPR will be strong and it is time now to define a "roadmap for compliance". In this talk, KuppingerCole´s Legal Analyst Dr. Karsten Kinast, LL.M will explain the core components of GDPR and discuss with you those areas, where your organization will be affected.

Key Takeaways:

Territorial Scope: Who falls under GDPR jurisdiction? Why is it a topic for non-EU organizations?
What exactly does "Privacy-by-Design" mean and how has it to be implemented?
Privacy Impact Assessment (PIA)
The Right to be Forgotten and its impact on your Data Model

Presentation deck

Executive Brief: Introducing the EU-General Data Protection Regulation (GDPR)

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.

Dr. Karsten Kinast

KuppingerCole

Dr. Karsten Kinast, LL.M., Attorney at Law (Germany), is founding Partner of the Law Firm “Kinast & Partner” with an exclusive focus on Data Protection Law and IT-Law. He holds a...

Read Bio

The EU GDPR presents several stringent requirements for processors, especially in a cloud environment. Those requirements include identifying the categories of privacy data, the risks and the controls, and the audit capability. This keynote will include a discussion of how to prepare for this, and a discussion of the current NIST research into an audit language that can be utilized by cloud providers that is being planned to meet the audit requirements.

Key Takeaways:

An understanding of the requirements for processors and cloud environments.
An understanding of the controls needed to meet the requirements.
An understanding of the NIST research work around auditing in a cloud environment, and what's next.

Presentation deck

How to Meet the EU General Data Protection Regulation Processor and Cloud Requirements

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.

Harvey Nusz

Privacy & Security Expert

Harvey Nusz, CIPM, CISSP, CISA, CRISC, is an independent Privacy, Security, GRC, and Audit professional focusing now on assisting companies in preparing for the EU GDPR, and in the various core...

Read Bio