Cyber risks are constantly evolving, but the General Data Protection Regulation (GDPR) adds a new complication to a company’s incident response procedure. Notice within a 72-hour time frame to the appropriate Data Protection Authorities.
Please join us for a mock crisis conference call of a client with data in the US and EU. We will explore the practical legal and risk-based decision making around notifying a data security incident within the facts of a mock incident intake call. Our coordinated team of US and EU lawyers will explore topics such as:
- Deciding to notify or not to notify, how has the risk calculus changed?
- How do you operationalize GDPR within existing incident response plans?
- What is the depth of content required within the 72-hour notice to DPAs?
- How will quick notice timeframe in the EU, impact the US breach analysis?
- How should a regulatory notification be timed alongside notification to other stakeholders?
Thursday, July 12, 2018
Click here to register.
Brandon Graves Counsel, Davis Wright Tremaine
Ashley Hurst International Sector Leader, Digital Business / Partner, UK, Osborne Clarke
Amy Mushahwar Partner, Davis Wright Tremaine
Charlie Wedin Partner, UK, Osborne Clarke
Contact Joshua Dyer with questions.