Cyber risks are constantly evolving, but the General Data Protection Regulation (GDPR) adds a new complication to a company’s incident response procedure. Notice within a 72-hour time frame to the appropriate Data Protection Authorities.

Please join us for a mock crisis conference call of a client with data in the US and EU. We will explore the practical legal and risk-based decision making around notifying a data security incident within the facts of a mock incident intake call. Our coordinated team of US and EU lawyers will explore topics such as:

  • Deciding to notify or not to notify, how has the risk calculus changed?
  • How do you operationalize GDPR within existing incident response plans?
  • What is the depth of content required within the 72-hour notice to DPAs?
  • How will quick notice timeframe in the EU, impact the US breach analysis?
  • How should a regulatory notification be timed alongside notification to other stakeholders?

Thursday, July 12, 2018
Click here to register.

Brandon Graves Counsel, Davis Wright Tremaine
Ashley Hurst International Sector Leader, Digital Business / Partner, UK, Osborne Clarke
Amy Mushahwar Partner, Davis Wright Tremaine
Charlie Wedin Partner, UK, Osborne Clarke

Contact Joshua Dyer with questions.