Co-presenter, "Want to Play a GDPR Breach Notice War Game?" Davis Wright Tremaine Webinar

Cyber risks are constantly evolving, but the General Data Protection Regulation (GDPR) adds a new complication to a company’s incident response procedure: Notice within a 72-hour time frame to the appropriate Data Protection Authorities.

To illustrate this, we hosted a mock crisis conference call of a client with data in the U.S. and EU. We explored the practical legal and risk-based decision making around notifying a data security incident within the facts of a mock incident intake call.

Our coordinated team of U.S. and EU lawyers covered topics that included:

• Deciding to notify or not to notify: how has the risk calculus changed?
• How do you operationalize GDPR within existing incident response plans?
• What is the depth of content required within the 72-hour notice to DPAs?
• How will quick notice timeframe in the EU impact the U.S. breach analysis?
• How should a regulatory notification be timed alongside notification to other stakeholders?

View the webinar.

Listen to the webinar.