Busi­ness Brunch – data pro­tec­tion update

Cur­rent requi­re­ments and recom­men­ded actions for businesses

One year of the GDPR being appli­ed in prac­ti­ce is now behind us. But, after the hasty ad-hoc mea­su­res which were taken in 2018, many com­pa­nies are now in the pro­cess of ful­ly imple­men­ting the GDPR’s requi­re­ments. In addi­ti­on, the first court decis­i­ons were issued last year and offi­ci­al audits are also beco­ming incre­asing­ly com­mon. 2019 is alre­a­dy been cal­led the “year of the audits.”

In prac­ti­ce, pro­ces­sors are now incre­asing­ly con­fron­ting ques­ti­ons rela­ting to the appli­ca­ti­on and imple­men­ta­ti­on of their sta­tu­to­ry duties. To a lar­ge ext­ent, howe­ver, it is still unclear how the sta­tu­to­ry requi­re­ments can best be implemented:

• What pro­ce­du­re should be fol­lo­wed in the event of inqui­ries from data sub­jects (e.g. requests for infor­ma­ti­on or era­su­re)? Which data should be sur­ren­de­red to the data subject?
• How can pro­ces­sors ensu­re docu­men­ta­ti­on of lawful data pro­ces­sing in accordance with the GDPR’s requirements?
• How should pro­ces­sors respond to a data breach and when does the 72-hour report­ing peri­od expire?
• Which decis­i­ons by Ger­man and inter­na­tio­nal courts are par­ti­cu­lar­ly rele­vant in practice?
• What should be kept in mind, from a data pro­tec­tion per­spec­ti­ve, with regard to the use of online apps and social media profiles?
• The­se ques­ti­ons, and the ans­wers from our con­sul­ting prac­ti­ce, will be the focus of our busi­ness brunch on 13 Sep­tem­ber 2019 in Nurem­berg. We very much look for­ward to the par­ti­ci­pa­ti­on and assis­tance of Ms. Kris­tin Bene­dikt, head of Divi­si­on 3 of the Data Pro­tec­tion Aut­ho­ri­ty of Bavaria.

Ms. Bene­dikt will pro­vi­de us with an over­view of audits and pro­ce­du­res of the super­vi­so­ry aut­ho­ri­ties, as well as new gui­de­lines and opi­ni­ons, par­ti­cu­lar­ly with regard to inter­net and social media. Ms. Bene­dikt will also dis­cuss recent court rulings, which will sure­ly include online track­ing, Face­book fan pages and social plug-ins.