Business Brunch - data protection update
Current requirements and recommended actions for businesses
One year of the GDPR being applied in practice is now behind us. But, after the hasty ad-hoc measures which were taken in 2018, many companies are now in the process of fully implementing the GDPR's requirements. In addition, the first court decisions were issued last year and official audits are also becoming increasingly common. 2019 is already been called the "year of the audits."
In practice, processors are now increasingly confronting questions relating to the application and implementation of their statutory duties. To a large extent, however, it is still unclear how the statutory requirements can best be implemented:
- What procedure should be followed in the event of inquiries from data subjects (e.g. requests for information or erasure)? Which data should be surrendered to the data subject?
- How can processors ensure documentation of lawful data processing in accordance with the GDPR's requirements?
- How should processors respond to a data breach and when does the 72-hour reporting period expire?
- Which decisions by German and international courts are particularly relevant in practice?
- What should be kept in mind, from a data protection perspective, with regard to the use of online apps and social media profiles?
- These questions, and the answers from our consulting practice, will be the focus of our business brunch on 13 September 2019 in Nuremberg. We very much look forward to the participation and assistance of Ms. Kristin Benedikt, head of Division 3 of the Data Protection Authority of Bavaria.
Ms. Benedikt will provide us with an overview of audits and procedures of the supervisory authorities, as well as new guidelines and opinions, particularly with regard to internet and social media. Ms. Benedikt will also discuss recent court rulings, which will surely include online tracking, Facebook fan pages and social plug-ins.