In these sessions, we tackled several challenges of implementing this Regulation in your IT sourcing approach by means of concrete examples and case studies. We focused on the allocation of GDPR responsibilities between your company and its IT providers, new rights for data subjects, security, high risk processing, and how to retrofit this all in your existing IT contracts and big data policies.
All the sessions took place on a Friday during lunch time.
In our sessions:
- We identified GDPR related challenges in IT contracts and defined a check list of the main issues to be addressed to align in that respect, e.g. accommodating allocation of responsibilities, sub-processing, data subject rights, data transfer, data portability and auditability.
- We focused on legal solutions: how to build the proper legal clauses and regimes in your IT service contracts.
- We focused on the GDPR implications for your big data projects, such as purpose limitation, data minimization, data subject rights, automated decision making etc. What do they mean concretely and how to accommodate them in your big data policies.
- We focused on what GDPR requires in terms of IT security and how you should deal with data breaches.
- Our last GDPR topic was a wild card topic, which was chosen based on the preferences expressed by the participants of the prior sessions. The subject of this session, “Electronics and Privacy”, was a combination of two chosen wild card topics dealing with privacy and electronics. On the one hand, we handled the current regulatory framework applicable to electronic communications and the practical consequencesthereof. As part of this topic we also discussed the upcoming ePrivacy Regulation, a counterpart of the GDPR. On the other hand, we highlighted relevant privacy considerations regarding new electronic technologies, such as artificial intelligence, blockchain and virtual reality.
Our teams share their best practices and discuss their insights with you. They draw on their first-hand expertise in this field, as well as on their extensive experience. Each session was opened and moderated by Erik Valgaeren, head of the TMT practice.