In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. This episode is the first of a two-part series where Jonathan Armstrong and myself consider some of the highlights from the first year of GDPR implementation and enforcement. In this Part I we considered some of the enforcement numbers. In this Part II, we discuss some of the substantive issues. Some of the highlights in this episode include:
- Security issues-multiple regulators for large breaches and questions of whether TOMs are adequate.
- 6 Principles of GDPR-highest is around transparency.
- Data Subject Rights are seen as the biggest corporate pain points.
- DPIAs have been embraced by many companies and are seen by regulators as the backbone of a corporate compliance program around data security/data privacy.
- Industry sweeps are beginning to occur.
- Mixed quality of legal advice is hurting many companies in their compliance efforts.
- Some significant cases are headed to trial and then appeal.
- GDPR is here to stay.
For more information on Cordery Compliance, go their website here.
For additional reading see the Cordery Compliance article, “GDPR One Year On”.
Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.