Course Title

GDPR: Breach Notification and Penalties

Course Description

This course is approved for continuing legal education (CLE) credit in CA, CT, NJ, and NY: 2.0 CLE credits for CA. Please check with your local bar association for reciprocal state credit. Reporting requirements vary by state and we recommend that you check with your state's bar association for their guidelines on reporting requirements.

On May 25, 2018, the European Union's General Data Protection Regulation (GDPR) went into effect. The GDPR is, arguably, the most significant legislation pertaining to the protection of privacy and personal information and, with its reach outside of the EU, will impact business entities on a global scale. This course focuses on the GDPR's breach notification requirements for data controllers and data processors, including reporting and record-keeping requirements. This course also examines the decision-making process (i.e., the role of, and interactions with, supervisory authorities) and the types of fines and penalties for non-compliance with the GDPR.

Learning Objectives

• You will understand the breach notification requirements for both data controllers and data processors.

• You will understand the role of the supervisory authority in the breach notification process and the requirements for data controllers and data processors in dealing with same.

• You will understand the types of fines and penalties for non-compliance with the GDPR and know the factors considered by the supervisory authority in determining the appropriate punishment, if any, under the GDPR.