The privacy compliance landscape is about to change drastically. All U.S. businesses offering goods or services to EU customers will be affected - in all sectors and regardless of whether they have a business presence in the EU.
The newly adopted EU General Data Protection Regulation will require U.S. companies to implement new compliance processes and technologies to manage new recordkeeping obligations, assess privacy impact and protect new rights for individuals, such as the right to be forgotten and the right to data portability. Penalties for non-compliance will be much more severe: up to 4 percent of the worldwide turnover for the most serious failures.
Meanwhile, the U.S.-EU Privacy Shield - intended to replace the invalidated Safe Harbor framework - remains a work in progress. Companies who need to transfer data from the EU face a confusing regulatory landscape.
Join us for a briefing followed by a roundtable discussion with Faegre Baker Daniels lawyers to hear practical guidance on how U.S. companies can prepare to comply