Controllers have new data protection obligations under the GDPR. Also, in a change from previous legislation, processors now have statutory obligations in their own right under the GDPR. Individuals and supervisory authorities (such as the ICO) can hold both controllers and processors to account if they fail to comply with their responsibilities under the GDPR.
As most will now know, the GDPR has dramatically increased the onus on organisations to take a proactive approach to effective data governance and reduce their exposure to Legal Governance, Risk and Compliance (Legal GRC) challenges. The monetary penalties for failure to comply with data protection are potentially severe. The reputational damage can fold businesses.
So, how can organisations successfully manage their data processors and their regulatory obligations under the GDPR? Exterro were joined by Judy Krieg (Partner at Fieldfisher) and Ainhoa Gonzalez (DPO and Privacy Counsel at GVC Holdings) to explore the ongoing challenges to overcome in managing data processors to maintain regulatory compliance, mitigate risk, and demonstrate a defensible position if your data processors suffer a breach.
Some of the key topics discussed included:
- Considerations when reviewing or selecting data processors
- Key challenges when managing data processors
- Practical tips and technologies for establishing compliance and mitigating risk from data processors
The webinar panel was hosted by Data Protection World Forum. The on-demand video replay can be viewed by following the link below: