BarbriSFCourseDetails
  1. keyboard_arrow_leftBack

Course Details

Course Information
  • smart_display Format

    On-Demand

  • signal_cellular_alt Difficulty Level

  • work Practice Area

    Corporate Tax

Date & Time
  • event Date

    Wednesday, April 25, 2018

  • schedule Time

    1:00 PM E.T.

  • timer Program Length

    90 minutes

Credit Information

  • This 90-minute webinar is eligible in most states for 1.5 CLE credits.


  • Live Online


    On Demand

Early Bird Pricing!
MSRP
$247.00
$197.00
Save $50.00

Discount expires 8/29/25

This course is $0 with these passes:

CLE
ALL

This CLE course will discuss the first crucial steps for fund managers, investment advisers, broker-dealers and other participants in the investment fund industry to comply with Europe’s new data protection regulation. The panel will examine contractual revisions and internal governance measures that controllers and processors of personal data should put in place now.

Description

Effective May 25, 2018, the EU General Data Protection Regulation 2016/679 (GDPR) will replace the existing data protection framework, introducing enhanced obligations and substantially higher penalties for noncompliance. The GDPR expands the territorial scope of its data protection regime to include any U.S. companies that maintain personal data on European citizens regardless of whether they have any business operations in Europe.

The GDPR distinguishes between data controllers and service providers. Every entity in the funds industry ecosystem that handles personal data—including fund vehicles, investment managers, transfer agents, trustees, depositaries and administrators—must assess whether they qualify as a controller that exercises control over the processing of personal data, or a processor of personal data on behalf of data controllers.

Counsel must be able to help funds and other market participants assess their policies and practices around transparency, accountability and data governance; review subscription agreements, disclosures, data processing terms in service agreements and other data-related documents; and implement any changes required to ensure compliance with the GDPR before it goes into full force.

Listen as our authoritative panel discusses best practices for compliance with GDPR. The panel will discuss specific revisions that should be made to service contracts, privacy disclosures and other documents, how to adjust internal controls and reporting practices, and other steps to better comply with the new regime.

Outline

  1. GDPR
    1. Changes from previous regulation
    2. Companies with EU personal data are now subject to regulation
    3. Controllers vs. processors of data
    4. Data protection officers
  2. Framework for compliance
    1. Review and update privacy notices
    2. Review legal bases for data processing
    3. Review procedures and policies to comply with data subject rights
    4. Review and update data processing agreements
    5. Assess joint control instances
    6. Develop data breach procedures
    7. Implement data transfer mechanisms

Benefits

The panel will review these and other crucial issues:

  • What are the key features of the new GDPR?
  • How should U.S. investment funds and related businesses determine if they are subject to the GDPR?
  • How do the obligations of data controllers vary from those of data processors?
  • What steps should companies and their counsel take now to ensure compliance with the GDPR?