The General Data Protection Regulation: Key Requirements and Compliance Steps for 2018

Enforceable in all EU member states on 25 May 2018, the General Data Privacy Regulation will require action by organisations both inside and outside the European Union to ensure compliance with this far-reaching privacy legal framework. Compliance is even more urgent given that the GDPR provides for large penalties in cases of infringement. As some entities are not yet aware of the extent to which GDPR may be applicable to them, the GDPR expressly applies to organisations established outside the European Union that offer paid or free goods or services to EU data subjects or monitor EU data subjects’ behaviour.

Within this article, we review steps for a risk based, prioritization approach to GDPR compliance and how companies can adjust their policies and practices on a pragmatic basis to help ensure compliance.

Continue reading.

Jared T. Nelson






Leon C.G. Liu






Michael G. Morgan
Michael Morgan is a leader of the Firm’s Global Privacy and Cybersecurity practice. Recognized as one of the nation’s leading lawyers in cyber incident response, Mike has guided clients through some of the largest and most complex data breaches, including state-sponsored attacks, breaches involving more than 50 million records, and incidents affecting persons in more than 100 countries around the world. He represents clients in the defense of breach-related government investigations and class action litigation as well as pre-breach planning and post-breach remediation. Read Michael Morgan's full bio.


Mark E. Schreiber
Mark E. Schreiber focuses his practice on cybersecurity, data breach response and global privacy coordination. He advises entities facing cross-border data protection, Privacy Shield and related issues, strategic decisions, and investigations. Mark has led numerous multi-national and cross-border matters, including those involving data breaches, and has advised senior management, boards, and special board committees on a variety of investigations, including data breach prevention and response. Mark is a leader of the Firm’s Global Privacy and Cybersecurity practice. Read Mark Schreiber's full bio.


Paul McGrath
Paul McGrath advises clients across a broad range of industry sectors in all areas of contentious and non-contentious UK employment law. His practice covers all aspects of UK employment legislation and day-to-day employment matters, including appointments and terminations, employment status and worker classification issues, employee handbooks and policies, employee data privacy, disciplinary and grievance issues, and restructuring and redundancy exercises. Read Paul McGrath's full bio.


Romain Perray
Romain Perray has extensive experience in data privacy and data protection law, and lectures on these subjects in Master of Law classes at the University of Paris-I Panthéon-Sorbonne, the University of Paris-II Panthéon-Assas and the University of Paris V Descartes. He advises on the full range of data protection and data security for clients in life sciences, automotive, insurance, e-commerce, leisure, social networks and even the public sector, especially in the context of smart cities projects. Read Romain Perray's full bio.


Sabine Naugès






Dr. Wolfgang Freiherr Raitz von Frentz






McDermott Will & Emery



STAY CONNECTED

TOPICS

ARCHIVES

2021 Chambers USA top ranked firm
U.S. News Law Firm of the Year 2022 Health Care Law
LEgal 500 EMEA top tier firm 2021
legal 500 usa top tier firm 2021