GDPR: Less than 100 days to go – A roundtable for General Counsel and COLPs in professional services firms
- 21 February 2018
- 12.30 until 2.00pm (registration and lunch provided from 12.00pm)
- 5 Chancery Lane, London, EC4A 1BL
- Entry: Free
Submit your details to request event materials
25 May 2018 is a date etched on the brain as the deadline for GDPR readiness. Last year we brought together General Counsel, COLPs and Risk Professionals to discuss some of the issues which professional service firms were facing in relation to their own compliance programmes as they got under way.
Our latest lunch session will be an open forum (which we will chair) to raise issues and questions around GDPR for the whole group to discuss. Potential issues for discussion include:
- Transparency requirements - do you have to tell the opponent or the client’s data subject you are processing their data or are there relevant exemptions to the need to do so, if so, how broad are they under GDPR and the UK Data Protection Bill?
- Whether there is a legal basis for transfer outside the EEA of the client’s data subjects personal data in certain common scenarios in which professional services act
- How should firms react to commercial pressure from their clients to sign up to “processor style” agreements? How are client’s reacting when we respond to say professional services firms often act as a controller? And what amendments are necessary to terms of engagement and privacy notices as a result?
- Whether it is advantageous to seek to orchestrate who your lead regulator is a “benign” one… is anyone trying to do this?
We invite you to raise other issues you have encountered on the day or to send a note of them in advance to firstname.lastname@example.org so that we can ensure we allow enough time for discussion.
Please note this is a roundtable exclusively for General Counsel, COLPs and Risk Professionals within Professional Services firms (including law firms, accountancy firms, management consultancies, architects and surveyors).
The General Data Protection Regulation (GDPR) came into force on 25 May 2018.