Events , General Data Protection Regulation (GDPR) , Standards, Regulations & Compliance

Tackling Liability under GDPR

Tackling Liability under GDPR

Recently, it was announced that British Airways is to be fined more than £183m by the UK Information Commissioner's Office (ICO) after hackers stole the personal data of half a million of the airline's customers. According to ICO, such data breach, which began in June 2018, occurred because British Airways had "poor security arrangements" in place to protect customer information being accessed.

As a controller we are not in control over the cloud service provider's (IT) environment and we must rely upon (IT) controls that the provider has in place. Such arrangements must be governed by a contract or other legal act under Union or Member State law, namely by a data processing agreement (DPA) which shall include the appropriate security measures to be implemented by the processor.

In this session, we will look into: particularities and challenges of a DPA when negotiating the appropriate organizational and security measures to be implemented, including their scope, assessment and enforcement during the term of such arrangement as a way of managing the risk of liability towards the individuals and before the data protection authorities.

Webinar Registration

Premium Members Only

OnDemand access to this webinar is restricted to Premium Members.

Join Now to Access
Have an account? Sign in.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.