This in-depth training course will provide an administrative, legal, and technical overview of the Privacy and Security Legal Landscape, with operational tools to address the changing regulatory and legal landscape. Attendees qualify for 5 CPE credits.

The three sessions will include hands-on exercises to demonstrate the best approach to the dynamic legal requirements in the cyber and privacy space. The sessions will involve a deep dive into the requirements of the Federal Trade Commission (FTC), California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the New York SHIELD Act, and the European Union’s General Data Protection Regulation (GDPR), as well as standards including the NIST Privacy Standard and the ISO Privacy Standards.

Session 1 – Trends in the Law: An Overview of the Domestic Regulatory and Legal Landscape
June 18, 2021 | 1:00 - 2:30 p.m. EDT

The U.S. legal framework for data security and privacy continues to evolve. Trying to stay abreast of the ever-evolving technologies and legal requirements can be overwhelming. In the past year, State and Federal regulatory changes have altered the legal and compliance obligations of many companies across a wide variety of industries. Additionally, the courts are starting to issue opinions that have placed heightened liability on companies to protect sensitive personal data.

This session will provide an overview of key regulatory and legal changes, both at the State and Federal level, and discuss how companies should prepare to meet these evolving obligations. We will break down the requirements of key regulations, including the GDPR and the CCPA, providing insight into key aspects of the laws. Additionally, this session will discuss the impact of recent court decisions on privacy and security liability.

Session 2 – Risk Transference: Developing a Security & Privacy Program to Address Compliance Requirements
June 22, 2021 | 1:00 - 2:30 p.m. EDT

In the current patchwork approach to data security and privacy legal requirements, it can be challenging for a business to create a comprehensive privacy and security program that complies with the various (and sometimes conflicting) legal requirements while also fitting organically within your business. Building solutions that can be easily shifted to meet new and evolving legal requirements is key.

This session will provide a detailed explanation of core components of a security and privacy program, methods to ensure that the program can be altered to fit new requirements as they come into place, and how to transfer risk when possible. The session will include a discussion on Written Information Security Policies, Departmental and Employee Policies, Risk Management Programs, Client Contract Management Programs, Incident/Breach Response Programs, and training.

Session 3 – Data Subject Rights: Complying Across Regulatory Frameworks
June 24, 2021 | 1:00 - 2:30 p.m. EDT

Data subjects have numerous rights under data protection regulations, including the CCPA and GDPR. Being able to address those rights effectively and efficiently in the appropriate time frame and manner is a key element to compliance with those regulations. In this session, we will demonstrate how an organization can integrate administrative and technical controls to address Data Subject requests. Providing a hands-on approach, participants will walk through several data subject requests and work through the administrative and technical mechanisms to address those requests.

Location and cost:

These three 90-minute sessions will be conducted live using the Zoom platform. You may take this course on the live dates or by viewing the on-demand recordings.

Course price: $250 US

Registration includes all three parts and access to the on-demand recording for one year for one user. Group rates are available.

speaker photo
Instructor: Jordan Fischer
Leader, Global Privacy Practice Group, Beckage, PLLC

Jordan L. Fischer, Esq. is the Global Privacy Practice Group leader at Beckage, PLLC, a seasoned team of lawyers focused on data security, data privacy, and technology law. She focuses her practice on international data privacy, cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations, the GDPR, and the CCPA. Jordan brings extensive experience in the intersection of law and technology to counsel global companies to create legal solutions. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University and a Cybersecurity Lecturer at UC Berkeley, School of Information.