Kenia Rincon, Flora Garcia, Mary-Elizabeth Hadley

Everything Has Changed. The 72-hour requirement to notify Supervisory Authorities in the EU under the GDPR changed the game and timing on how companies  organize and coordinated for incident investigation and response. Similarly, the CCPA is changing the game for companies who now have a formal “duty to implement and maintain reasonable security procedures and practices” and who must be able to demonstrate fulfilling these obligations to mitigate the risk for post-breach class actions under the CCPA.  This session will discuss how to practically apply existing guidance and common practices to enhance incident response and cyber/security programs.


Kenia Rincon, Privacy and Cybersecurity Director, Fenwick & West (moderator)
Flora Garcia, Global Chief Privacy Officer, McAfee
Mary-Elizabeth Hadley, Lead Counsel, Privacy, Facebook


Flora Garcia
Flora Garcia

Global Chief Privacy Officer

Kenia Rincón

Privacy and Cybersecurity Director
Fenwick & West

Mary Elizabeth Hadley
Mary-Elizabeth Hadley

Lead Privacy Counsel