Mary-Elizabeth Hadley, Rukiye Oygar, Kenia Rincon
Everything Has Changed. The 72-hour requirement to notify Supervisory Authorities in the EU under the GDPR changed the game and timing on how companies organize and coordinated for incident investigation and response. Similarly, the CCPA is changing the game for companies who now have a formal “duty to implement and maintain reasonable security procedures and practices” and who must be able to demonstrate fulfilling these obligations to mitigate the risk for post-breach class actions under the CCPA. This session will discuss how to practically apply existing guidance and common practices to enhance incident response and cyber/security programs.
Mary-Elizabeth Hadley, Lead Privacy Counsel, Facebook
Rukiye Oygar, Senior Counsel, Technology, Privacy and Cybersecurity, WeWork
Kenia Rincon, Privacy and Cybersecurity Director, Fenwick & West (moderator)