Pepper Hamilton’s Privacy, Security and Data Protection Group is ready to help your company understand its obligations under the GDPR and achieve legal compliance.
The European Union’s General Data Protection Regulation (GDPR) — the biggest change to EU data security laws in two decades — will take effect on May 25, 2018. U.S.-based companies doing business in the EU, marketing to individuals in the EU, or otherwise using personal data from individuals in the EU may be subject to the law. Companies that do not comply with the GDPR face significant fines and penalties, up to 4 percent of annual revenue or €20 million, whichever is greater.
Pepper Hamilton’s Privacy, Security and Data Protection Group is ready to help your company understand its obligations under the GDPR and achieve legal compliance. We provide counseling on each step of the GDPR readiness process, recommending specific action items that are unique to your company.
We help draft new policies, terms, agreements and consents aligned with the GDPR’s specifications, and ensure your company understands their function and purpose. We have experience in data breach procedures, and can assist in developing a compliant data breach notification and response plan. We also provide guidance on your company’s record-keeping requirements, and share best practices in data privacy and security.
Pepper’s GDPR readiness package provides your company with an assessment of the state of its current level of preparation for the new law, and the steps to take to achieve legal and regulatory compliance. In the course of the assessment, our lawyers work with your entire business, including the general counsel, risk management, IT and privacy/ security personnel to: