Join SCS to for a Virtual Presentation on General Data Protection Regulation

General Data Protection Regulation (GDPR): Are you a Novice or an Expert?

Data Privacy Day (DPD), celebrated annually on January 28, is a world-wide effort to empower people to protect their privacy, control their digital footprint and promote the protection of privacy and data. DPD’s mission is to increase awareness of privacy and data protection issues among consumers, organizations, and government officials, industry, academia, and advocates for consumer privacy efforts. ?The NSHE Information Security Office, in cooperation with the NSHE Information Security Officers Council and the NSHE Information Security Advisory Committee, will host two virtual presentations on the European Union General Data Protection Regulation (GDPR) on January 27 and 28, 2021 from 12:00 to 1:15 PST. CPE credit will be offered for attending one or both the presentations.  Registration is required. The presentations are for anyone who wants to gain a general knowledge of GDPR, or for those who are familiar with it but are looking for a deeper dive.

Can you correctly answer the questions below?

  1. What is GDPR, what and who does it cover, and when did it take effect?
  2. What are the main principles of GDPR?
  3. What are GDPR’s requirements for protection of data?
  4. What is the “Right to Be Forgotten?”
  5. What requirements are required for compliance?

About GDPR
The General Data Protection Regulation (GDPR) is updated data protection legislation for European Union that took effect May 25, 2018. The regulation was developed to provide a set of standardized data protection laws that will make it easier for EU citizens to understand how their personal data is being used, express concerns and complaints and make changes to their information wherever the data may be located.  It introduces provisions such as enhanced accountability, new procedures for handling data breaches and Subject Access Requests (SARs). The rules affect Data Controllers (those who determine why and how data is collected and used) and Data Processors (those who act on behalf of the Controller).

GDPR affects any entity who handles the data of a living individual within the EU and affects all domestic and international businesses operating in the EU, regardless of their size.

Check out the descriptions of the presentations below and be sure to register for one, or both if interested.

GDPR does not apply to me or my department, or does it?
Wednesday, January 27, 12:00-1:15 PM
Not sure if you or your department falls under GDPR?  Join panelists, Joanna Grama, VP for Vantage Technology Consulting Group; Brent Hobby, Campus Guard; and Pegah Parsi, University of California San Diego Privacy Officer, who will provide varied expertise regarding GDPR and its requirements. You will learn the terminology and principles included in GDPR and the steps you can take to become compliant. This presentation is for those who are unfamiliar with, or need a brush up on GDPR, and is recommended for faculty, students and staff who want to gain a general understanding.

Looking for a deeper dive on GDPR?
Thursday, January 28, 12:00 -1:15 PM

Roll up your sleeves and prepare to attend a virtual in-depth presentation and discussion by guest presenter, Jonathan Kimmitt, University of Tulsa Chief Information Security Officer. Jonathan will cover the technical and non-technical aspects of GDPR including what is required to meet compliance including policy, procedures, and technical implementation.  This presentation is geared towards information technology, privacy, compliance, legal, business, and academic professionals who need a deeper understanding of the requirements set forth in GDPR.

Want to learn about GDPR and earn CPE’s at the same time?                    
Each presentation is worth one hour of CPE. You must attend the presentations and participate in the surveys offered at the end of each presentation.  By participating you will receive a certificate validating your CPE.