Auditing the Organization's Compliance with the General Data Protection Regulation (GDPR)
March 20, 2018
1:00–2:00 p.m. ET
Many organizations required to comply with the General Data Protection Regulation (GDPR) are finding they must enhance their existing privacy and data protection-related audit programs to address new regulatory requirements. New requirements associated with the GDPR such broader requirements for privacy notice and consent, the right to be forgotten along with requirements to ensure that third party suppliers are GDPR-compliance create challenges relating to prioritization. Using a case study format, the presenter will share a sample audit plan that addresses the requirements of the GDPR while leveraging data protection impact assessments and privacy by design.
In this session, participants will:
- Learn about the key principles associated with the GDPR.
- See a sample audit plan presented to you in a case study format.
- Find out how data protection impact assessments and privacy by design can support the creation of a broad understanding of the organization’s compliance with the GDPR.
Course Duration: 1 hour
CPEs Available: 1
Knowledge Level: Basic
Field of Study: Auditing
Advance Preparation: None
Delivery Method: Group Internet-based
Managing Director, Crowe Horwath
Dr. Hrubey is a managing director in Crowe’s Risk practice with business experiences in innovation-based organizations spanning from research and development through commercialization. She assists clients around the world in the area of privacy and data protection by assessing the current state of data protection, supporting the construction of robust privacy and data protection programs, and by assisting organizations with the design and implementation of internal assurance programs that support compliance with complex regulatory requirements such as the General Data Protection Regulation. Prior to joining Crowe, Dr. Hrubey’s experiences includes global leadership positions in a top 15 global pharmaceutical company including responsibilities in enterprise risk management, ethics and compliance, global privacy and data protection, clinical data management, medical communications, and human resources development and support.