General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
The European Union’s General Data Protection Regulation (GDPR) has created a fundamental shift in the way that companies think about collecting, using, storing, and sharing data.  The long reach of GDPR has the potential to affect companies on a global scale, no matter where they are located, as the GDPR is designed to follow the data.
Kelley Drye’s attorneys have worked extensively with clients to ensure that they are prepared for the new Regulation.  We offer a unique regulatory perspective developed from years of advising companies across many industries on data privacy and protection, marketing, and cybersecurity matters.  This broader cross-disciplinary approach facilitates our ability to offer strategies and solutions that meaningfully address compliance objectives while remaining practical.

Our GDPR experience includes broad-based counseling on all aspects of the Regulation, including advice to companies on whether the Regulation applies to a particular business, privacy policy revisions, data processing agreements, a lawful basis analysis, marketing and cookie consents, appointment of a data protection officer, lawful data transfer mechanisms (and corresponding implementation), and data subject requests, among other issues.

We also work closely with clients to perform data mapping across the enterprise to efficiently identify the data collection practices for customer and employee data, including how that data is managed, stored, and transferred within and outside the organization, and throughout the data lifecycle.  We use this information to conduct a gap analysis and to develop a prioritized, risk-based plan for addressing obligations.  We also assist clients in performing privacy impact assessments and related compliance audits and due diligence reviews.  In short, we work with our clients to help design, right-size, and update their GDPR programs so that they are reflective of the latest guidance and industry benchmarks.

Our experience also includes preparing GDPR-oriented policies and procedures, negotiating GDPR contract materials, and handling all aspects of security incident response.

Our clients also appreciate our support and advice in determining whether a regional or global approach to privacy and data protection is optimal, given the nature of their data practices.

Our relevant clients include retailers, publishers, technology providers and platforms, software developers, financial service companies, cloud providers, entertainment companies, among other industries.
 
 
 

Overview

The European Union’s General Data Protection Regulation (GDPR) has created a fundamental shift in the way that companies think about collecting, using, storing, and sharing data.  The long reach of GDPR has the potential to affect companies on a global scale, no matter where they are located, as the GDPR is designed to follow the data.
Kelley Drye’s attorneys have worked extensively with clients to ensure that they are prepared for the new Regulation.  We offer a unique regulatory perspective developed from years of advising companies across many industries on data privacy and protection, marketing, and cybersecurity matters.  This broader cross-disciplinary approach facilitates our ability to offer strategies and solutions that meaningfully address compliance objectives while remaining practical.

Our GDPR experience includes broad-based counseling on all aspects of the Regulation, including advice to companies on whether the Regulation applies to a particular business, privacy policy revisions, data processing agreements, a lawful basis analysis, marketing and cookie consents, appointment of a data protection officer, lawful data transfer mechanisms (and corresponding implementation), and data subject requests, among other issues.

We also work closely with clients to perform data mapping across the enterprise to efficiently identify the data collection practices for customer and employee data, including how that data is managed, stored, and transferred within and outside the organization, and throughout the data lifecycle.  We use this information to conduct a gap analysis and to develop a prioritized, risk-based plan for addressing obligations.  We also assist clients in performing privacy impact assessments and related compliance audits and due diligence reviews.  In short, we work with our clients to help design, right-size, and update their GDPR programs so that they are reflective of the latest guidance and industry benchmarks.

Our experience also includes preparing GDPR-oriented policies and procedures, negotiating GDPR contract materials, and handling all aspects of security incident response.

Our clients also appreciate our support and advice in determining whether a regional or global approach to privacy and data protection is optimal, given the nature of their data practices.

Our relevant clients include retailers, publishers, technology providers and platforms, software developers, financial service companies, cloud providers, entertainment companies, among other industries.
 
Partner
Email (202) 342-8603(202) 342-8603
Alysa Hutnik chairs the firm’s Privacy and Information Security practice and delivers comprehensive expertise in all areas of privacy, data security and advertising law.  Her experience ...
Partner
Email (202) 342-8588(202) 342-8588
Dana Rosenfeld is a member of the firm’s Executive Committee and past chair of the firm’s Privacy and Information Security practice.  A former assistant director of the Federal Tra...
Senior Associate
Email (202) 342-8557(202) 342-8557
Katie Townley is a senior associate in the firm’s Washington, D.C. office. Her practice focuses on advertising and marketing, privacy and information security, product safety, and other consu...
Associate
Email (202) 342-8620(202) 342-8620
Khouryanna DiPrima is an associate in the Advertising and Marketing and Privacy and Information Security practice groups.  Khouryanna’s practice focuses on advertising and marketing, pri...
Associate
Email (202) 342-8634(202) 342-8634
Alexander Schneider specializes in information privacy and security, advertising and marketing, and consumer protection law.  He focuses on providing clients with practical legal advice on com...

Publications

October 15, 2019 | Newsletters
October 1, 2019 | Newsletters
September 28, 2019 | Newsletters
August 28, 2019 | Newsletters