GDPR in a Nutshell

  • TYPE: Combined Session DATE: Wednesday, May 10, 2017 TIME: 11:00-12:00 LOCATION: AMMERSEE I


In January 2016, the European Commission had passed the GDPR, which will take effect in May 2018. One of the main purposes is to harmonize European Data Protection law. The new regulation will automatically take effect, without any need for ratification by local governments. The impact of the GDPR will be strong and it is time now to define a "roadmap for compliance".  In this talk, KuppingerCole´s Legal Analyst Dr. Karsten Kinast, LL.M will explain the core components of GDPR and discuss with you those areas, where your organization will be affected.

Key Takeaways:

  • Territorial Scope: Who falls under GDPR jurisdiction? Why is it a topic for non-EU organizations?
  • What exactly does "Privacy-by-Design" mean and how has it to be implemented?
  • Privacy Impact Assessment (PIA)
  • The Right to be Forgotten and its impact on your Data Model


Dr. Karsten Kinast, LL.M., Attorney at Law (Germany), is founding Partner of the Law Firm “Kinast & Partner” with an exclusive focus on Data Protection Law and IT-Law. He holds a Master of Laws Degree in European Legal Informatics and  serves as external Data Protection...

The EU GDPR presents several stringent requirements for processors, especially in a cloud environment. Those requirements include identifying the categories of privacy data, the risks and the controls, and the audit capability. This keynote will include a discussion of how to prepare for this, and a discussion of the current NIST research into an audit language that can be utilized by cloud providers that is being planned to meet the audit requirements.

Key Takeaways:

  • An understanding of the requirements for processors and cloud environments.
  • An understanding of the controls needed to meet the requirements.
  • An understanding of the NIST research work around auditing in a cloud environment, and what's next.


Harvey Nusz, CIPM, CISSP, CISA, CRISC, is an independent Privacy, Security, GRC, and Audit professional focusing now on assisting companies in preparing for the EU GDPR, and in the various core competencies needed to achieve compliance by May 25, 2018, and to maintain and prove compliance upon...

Log in to download presentations:  


Session Links

Munich, Germany


European Identity & Cloud Conference 2017

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 09 - 12, 2017 Munich, Germany