Print this page

GDPR and Privacy in 2021, where are we now?


Recorded:    May 26 | 2021      Watch Now

2021 is set to be an exciting one for privacy protection legislation as several notable privacy laws will begin enforcement, with several others falling in line to the new international standard set by the GDPR.

Even though the General Data Protection Regulation (“GDPR”) became effective on May 25, 2018, its application to U.S.-based employers continues to evolve and increase in complexity. For U.S. employers of European Union (“EU”) residents, renewed concerns have arisen regarding cross-border data transfers, and with meeting GDPR compliance demands. This is particularly important with regard to remote working arrangements, COVID-19 contact tracing, and interaction with global HR data systems.

Join this expert panel webinar and learn how to streamline compliance with global data breach notification regulations to operationalize critical functions at every stage of privacy program maturity. You will also learn:

  • Trends and key observations on the effect of GDPR since inception
  • The impact the GDPR has had on influencing newer regulations, as well as a look into other emerging GDPR-like regulations.
  • How to use risk scoring to determine if a breach requires notification to regulatory authorities and impacted individuals.
  • Strategies for implementing a best-in-class program that addresses all phases of privacy management.
  • How compliance with the GDPR has impacted privacy professionals’ work and our organizations.



colin whittakerColin Whittaker, PCI Industry Alumni, Founder and Director Informed Risk Decisions Ltd. Colin has been instrumental in driving forward a risk and security strategy for payments over the last 15 years since he retired from the military in 2001, and took up the role of Head of Security at APACS. Whilst there he was one of the first people to be elected to the PCI SSC Board of Advisors where he was always keen to try and promote the differences in threat between Europe and UK, and the US. Since that election he hasn't moved far from the PCI domain. In 2010 he moved to Visa Europe and became the Vice President Payment System Risk with responsibilities for designing and operating the Visa Europe PCI compliance strategy for European merchants and service providers. He was also responsible for coordinating Visa Europe's approach to cardholder data breaches in Europe, and for the changes to the Visa Europe Compliance strategy through the creation of the Technology Innovation Programme which gave the very first PCI DSS compliance relief for EMV chip accepting merchants. In 2015 he went independent and currently provides cyber security risk consultancy services to a wide range of public and private companies. Colin has presented on Information Security at major events around the world, and has published a number of papers on security.

colin whittakerPaul Breitbarth is a privacy lawyer from the Netherlands. In 2016, he joined the Canadian privacy software and research company Nymity, which became part of TrustArc in November 2019. He currently serves as Director, EU Policy and Strategy and is based at TrustArc’s office in The Hague, the Netherlands. As part of the Privacy Intelligence team, Paul contributes to the company’s thought leadership via papers, webinars and public speaking opportunities on a variety of topics, including accountability, the demonstration of compliance and dealing with multiple data protection laws with one single privacy program. Paul also maintains regulator contacts across the EU and beyond. Paul is Senior Visiting Fellow and Member of the Board at Maastricht University’s European Centre on Privacy and Cybersecurity. Before joining Nymity, Paul served as senior international officer at the Dutch Data Protection Authority. He was an active member of various Article 29 Working Party subgroups, co-authoring opinions on the data protection reform, national security and surveillance, the Privacy Shield and others. In 2015, he organized the International Privacy Conference in Amsterdam. Paul holds a Master of Laws from Maastricht University in the Netherlands.

Headshot CillianCillian Kieran is the CEO and founder of privacy tech company Ethyca. A background in software engineering and two decades spent leading large-scale data programs for Heineken, Sony, Dell, and Pepsi convinced him there was a better way to build trust deeper into technology development processes. Now, Ethyca powers privacy for global brands like Away, Slice, and Codecademy.


HeadShot David KleinDavid Klein, Senior Director of Product Strategy at ProcessUnity. David has more than 20 years’ experience in product management and strategic roles for leading technology providers. In his past roles at Pitney Bowes, Invoke, and Brainshark, David launched digital products and SaaS businesses across the globe while also driving product and feature development and forging innovation across mobile, eLearning/mLearning, and cloud-based landscapes.David is responsible for keeping his finger on the pulse of the marketplace and delivering high-value risk and compliance solutions. In his role, he defines ProcessUnity’s overall strategic direction.

RebeccaRebecca Herold, CEO & Founder of The Privacy Professor Consultancy and CEO & Co-Founder of Privacy & Security Brainiacs SaaS Services. Rebecca is founder (2004) and CEO of The Privacy Professor consultancy and CEO of the Privacy & Security Brainiacs SaaS services business she launched in 2021 with her son Noah. Rebecca has over 25 years of systems engineering, information security, privacy & compliance experience. Rebecca has authored 20 books, just finishing the 20th published by CRC Press titled, “Security & Privacy when Working from Home & Travelling.” She has also written dozens of book chapters and hundreds of articles, and has received numerous awards, including being a top 3 Cybersecurity & Privacy Woman Law Professional of 2020, and being named a top female fighting cybercrime in 2019. Rebecca has her own radio/podcast show, Data Security and Privacy with the Privacy Professor on Voice America. Rebecca also serves as an expert witness and has keynoted on 5 continents. Rebecca has been a subject matter expert (SME) in the NIST Cybersecurity for IoT Program team since January 2020, prior to that was a SME member of the NIST Privacy Framework team for 1 ½ years, and led the NIST Smart Grid privacy team for 8 years. Rebecca was Adjunct Professor for the Norwich University MSISA program for 9 years. Rebecca has earned 10 professional certifications (FIP, CDPSE, CISSP, CIPP/US, CIPT, CIPM, CISM, CISA, FLMI, Ponemon Institute Fellow). Rebecca has Masters’ and Bachelors’ degrees in Computer Science, Mathematics and Education, and lives in Des Moines, Iowa, USA. For more information about Rebecca see This email address is being protected from spambots. You need JavaScript enabled to view it..