Matthew Pokarier
Clyde & Co
Matthew Pokarier is a Partner specializing in cyber incident response, cyber insurance coverage, and privacy regulatory and data protection advice.

Matthew acts for clients domestically and globally providing data breach management services, regulatory advice on privacy issues including data breach reporting, cyber insurance coverage advice, and IT liability.

Matthew also specialises in commercial litigation and dispute resolution defending directors and companies, and advising on professional indemnity claims for a wide range of professionals for the past 25 years.

He has experience in all areas of insurance law but particularly professional indemnity, cyber insurance, financial institutions and directors' and officers' liability, both as coverage and defence adviser.

Data Breach Notification Law Wrap Up: 12 months of the NDB Scheme and the GDPR
Technical Level (3 being the highest score): 1

Trends in incident response, data breach notifications and regulatory action are beginning to emerge following the introduction of the Australian Notifiable Data Breach Scheme (the NDB Scheme) and the EU General Data Protection Regulation (GDPR) almost 12 months ago. While many organisations continue to make strides in their overall cyber resilience and preparedness, current trends in incident response and regulatory notifications highlight key areas of importance.

Clyde & Co will deliver a presentation focussing on current and emerging legal and regulatory developments and litigation trends and provide audience members with effective risk management guidance on how organisations can best respond to a data breach, drawing on both publically available and de-identified cases it has handled within Australia and internationally.

It will focus on common pitfalls, the actual outcome and regulatory response by the Office of the Australian Information Commissioner (OAIC) and EU regulators of notified events and subsequent recovery litigation against third parties.

The presentation will cover the following topics:

(a) Examining key trends in incident response and regulatory and legal compliance following the introduction of Australia’s NDB Scheme as well as the GDPR and the changes in the behaviour of organisations;
(b) Case studies examining deficient notifications and investigations under the NDB Scheme and the regulatory response by the OAIC and EU regulators;
(c) Providing strategies and guidance on how organisations can best manage their notification campaigns in accordance with Australia's NBD Scheme and mitigate their risk of further regulatory investigation and reputational harm;
(d) Examining the key actions by the OAIC and EU regulators after notifiable incidents and implications for businesses including operational issues and financial penalties for non-compliance;
(e) Understanding privacy and security liability issues for organisations that can arise after a data breach and the potential for recovery actions to be brought against third parties;
(f) Examining future legal and regulatory developments including changes in legislation.

The aim of the presentation is to improve the audience's understanding of the key areas to consider when embarking on a notification campaign and to provide attendees with practical guidance on the best ways to mitigate risk when dealing with regulators.

Presentation slides can be found HERE

Presentation video can be found HERE