BACK TO SPEAKERS
She regularly works on domestic and international cyber claims involving data breaches, regulatory investigations, mandatory notification laws, recovery actions and incident response.
She has acted as breach coach, privacy counsel and coverage counsel in a range of incidents including high profile data breaches, denial of service attacks, ransomware, business email compromise and fraud incidents. She also regularly advises clients in relation to their privacy compliance, cyber incident readiness and resilience.
Data Breach Notification Law Wrap Up: 12 months of the NDB Scheme and the GDPR
Technical Level (3 being the highest score): 1
Trends in incident response, data breach notifications and regulatory action are beginning to emerge following the introduction of the Australian Notifiable Data Breach Scheme (the NDB Scheme) and the EU General Data Protection Regulation (GDPR) almost 12 months ago. While many organisations continue to make strides in their overall cyber resilience and preparedness, current trends in incident response and regulatory notifications highlight key areas of importance.
Clyde & Co will deliver a presentation focussing on current and emerging legal and regulatory developments and litigation trends and provide audience members with effective risk management guidance on how organisations can best respond to a data breach, drawing on both publically available and de-identified cases it has handled within Australia and internationally.
It will focus on common pitfalls, the actual outcome and regulatory response by the Office of the Australian Information Commissioner (OAIC) and EU regulators of notified events and subsequent recovery litigation against third parties.
The presentation will cover the following topics:
(a) Examining key trends in incident response and regulatory and legal compliance following the introduction of Australia’s NDB Scheme as well as the GDPR and the changes in the behaviour of organisations;
(b) Case studies examining deficient notifications and investigations under the NDB Scheme and the regulatory response by the OAIC and EU regulators;
(c) Providing strategies and guidance on how organisations can best manage their notification campaigns in accordance with Australia's NBD Scheme and mitigate their risk of further regulatory investigation and reputational harm;
(d) Examining the key actions by the OAIC and EU regulators after notifiable incidents and implications for businesses including operational issues and financial penalties for non-compliance;
(e) Understanding privacy and security liability issues for organisations that can arise after a data breach and the potential for recovery actions to be brought against third parties;
(f) Examining future legal and regulatory developments including changes in legislation.
The aim of the presentation is to improve the audience's understanding of the key areas to consider when embarking on a notification campaign and to provide attendees with practical guidance on the best ways to mitigate risk when dealing with regulators.
Presentation slides can be found HERE
Presentation video can be found HERE
Stefanie Luhrs
Clyde & Co
Stefanie Luhrs is a Senior Associate specialising in cyber incident response, data protection and professional insurance lines.She regularly works on domestic and international cyber claims involving data breaches, regulatory investigations, mandatory notification laws, recovery actions and incident response.
She has acted as breach coach, privacy counsel and coverage counsel in a range of incidents including high profile data breaches, denial of service attacks, ransomware, business email compromise and fraud incidents. She also regularly advises clients in relation to their privacy compliance, cyber incident readiness and resilience.
Data Breach Notification Law Wrap Up: 12 months of the NDB Scheme and the GDPR
Technical Level (3 being the highest score): 1
Trends in incident response, data breach notifications and regulatory action are beginning to emerge following the introduction of the Australian Notifiable Data Breach Scheme (the NDB Scheme) and the EU General Data Protection Regulation (GDPR) almost 12 months ago. While many organisations continue to make strides in their overall cyber resilience and preparedness, current trends in incident response and regulatory notifications highlight key areas of importance.
Clyde & Co will deliver a presentation focussing on current and emerging legal and regulatory developments and litigation trends and provide audience members with effective risk management guidance on how organisations can best respond to a data breach, drawing on both publically available and de-identified cases it has handled within Australia and internationally.
It will focus on common pitfalls, the actual outcome and regulatory response by the Office of the Australian Information Commissioner (OAIC) and EU regulators of notified events and subsequent recovery litigation against third parties.
The presentation will cover the following topics:
(a) Examining key trends in incident response and regulatory and legal compliance following the introduction of Australia’s NDB Scheme as well as the GDPR and the changes in the behaviour of organisations;
(b) Case studies examining deficient notifications and investigations under the NDB Scheme and the regulatory response by the OAIC and EU regulators;
(c) Providing strategies and guidance on how organisations can best manage their notification campaigns in accordance with Australia's NBD Scheme and mitigate their risk of further regulatory investigation and reputational harm;
(d) Examining the key actions by the OAIC and EU regulators after notifiable incidents and implications for businesses including operational issues and financial penalties for non-compliance;
(e) Understanding privacy and security liability issues for organisations that can arise after a data breach and the potential for recovery actions to be brought against third parties;
(f) Examining future legal and regulatory developments including changes in legislation.
The aim of the presentation is to improve the audience's understanding of the key areas to consider when embarking on a notification campaign and to provide attendees with practical guidance on the best ways to mitigate risk when dealing with regulators.
Presentation slides can be found HERE
Presentation video can be found HERE