Privacy Laws & Business
Total Page:16
File Type:pdf, Size:1020Kb
Privacy Laws & Business European Privacy Officers Network Briefing and Roundtable with the Netherlands Data Protection Commissioner The Hague, The Netherlands, November 14th 2007
------
Programme
08.45 Registration
09.00-12.00 Briefing
12.00-12.30 Lunch
13.00-17.00 Roundtable with the Netherlands Data Protection Commissioner and Advisor
MORNING AGENDA
Host: De Brauw Blackstone Westbroek, The Hague
Speakers: Ms. Lokke Moerel, Partner and Mr. Richard van Staden ten Brink, Attorney De Brauw Blackstone Westbroek, Amsterdam
1. The Dutch Data Protection Authority Organization, Powers and Enforcement Priorities
2. Specific points of interest under Dutch DP Law
Dutch Notification Exemption Decree Dutch Permit Requirement for International Data Transfers Concept of Personal Data – data at Zip code level, IP and email addresses
3. Employee Monitoring
Employees’ use of company systems (i.e. monitoring of use of specific e-learning or HR tools) Telephone, e-mail and internet for private use in work time Compliance with US requirements (mandatory obligations to monitor for drug abuse, insider trading, disciplinary measures and criminal convictions) Recent case law of the Dutch Supreme Court regarding workplace drug testing Internal investigations (ordered by regulatory bodies or otherwise) Dutch Works Council
4. International Transfers – BCRs
implications Swift decision for intra company data transfers the Dutch DPA as "lead DPA" for BCR update status co-ordinated procedure Splitting up Employee BCR and Consumer BCR overview EU obstacles in co-ordinated procedure - recent developments
5. New Dutch Guidelines on the online collection and use of Personal Data
6. Right of Access (recent Dutch Supreme Court decision)
7. Other recent issues
Social Networks Registration of health care professionals for accreditation purposes (depending on participants) Security Breach Notification Protocol
------
Roundtable with the Netherlands Data Protection Commissioner
AFTERNOON AGENDA 13.00H.-17.00H.
Host: The Netherlands Data Protection Commission, The Hague
Speakers: Ms. Madeleine McLaggan-van-Roon, Commissioner, Ms. Sanne van de Velde, Senior Policy Officer, Ms. Sjoera Nas, Senior Policy Officer, and Ms. Anne Smeets, Policy Officer
1. The Netherlands Data Protection Authority (CBP) The position, strategy and developments toward more enforcement pf the Netherlands Data Protection Act (Wbp) The CBP expectations of company data protection officers Ms. Madeleine McLaggan-van-Roon, Commissioner
2. Binding Corporate Rules Legal basis for Binding corporate rules and data transfers BCR in practice Problems solved Future approach Ms. Anne Smeets, Policy Officer
3. Employee Monitoring Employee monitoring and compliance with the Dutch Data Protection Act in general Points of particular interest regarding different means to monitor employees Monitoring employees who are incapable of work Technological developments Pre-employment screening Mrs. Sanne van de Velde, Senior Policy Officer
4. The Internet and privacy Guidelines Publications of personal data on internet Main regulatory issues Excemptions and exception Further policy development by Article 29 Working party Enforcement Mrs. Sjoera Nas, Senior Policy Officer
5. Questions and answers on other issues All speakers