Description
Understand the applicability of the GDPR and CCPA and how to incorporate data privacy compliance into MA preparation and due diligence.Violations of the GDPR and CCPA can result in serious liabilities. The EU’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA) impose new data privacy obligations and restrictions, at times with extraterritorial scope. Violations of these laws can result in serious liability for U.S. companies even after a merger or acquisition has occurred. Even so, many U.S. companies have not come into full compliance with the GDPR and CCPA, which can result in new liabilities and risks during MA deals. This topic helps the persons involved on the buyer and seller sides of MAs understand the applicability of the GDPR and CCPA to U.S. companies and how to incorporate data privacy compliance into MA preparation and due diligence. The material also explains how data privacy risks can be addressed in relevant MA documentation and postdeal integration and system management. As data privacy regulators enforce these new laws and individuals become more familiar with their new data privacy rights, this information is critical for businesses to ensure that their MA processes protect parties from inadvertent noncompliance.
Date: 2023-08-22 Start Time: End Time:
Learning Objectives
Overview: Influence of EU GDPR and New California Privacy Law
• Data Privacy in Manda Deals
Overview of GDPR and CCPA
• GDPR
• Extraterritorial Scope
• Liability
• Lawful Basis for Processing
• Privacy by Design
• Data Subject Rights
• Breach
• CCPA
• Scope
• Liability
• Consumer Rights
• Consent
• Data Protection
• Breach
Early Stage Activities
• Data Privacy Review (Sell-Side Perspective)
• Identify Applicability of GDPR and CCPA
• Data Mapping
• Identify Gaps and Deficiencies
• Due Diligence (Buy-Side Perspective)
• Designate Party to Audit Data Privacy Practices
• Review Data Mapping
• Pre-Existing Liability and Breaches
Identifying Key Risks
• Privacy by Design (Systemic Issues)
• Data Transfers
• Integrating Data Systems
• Deficient Compliance Procedures
• Breaches
• Unlawfully Processed or Sold Data
Representations, Warranties, Indemnities
• Reps and Warranties
• Indemnities
• Data Privacy Provisions
Ancillary Documents
• Privacy Notices
• Consent Records
• Processing Records
Post-Deal Considerations
• Updating Data Subjects
• Transitional Services (Integrating Data Systems)
• Managing On-Going Use of Databases
• Preserving On-Going Controls
• Updating/Improving Procedures and Controls
CLE (Please check the Detailed Credit Information page for states that have already been approved) ,Additional credit may be available upon request. Contact Lorman at 866-352-9540 for further information.
Oliver Krischik-GKG Law, P.C.
