1,118 citiri
Cristina Ghica

Cristina Ghica

The frictionless flow of information is a defining feature of today’s information economy. The ability to transfer customer data, employee files, financial records, and other information around the globe quickly and cheaply has opened up a world of opportunity for many businesses. It also presents a new world of risks.

The potential for misuse of sensitive personal information has triggered legislative and regulatory action worldwide – the risks are high. Privacy laws are continually evolving, vary by jurisdiction, are interpreted unpredictably, and are in a constant state of flux. Even the most well-meaning, conscientious company can make a false step as it captures, uses, transfers and discloses personal information.

The same applies to cybersecurity, which is becoming increasingly complex. The consequences can be serious: heavy fines, injunctions, government audits, even criminal liability. Perhaps more importantly, companies that run counter to privacy and cybersecurity standards find themselves open to negative media attention and the immeasurable damage of lost consumer trust and confidence.

Cristina Ghica is certified with CIPP/E and CIPM and have the depth resources to provide integrated, creative and practical advise on the GDPR and privacy-related concerns faced by our clients:
– GDPR ‘360 degrees Gap Assessment, including assess maturity levels of existing controls and processes
– Identification of non-compliance gaps
– Develop prioritized strategic roadmap for GDPR initiative
– Analyze data flow mapping
– Identification risks and risk assessment on people, processes and technology
– Data Privacy Impact Assessment
– Binding Corporate Rules
– Cross-border data transfer (both intra-group and with third parties)
– Data processing and data transfer agreements
– Data security breach preparedness and response
– Due diligence and warranty negotiation for M&A
– Employee privacy
– Financial privacy
– Healthcare privacy
– Marketing policies
– Privacy and cybersecurity aspects of cloud computing and other sourcing arrangements
– Privacy and cybersecurity policies
– Privacy and cybersecurity audits
– Privacy-related claims and disputes
– Privacy statements for online activities
– Privacy aspects of investigations and e-discovery

Data Protection Experts 2018

Înregistrarea video