PrivacyConnect Webinars
Register Now to Save Your Seat
CCPA & GDPR Webinars
Privacy Thought Leadership Series
PrivacyConnect monthly thought leadership webinar series is presented by distinguished privacy innovators and OneTrust partners on operational best practices and top-of-mind privacy topics, including the CCPA, GDPR and global privacy laws. Experts from leading privacy law firms, consultancies and OneTrust partners will share insights about regulatory requirements, providing you with knowledge to advance your career and a pathway to demonstrating compliance with the global privacy laws.
Upcoming Webinars
Register to Save Your Seat
Recorded CCPA & GDPR Webinars
Privacy Thought Leadership Series
With two months until the CCPA goes into effect on January 1, 2020, organizations are running out of time to operationally change their privacy programs in preparation. With new consumer rights like Do Not Sell and business challenges like identity verification and data discovery, the practical implementation of a CCPA-compliant program requires going beyond what was done for the GDPR. Hear from CCPA experts on implementation best-practices, obstacles to look out for, and what you can expect to happen once this new regulation goes into motion.

With two months until the CCPA goes into effect on January 1, 2020, organizations are running out of time to operationally change their privacy programs in preparation. With new consumer rights like Do Not Sell and business challenges like identity verification and data discovery, the practical implementation of a CCPA-compliant program requires going beyond what was done for the GDPR. Hear from CCPA experts on implementation best-practices, obstacles to look out for, and what you can expect to happen once this new regulation goes into motion.
Key Steps to Identify Risk and Master Third-Party Risk Management
September 19, 2019, 11:00 AM EST
Third-party risk management is not a new concept, yet the risks posed to organizations have evolved. An increasing reliance on third-party vendors, new privacy regulations like the CCPA, shifting cybersecurity threats, and frequent data breaches have disrupted the third-party landscape. As a result, modern third-party risk solutions must adapt to solve both security and privacy challenges. In this hour-long webinar, you’ll learn how to assess and identify risk within the scope of third-party management, as well as how to tackle increasing challenges these risks bring under global privacy regulations.

Key Steps to Identify Risk and Master Third-Party Risk Management
September 19, 2019, 11:00 AM EST
Third-party risk management is not a new concept, yet the risks posed to organizations have evolved. An increasing reliance on third-party vendors, new privacy regulations like the CCPA, shifting cybersecurity threats, and frequent data breaches have disrupted the third-party landscape. As a result, modern third-party risk solutions must adapt to solve both security and privacy challenges. In this hour-long webinar, you’ll learn how to assess and identify risk within the scope of third-party management, as well as how to tackle increasing challenges these risks bring under global privacy regulations.
Privacy Compliance for Marketing Teams - Optimizing the User Experience
August 22, 2019, 11:00 AM EST
In today’s privacy landscape, marketing teams face increasing challenges as new global privacy regulations evolve. Businesses must adjust their practices to a personalized consumer experience to reach their marketable database. User experience is a key component to generating a personalized connection with consumers, enabling businesses to better engage with and expand their marketing database. Learn best practices on how to drive opt-in demand while demonstrating compliance with CCPA, GPDR and other privacy regulations.

Privacy Compliance for Marketing Teams - Optimizing the User Experience
August 22, 2019, 11:00 AM EST
In today’s privacy landscape, marketing teams face increasing challenges as new global privacy regulations evolve. Businesses must adjust their practices to a personalized consumer experience to reach their marketable database. User experience is a key component to generating a personalized connection with consumers, enabling businesses to better engage with and expand their marketing database. Learn best practices on how to drive opt-in demand while demonstrating compliance with CCPA, GPDR and other privacy regulations.
Prevent your Next Breach: Safely Manage your Vendor Risk Lifecycle
March 21, 2019, 11:00 AM EST
Managing vendor risk is a continuous effort under the General Data Protection Regulation, California Consumer Privacy Act of 2018, and other global regulations. As organizations continue to improve their privacy and security programs, streamlining third- and fourth-party vendor risk has become a priority. This includes everything from filling out vendor assessments, such as the Cloud Security Alliance Consensus Assessments Initiative Questionnaire (CSA CAIQ), getting sufficient guarantees from your vendors to efficiently working with them during an audit or incident and much more. In this webinar, you’ll learn how to implement successful vendor risk processes, expedite vendor on-boarding, and hear practical advice to automate vendor risk management within a software technology platform, all while meeting your legal compliance obligations.
OneTrust hosts many events throughout the year, including in-person workshops and live webinars (collectively “events”). If you register for one of our events, we will collect your name and contact information, which we will store in our database(s) and use to provide you with information and services associated with the event. Please note that we use WebEx to assist with registration. By registering, you acknowledge that your information will be transferred from WebEx to OneTrust headquarters in the United States.
We keep a record of your participation in OneTrust events. With your consent, this information may be used to contact you about OneTrust products and services, as well as future events. It may also be used for the purpose of our legitimate interests in better understanding your needs and interests, and to better tailor our products and services..
Some of our events are sponsored. After the event takes place, OneTrust provides an attendee list to event sponsors, co-sponsors and presenters (collectively “partners”) for the purpose of our legitimate interests in connecting partners with attendees who have attended or downloaded a partner’s content. If you do not wish to have your information included in the attendee list or to not have your information shared with partners, you can opt out at the time of registration, or up until the day of the event by contacting OneTrust directly at [email protected]

Prevent your Next Breach: Safely Manage your Vendor Risk Lifecycle
March 21, 2019, 11:00 AM EST
Managing vendor risk is a continuous effort under the General Data Protection Regulation, California Consumer Privacy Act of 2018, and other global regulations. As organizations continue to improve their privacy and security programs, streamlining third- and fourth-party vendor risk has become a priority. This includes everything from filling out vendor assessments, such as the Cloud Security Alliance Consensus Assessments Initiative Questionnaire (CSA CAIQ), getting sufficient guarantees from your vendors to efficiently working with them during an audit or incident and much more. In this webinar, you’ll learn how to implement successful vendor risk processes, expedite vendor on-boarding, and hear practical advice to automate vendor risk management within a software technology platform, all while meeting your legal compliance obligations.
OneTrust hosts many events throughout the year, including in-person workshops and live webinars (collectively “events”). If you register for one of our events, we will collect your name and contact information, which we will store in our database(s) and use to provide you with information and services associated with the event. Please note that we use WebEx to assist with registration. By registering, you acknowledge that your information will be transferred from WebEx to OneTrust headquarters in the United States.
We keep a record of your participation in OneTrust events. With your consent, this information may be used to contact you about OneTrust products and services, as well as future events. It may also be used for the purpose of our legitimate interests in better understanding your needs and interests, and to better tailor our products and services..
Some of our events are sponsored. After the event takes place, OneTrust provides an attendee list to event sponsors, co-sponsors and presenters (collectively “partners”) for the purpose of our legitimate interests in connecting partners with attendees who have attended or downloaded a partner’s content. If you do not wish to have your information included in the attendee list or to not have your information shared with partners, you can opt out at the time of registration, or up until the day of the event by contacting OneTrust directly at [email protected]
As January 1, 2020 quickly approaches, the California Consumer Privacy Act enforces new privacy rights for consumers making companies that conduct business in California to implement structural changes to their privacy program. In this webinar, we’ll provide insight into how the new law will impact your organization’s operations, provide useful insight into how to evaluate your company’s readiness, highlights new rights for consumers, and explain how to apply transformation to your privacy program.
OneTrust hosts many events throughout the year, including in-person workshops and live webinars (collectively “events”). If you register for one of our events, we will collect your name and contact information, which we will store in our database(s) and use to provide you with information and services associated with the event. Please note that we use WebEx to assist with registration. By registering, you acknowledge that your information will be transferred from WebEx to OneTrust headquarters in the United States.
We keep a record of your participation in OneTrust events. With your consent, this information may be used to contact you about OneTrust products and services, as well as future events. It may also be used for the purpose of our legitimate interests in better understanding your needs and interests, and to better tailor our products and services..
Some of our events are sponsored. After the event takes place, OneTrust provides an attendee list to event sponsors, co-sponsors and presenters (collectively “partners”) for the purpose of our legitimate interests in connecting partners with attendees who have attended or downloaded a partner’s content. If you do not wish to have your information included in the attendee list or to not have your information shared with partners, you can opt out at the time of registration, or up until the day of the event by contacting OneTrust directly at [email protected]

As January 1, 2020 quickly approaches, the California Consumer Privacy Act enforces new privacy rights for consumers making companies that conduct business in California to implement structural changes to their privacy program. In this webinar, we’ll provide insight into how the new law will impact your organization’s operations, provide useful insight into how to evaluate your company’s readiness, highlights new rights for consumers, and explain how to apply transformation to your privacy program.
OneTrust hosts many events throughout the year, including in-person workshops and live webinars (collectively “events”). If you register for one of our events, we will collect your name and contact information, which we will store in our database(s) and use to provide you with information and services associated with the event. Please note that we use WebEx to assist with registration. By registering, you acknowledge that your information will be transferred from WebEx to OneTrust headquarters in the United States.
We keep a record of your participation in OneTrust events. With your consent, this information may be used to contact you about OneTrust products and services, as well as future events. It may also be used for the purpose of our legitimate interests in better understanding your needs and interests, and to better tailor our products and services..
Some of our events are sponsored. After the event takes place, OneTrust provides an attendee list to event sponsors, co-sponsors and presenters (collectively “partners”) for the purpose of our legitimate interests in connecting partners with attendees who have attended or downloaded a partner’s content. If you do not wish to have your information included in the attendee list or to not have your information shared with partners, you can opt out at the time of registration, or up until the day of the event by contacting OneTrust directly at [email protected]
In today’s privacy environment, creating an actionable breach reporting plan is critical under global privacy laws. Under Article 30 of the GDPR requires that organizations maintain internal records of their data processing activities to stay compliant. Knowing how to identify and prepare proper documentation for your organization is critical to being able to secure and analyze risks. In this presentation, we will deep dive into how to use the OneTrust tool for breach reporting, as well as the benefits of Article 30 and completing asset and data inventories.
OneTrust hosts many events throughout the year, including in-person workshops and live webinars (collectively “events”). If you register for one of our events, we will collect your name and contact information, which we will store in our database(s) and use to provide you with information and services associated with the event. Please note that we use WebEx to assist with registration. By registering, you acknowledge that your information will be transferred from WebEx to OneTrust headquarters in the United States.
We keep a record of your participation in OneTrust events. With your consent, this information may be used to contact you about OneTrust products and services, as well as future events. It may also be used for the purpose of our legitimate interests in better understanding your needs and interests, and to better tailor our products and services..
Some of our events are sponsored. After the event takes place, OneTrust provides an attendee list to event sponsors, co-sponsors and presenters (collectively “partners”) for the purpose of our legitimate interests in connecting partners with attendees who have attended or downloaded a partner’s content. If you do not wish to have your information included in the attendee list or to not have your information shared with partners, you can opt out at the time of registration, or up until the day of the event by contacting OneTrust directly at [email protected]
In today’s privacy environment, creating an actionable breach reporting plan is critical under global privacy laws. Under Article 30 of the GDPR requires that organizations maintain internal records of their data processing activities to stay compliant. Knowing how to identify and prepare proper documentation for your organization is critical to being able to secure and analyze risks. In this presentation, we will deep dive into how to use the OneTrust tool for breach reporting, as well as the benefits of Article 30 and completing asset and data inventories.
OneTrust hosts many events throughout the year, including in-person workshops and live webinars (collectively “events”). If you register for one of our events, we will collect your name and contact information, which we will store in our database(s) and use to provide you with information and services associated with the event. Please note that we use WebEx to assist with registration. By registering, you acknowledge that your information will be transferred from WebEx to OneTrust headquarters in the United States.
We keep a record of your participation in OneTrust events. With your consent, this information may be used to contact you about OneTrust products and services, as well as future events. It may also be used for the purpose of our legitimate interests in better understanding your needs and interests, and to better tailor our products and services..
Some of our events are sponsored. After the event takes place, OneTrust provides an attendee list to event sponsors, co-sponsors and presenters (collectively “partners”) for the purpose of our legitimate interests in connecting partners with attendees who have attended or downloaded a partner’s content. If you do not wish to have your information included in the attendee list or to not have your information shared with partners, you can opt out at the time of registration, or up until the day of the event by contacting OneTrust directly at [email protected]
Much has already occurred since the May 25th, 2018 effective date of the GDPR. California passed a major privacy law that has the potential to transform US privacy law. Tens of thousands of data subjects have exercised their rights as outlined under the GDPR. Major lawsuits have been levied against the world’s largest tech companies. But what does this mean for your organization? In this presentation, we will dissect major occurrences since the GDPR’s effective date and how they may influence the future of global privacy compliance.

Much has already occurred since the May 25th, 2018 effective date of the GDPR. California passed a major privacy law that has the potential to transform US privacy law. Tens of thousands of data subjects have exercised their rights as outlined under the GDPR. Major lawsuits have been levied against the world’s largest tech companies. But what does this mean for your organization? In this presentation, we will dissect major occurrences since the GDPR’s effective date and how they may influence the future of global privacy compliance.
Due to its complexity, understanding your organizations preparedness for a GDPR-related regulatory inquiry is a challenge. Still, there are many ways to get ahead of the curve and gain a greater sense of where your organization stands on the compliance spectrum. In this session, we will discuss how to diagnose your compliance status, what to do to remediate gaps and risks, and what steps you should take to ready yourself for potential regulatory probe.
Presented By
, at Alston & Bird

Due to its complexity, understanding your organizations preparedness for a GDPR-related regulatory inquiry is a challenge. Still, there are many ways to get ahead of the curve and gain a greater sense of where your organization stands on the compliance spectrum. In this session, we will discuss how to diagnose your compliance status, what to do to remediate gaps and risks, and what steps you should take to ready yourself for potential regulatory probe.
Presented By, at Alston & Bird
In a first-of-its-kind US privacy law, California residents will be granted new online privacy protections under the recently passed California Consumer Privacy Act (CCPA) of 2018. In this webinar, we dive into the new rights for California consumers as well as discuss the CCPA’s scope and potential influence on US privacy law. We will also explore how the CCPA compares to the EU GDPR and what organizations should do to prepare.

In a first-of-its-kind US privacy law, California residents will be granted new online privacy protections under the recently passed California Consumer Privacy Act (CCPA) of 2018. In this webinar, we dive into the new rights for California consumers as well as discuss the CCPA’s scope and potential influence on US privacy law. We will also explore how the CCPA compares to the EU GDPR and what organizations should do to prepare.
Consent and compliance? Articles and recitals? These aren’t typical topics of discussion for most marketing teams. However, protecting the privacy of data subjects and remaining compliant with the GDPR are items of emphasis throughout organizations, especially marketing teams. In this webinar, we will discuss strategies to remain compliant with the GDPR while still executing the marketing activities your organization relies on.

Consent and compliance? Articles and recitals? These aren’t typical topics of discussion for most marketing teams. However, protecting the privacy of data subjects and remaining compliant with the GDPR are items of emphasis throughout organizations, especially marketing teams. In this webinar, we will discuss strategies to remain compliant with the GDPR while still executing the marketing activities your organization relies on.
With 2019 rapidly approaching, the next major privacy regulation looms. In this session, Mark Webber, US Managing Partner at Fieldfisher will discuss key considerations regarding the new ePrivacy Regulation, including: territorial scope, opt-in consent (and consent exemptions), cookie compliance, how the ePrivacy regulation is expected to function alongside the GDPR, and what you need to know to prepare.
Presented By
Mark Webber, US Managing Partner at Fieldfisher

With 2019 rapidly approaching, the next major privacy regulation looms. In this session, Mark Webber, US Managing Partner at Fieldfisher will discuss key considerations regarding the new ePrivacy Regulation, including: territorial scope, opt-in consent (and consent exemptions), cookie compliance, how the ePrivacy regulation is expected to function alongside the GDPR, and what you need to know to prepare.
Presented ByMark Webber, US Managing Partner at Fieldfisher
With only months to go until the GDPR’s enforcement date, it’s time to build an executable action plan for compliance success or to assess the progress if you have already started. How to approach this? The GDPR is dense and complex; it’s difficult to identify where you should focus your money, time, and resources. Join Annika Sponselee, Partner at Deloitte and Nicole Vreeman, Manager at Deloitte, as they walk through the most significant aspects of the GDPR and share their advice for prioritizing privacy program tasks in preparation for May 25, 2018.
Presented By
Annika Sponselee, Partner at Deloitte
Nicole Vreeman, Manager at Deloitte
With only months to go until the GDPR’s enforcement date, it’s time to build an executable action plan for compliance success or to assess the progress if you have already started. How to approach this? The GDPR is dense and complex; it’s difficult to identify where you should focus your money, time, and resources. Join Annika Sponselee, Partner at Deloitte and Nicole Vreeman, Manager at Deloitte, as they walk through the most significant aspects of the GDPR and share their advice for prioritizing privacy program tasks in preparation for May 25, 2018.
Presented ByAnnika Sponselee, Partner at Deloitte
Nicole Vreeman, Manager at Deloitte
Under the GDPR, organizations are now required to have contracts in place with all their vendors addressing the details of the processing activity. It is also your responsibility to ensure you have “sufficient guarantees” from your vendors “to implement appropriate technical and organizational measures” to safeguard personal data. But how do you get these guarantees, and what other questions should you even be asking your vendors? While vendor assessments have traditionally been focused on security, vendor assessments under the GDPR will need to incorporate privacy considerations. Join Cynthia O’Donoghue, Partner at Reed Smith and Dr. Andreas Splittgerber, Partner at Reed Smith, to discuss the topic of vendor risk assessments—what they entail and how they should be used to evaluate vendors and renegotiate existing contracts for compliance with the GDPR.
Presented By
Cynthia O'Donoghue, Partner at Reed Smith
Dr. Andreas Splittgerber, Partner at Reed Smith

Under the GDPR, organizations are now required to have contracts in place with all their vendors addressing the details of the processing activity. It is also your responsibility to ensure you have “sufficient guarantees” from your vendors “to implement appropriate technical and organizational measures” to safeguard personal data. But how do you get these guarantees, and what other questions should you even be asking your vendors? While vendor assessments have traditionally been focused on security, vendor assessments under the GDPR will need to incorporate privacy considerations. Join Cynthia O’Donoghue, Partner at Reed Smith and Dr. Andreas Splittgerber, Partner at Reed Smith, to discuss the topic of vendor risk assessments—what they entail and how they should be used to evaluate vendors and renegotiate existing contracts for compliance with the GDPR.
Presented ByCynthia O'Donoghue, Partner at Reed Smith
Dr. Andreas Splittgerber, Partner at Reed Smith
Under the GDPR, controllers are now required to notify their supervisory authority when a personal data breach occurs, unless it is unlikely to result in risks to the rights and freedoms of individuals. The notification needs to be done without undue delay, no later than 72 hours after the controller has become aware of the breach (with some exceptions). It is crucial for privacy practitioners to understand the details of this tight timeline as well as the risk-based trigger, and what they entail. In this session, Tim Van Baelen ,Advisor at KPMG, and Joris Weyn, Senior Manager at KPMG, review the personal data breach rules under the GDPR and provide tips to help you map out a 72-hour personal data breach action plan.
Presented By
Tim Van Baelen, Advisor at KPMG
Joris Weyn, Senior Manager at KPMG

Under the GDPR, controllers are now required to notify their supervisory authority when a personal data breach occurs, unless it is unlikely to result in risks to the rights and freedoms of individuals. The notification needs to be done without undue delay, no later than 72 hours after the controller has become aware of the breach (with some exceptions). It is crucial for privacy practitioners to understand the details of this tight timeline as well as the risk-based trigger, and what they entail. In this session, Tim Van Baelen ,Advisor at KPMG, and Joris Weyn, Senior Manager at KPMG, review the personal data breach rules under the GDPR and provide tips to help you map out a 72-hour personal data breach action plan.
Presented ByTim Van Baelen, Advisor at KPMG
Joris Weyn, Senior Manager at KPMG
Consent is a frequently discussed topic under the GDPR and often times misunderstood. Still, organizations will likely need to rely on consent to perform many common marketing tasks, which means complying with the more stringent consent requirements under the Regulation and being able to demonstrate that consent has been properly given. In practice, there are ways to collect valid consent and produce an accurate audit trail in the event that it’s needed. During this online webinar, Sonia Siddiqui, Senior Associate at Grant Thornton, and Ariana Davis, Manager of Privacy and Data Protection at Grant Thornton, will highlight common consent use cases that are affected by the GDPR and walk you through real steps you can implement in practice.
Presented By
Sonia Siddiqui, Senior Associate at Grant Thornton
Ariana Davis, Manager, Privacy and Data Protection at Grant Thornton

Consent is a frequently discussed topic under the GDPR and often times misunderstood. Still, organizations will likely need to rely on consent to perform many common marketing tasks, which means complying with the more stringent consent requirements under the Regulation and being able to demonstrate that consent has been properly given. In practice, there are ways to collect valid consent and produce an accurate audit trail in the event that it’s needed. During this online webinar, Sonia Siddiqui, Senior Associate at Grant Thornton, and Ariana Davis, Manager of Privacy and Data Protection at Grant Thornton, will highlight common consent use cases that are affected by the GDPR and walk you through real steps you can implement in practice.
Presented BySonia Siddiqui, Senior Associate at Grant Thornton
Ariana Davis, Manager, Privacy and Data Protection at Grant Thornton
The Future ePrivacy Regulation: From Cookie Banners to Cookie Preference Centers
June 7, 2018, 11:00 AM EST
Cookie banners have become commonplace since the passing of the ePrivacy Directive. Unfortunately, they ended up causing unnecessary burden on consumers who accept them without understanding their meaning. Pop-up cookie banners have therefore failed to achieve the objective of the ePrivacy Directive to protect the confidentiality of the information stored on individuals’ devices, as they resulted in consent fatigue. But with the impending ePrivacy Regulation making its way through the legislative process, the new rules should give control back to consumers over the cookies that are stored on their devices, providing them with real choices. In practice, companies will need to implement changes, starting with the choices they give to website visitors. In this session, we’ll explore the evolution of the cookie banner and explain steps you can take to help steer your organization to compliance as well as better understand the relationship the ePrivacy Directive has with the GDPR.
Presented By
Brian Philbrook, Privacy Counsel at OneTrust
Nikolaus Theodarakis, Senior Associate at Alston & Bird LLP

The Future ePrivacy Regulation: From Cookie Banners to Cookie Preference Centers
June 7, 2018, 11:00 AM EST
Cookie banners have become commonplace since the passing of the ePrivacy Directive. Unfortunately, they ended up causing unnecessary burden on consumers who accept them without understanding their meaning. Pop-up cookie banners have therefore failed to achieve the objective of the ePrivacy Directive to protect the confidentiality of the information stored on individuals’ devices, as they resulted in consent fatigue. But with the impending ePrivacy Regulation making its way through the legislative process, the new rules should give control back to consumers over the cookies that are stored on their devices, providing them with real choices. In practice, companies will need to implement changes, starting with the choices they give to website visitors. In this session, we’ll explore the evolution of the cookie banner and explain steps you can take to help steer your organization to compliance as well as better understand the relationship the ePrivacy Directive has with the GDPR.
Presented ByBrian Philbrook, Privacy Counsel at OneTrust
Nikolaus Theodarakis, Senior Associate at Alston & Bird LLP