Kinstellar hosts business breakfast on the EU General Data Protection Regulation and its impact on businesses in Ukraine
October 2017 – On 18 October 2017 Kinstellar held a business breakfast on the General Data Protection Regulation (GDPR, the Regulation) with support from the U.S.–Ukraine Business Council (USUBC) and InterContinental Kyiv hotel.
The GDPR marks the biggest change to EU data privacy laws in more than 20 years and is intended to harmonise data privacy requirements across all 28 EU member states. The GDPR was adopted in April 2016 after four years of debate and negotiation and will take effect on 25 May 2018 in all EU countries.
The Regulation will also have an impact on Ukrainian business from May 2018 GDPR, as it will be applicable to companies in Ukraine that process the data of EU citizens.
The business breakfast brought together more than 50 representatives from various sectors, including IT, telecom, agricultural, industrial and financial services, all of whom were interested in the answer to two main questions: when and how to get ready for the new Regulation.
The presenters were Kinstellar data protection experts Andriy Nikiforov, Counsel in Kinstellar’s Kyiv office, and Zdeněk Kučera, Managing Associate and Head of the Technology, Media and Telecoms practice in Kinstellar’s Prague office. The event was moderated by Michael Datsenko, Director of Information & Member Programs at USUBC.
Andriy Nikiforov cast light on the GDPR’s extraterritorial reach and introduced some of the nuances of the application of the Regulation inside and outside the EU. He also outlined the main reasons that should motivate Ukrainian companies to implement the GDPR and the relevant business processes inside the companies—not only legal motivations (such as penalties as stipulated by the Regulation) but also the commercial benefits for companies in Ukraine that follow the GDPR rules.
Zdeněk Kučera summarised the key changes that the new Regulation will bring and highlighted the most important actions that Ukrainian companies should take in preparing to comply with it. He explained various issues, including what personal data in the modern digital world means, when personal data must be processed and the way it can be done in a lawful and fair manner, and what are the key factors to determine that the Regulation is applicable to a company in Ukraine. He also outlined the changes to the rights of data subjects and the rights of obtaining consent for data processing, and the changes in the transfer of personal data from an EU member state to Ukraine as a country “with an inadequate level of data protection”.
To conclude the event, Zdeněk outlined a preferred action plan for data processing in a company that would be compliant with GDPR, covering such aspects as data breaches, records of processing activities, and implementation of best practices, among others.
The main takeaway from the business breakfast is that companies in Ukraine seeking EU customers need to get GDRP compliant today. They should conduct an expert due diligence of their data processing activities and build up the internal processes that will comply with the Regulation. Companies that do this will gain market advantage over competitors that do not.
For further information please contact Olena Sysuieva at +380 50 337 0702 / email@example.com. Please refer to www.kinstellar.com for more information about the firm, our team and practices.