Prepare your Company for the EU Market
In the recent years, there has been a significant increase in the number of start-up companies and generally Information and Communications Technology (ICT) businesses in Kosovo. However, a considerable percentage of the following entities have developed products and/or services for the global market – which implies that they collect, process and store personal data of foreign subjects. Consequently, all business activities that include such information must comply with the broad category of international Data Protection laws. In most cases, the physical location does not exempt organizations from facing the consequences of non-compliance.
Legislations for this manner have been continuously modified and newly ones announced throughout the years. Many companies are still struggling with implementing effective risk assurance programs that constitute a key requirement for any sensible cybersecurity and compliance strategy. Therefore, this approximately two-hour event will focus on providing an in-person executive briefing regarding the relatively new General Data Protection Regulation (GDPR), since the majority of ICT companies’ targeted data subjects are comprised of European Union (EU) members, but will also outline the existing data protection policies in Kosovo.
One-Year Anniversary of the GDPR
The GDPR was adopted by the EU Parliament in April 14, 2016 and is in force since May 25, 2018. This regulation requires providers to make major changes to the ways in which they gather, manage and use personal data. Non-compliant organizations can be fined up to €20 million or 4% of annual turnover, whichever is greater.
According to the International Association of Privacy Professionals (IAPP) infographic as seen on Figure 1, The European Data Protection Board (EDPB), which coordinates the EU’s data protection authorities, received more than 280,000 cases which have led to € 56,000,000 in fines for entities in 31 countries. A considerable number of these cases involve classic privacy concerns, such as the failure to encrypt or control access to personal data. Others demonstrate the GDPR’s broad scope.
Over the year, oversea countries have implemented their version of the regulation as well, including India, Brazil, Thailand, and the U.S. with its California Consumer Privacy Act (CCPA) that was signed into law on June 28, 2018.
Nevertheless, more work lies ahead. The enactment of the GDPR marked a titanic shift for data privacy and a great number of organizations have failed to keep up-to-date with the policy; hence, thousands of GDPR actions are currently pending.
Kosovo’s take on GDPR
Knowing the importance of this regulation, the Government of the Republic of Kosovo submitted a draft (updated with GDPR standards) with reference to the Data Protection Law for consideration on 11 June 2018 (Draft Law No. 06/L-082) to the Assembly for consideration. The Draft Law was set to progress through the legislative process, which includes several reviews by various committees within the Assembly of the Republic of Kosovo, prior to its adoption.
The Law on Protecting Personal Data was finally approved by the Assembly of the Republic of Kosovo on 27 November 2018, and it was enforced on 25 February 2019 – concurrently repealing the previous Draft Law No. 03/L-172 which was previously approved on 31 May 2010.
“GDPR Briefing” will provide insights into relevant regulation requirements from a business perspective and how they are being implemented on a daily basis from international institutions. As a result, participants will also get a chance to ask questions to our GDPR specialist.
This event is a joint project between our organization and Cyber Academy, and will be held in Prishtina, Kosovo – 11 July (Thursday), 2019 at St. “Marin Barleti”, No. 47, near Hotel Nartel.
Registrations are available at Eventbrite. We will let you know if you are accepted for the training, due to the limited number of seats.
|17:30 – 18:00||Check-in and welcoming|
|18:00 – 18:45||Briefing session|
|18:45 – 18:50||5 minute coffee break|
|18:50 – 19:30||Briefing session|