NASSCOM workshop on GDPR with the European Commission

Created by NASSCOM Community on Mar 9, 2018

Tuesday, March 20, 2018 at India Habitat Center, New Delhi

Starts at 10:30 AM · Ends at 1:00 PM, IST (Asia/Calcutta)

  • NASSCOM Community
  • Manoj Rattan
  • Karthik Rameshkumar

As the IT sector prepares for compliance to General Data Protection Regulation (GDPR), the major reform of EU’s data protection framework, by adopting the data protection reform package, replacing the twenty years old Directive, NASSCOM is hosting a workshop for members with team of experts from Department of Justice, European Commission - The department responsible for EU policy on justice, consumer rights and gender equality.


Experts from Cross border flows Department of Justice, European Commission, will be presenting and responding to NASSCOM members on queries related with GDPR implementation.


Cross border data flows with the European Union has always been a market access issue for the Indian IT industry. There are fears within the sector that these problems may get accentuated with implementation of the GDPR.


On 25th May 2018, the new EU-wide data protection rules will become applicable, two years after its adoption and entry into force. The European Commission on 24th Jan 2018 published guidance to facilitate a direct and smooth application of the new data protection rules across the EU as of 25th May. The Commission also launched a new online tool dedicated to SMEs. The guidance further outlined what the European Commission, national data protection authorities and national administrations should still do to bring the preparation to a successful completion


The guidance recalls the main elements of the new data protection rules:


• One set of rules across the continent, guaranteeing legal certainty for businesses and the same data protection level across the EU for citizens.
• Same rules apply to all companies offering services in the EU, even if these companies are based outside the EU.
• Stronger and new rights for citizens: the right to information, access and the right to be forgotten are strengthened. A new right to data portability allows citizens to move their data from one company to the other. This will give companies new business opportunities.
• Stronger data breach notification provision: a company experiencing a data breach, which put individuals at risk, has to notify the data protection authority within 72 hours.
• Rules with deterrent fines: all data protection authorities will have the power to impose fines for up to EUR 20 million or, in the case of a company, 4% of the worldwide annual turnover.
• New online tool supporting practical application
• Brexit: EU data protection law applicable in the UK on the day preceding its withdrawal from the European Union will continue to apply to personal data processed in the UK before the withdrawal date


Workshop is only for NASSCOM members but Prior registration is Mandatory Click Here .

For queries, please write to Chetan Sharma at

India Habitat Center, New Delhi