Effects of GDPR & State Privacy Laws: How Data Protection Impacts Your Business

Level: Advanced
Runtime: 60 minutes
Recorded Date: May 22, 2019
Click here to share this program
Download PDF


10:00 am - 11:00 am
  • The Impacts of GDPR
  • Data Breach Reporting
  • Privacy Impact Assessment
  • Data Flows/Data Mapping
  • Privacy/Security by Design
  • GDPR and US State Laws (Ex. CCPA)
Runtime: 1 hour
Recorded: May 22, 2019


Over the past few years, the European Union has been undergoing deep change in its data protection framework which started with the passing of the General Data Protection Regulation in May 2016, which finally took effect in May 2018. With its recent implementation, organizations around the globe are making the GDPR a top priority. Additionally, state legislations have implemented new cybersecurity regulations of their own - such as NYDFS and CCPA.

In this session, you will learn how GDPR, as well as certain state-mandated data protection regulations, directly affect your business. We will also address the importance of demonstrating on-going compliance on a global and local scale, and how privacy management software and automation can support key related initiatives.

This program was recorded as part of ALM and Corporate Counsel's 19th Annual SuperConference held on May 22nd, 2019.

Provided By



Matthew Lewis

Senior VP - Advisory, Partnerships & Solutions

Over the last 20 years Lewis has led entrepreneurial, fast growing, and adaptive software and service-oriented business lines across financial service sectors. Lewis has led large professional sales and relationship management organizations across the globe, and built fast growing teams of client facing professionals to support sales, relationship and marketing efforts for a $250 million revenue division. He has also led a partnerships and alliance program with over 200 leading service partners, vendors and technology providers.

Matthews product expertise includes client lifecycle management across client onboarding, know-your-customer (KYC), client negotiations and tech enabled contracting, collateral and margin management, syndicated loans and trade processing, clearing, settlement and payment services, client reference data, artificial intelligence, blockchain and smart contracting.

Lewis was named to the Financial News 40 Under 40 Rising Stars of Trading and Technology list in 2013.

Lewis is also an Advisory Board Member of LegalUp, an innovative provider of internet-based (SaaS) legal contract and document automation software.

Lewis received his executive MBA from the University of Chicago Booth School of Business in 2014.

Bruce Daise

Vice President, Deputy General Counsel & Chief Privacy Officer
H&R Block

Bruce has been a member of H&R Block’s Legal Department since 2003 and currently leads the U.S. Client Services, Compliance & International Group.

In this role, he has legal oversight responsibility for H&R Block’s global tax return preparation businesses including marketing, privacy, franchising, and intellectual property. He also has operational oversight for H&R Block’s privacy, compliance and anti-fraud programs. H&R Block is one of the world’s largest tax services providers offering tax return preparation services through more than 10,000 company-owned and franchised retail tax offices and through its do-it-yourself tax preparation solutions.

Bruce obtained his J.D. from the University of Kansas School of Law.

Brock Wanless

Managing Counsel - Global Privacy & Regulatory

Based out of Groupon’s Chicago headquarters, Brock Wanless is Groupon’s Managing Counsel – Global Privacy & Regulatory. In this role, Brock manages Groupon’s Global Privacy and Regulatory team, which oversees privacy and data security (including GDPR compliance), regulatory compliance, consumer protection matters, and government affairs. Brock has over 14 years of diverse experience counseling and leading key regulatory initiatives for public companies, privately-held companies, and non-profit organizations.

Gretchen Herault

Senior Privacy Counsel, USCAN Privacy Leader & HIPAA Privacy Officer
GE Healthcare

Gretchen Herault is Senior Privacy Counsel at HE Healthcare. Prior to joining GE, she was the Chief Privacy Officer at Nuance Communications, and spent six years as Vice President, Compliance and Fraud Prevention and Deputy Chief Privacy Officer at Before joining the technology industry, Gretchen served as Executive Vice President and General Counsel at Graduate Leverage, and previously worked as regulatory and litigation counsel in the financial services industry for over ten years. She began her career clerking for the New Hampshire Superior Court.

Gretchen is a graduate of Williams College and a cum laude graduate of the University of Notre Dame Law School, where she was Research and Projects Editor of the Notre Dame Law Review. She is admitted to the bar in CT, NH, MA, and the United States Supreme Court. Gretchen holds the CIPP/US and CIPM certifications from the IAPP.

Similar Courses

Card image cap
77 minutes
§ 363 Sale Issues
Dive into Section 363 sales issues, including whether there are limits to “free and clear”; the GM conflict between Sections 365(h) and 363(f) (“lease-stripping”); sales free and clear of leasehold interests, restrictive covenants and override royalties; being free and clear of successorships in CBAs; selling free and clear of environmental liabilities (La Paloma, Exide); and loan-to-own strategies.

American Bankruptcy Institute


Add to Cart
Card image cap
63 minutes
2018 CA Consumer Privacy Act: The Big Tail Wagging the U.S.
In this session, two leading information governance attorneys will share why you need to and how you can be ready.



Add to Cart
Card image cap
60 minutes
2019 HIPAA Update: Enforcing Privacy & Security Standards
In this session, we will discuss the most critical issues in the HIPAA update and best practices for enforcing privacy & security standards in your company.



Add to Cart
Card image cap
97 minutes
26 Words that Created the Internet - Basics of the Communications Decency Act Section 230 Safe Harbor
This program will examine the basics of CDA 230 and its day to day affect for those who advise internet businesses as well as those who litigate against them. It will give practical guidance as to what extend internet companies can or should edit or censor the information their users contribute to their sites and to what extent those users will actually be liable.

New Media Rights


Add to Cart
Previous Next