Steve Puiszis Authors Comprehensive Overview of EU's GDPR Privacy Law in Journal of the Professional Lawyer

Hinshaw partner Steve Puiszis—who also serves as the firm's General Counsel Privacy, Security and Compliance—has authored a comprehensive overview of the EU General Data Privacy Regulation (GDPR), published by the American Bar Association in the 2018 Journal of the Professional Lawyer.

Described by one privacy expert as both "staggeringly complex" and "intentionally ambiguous," the GDPR is intended to establish a uniform data privacy law across the 28 Member States of the EU and three countries comprising the European Economic Area (EEA). In his article, Puiszis seeks to provide clarity on the issues that the GDPR raises for law firms and their clients in the United States.

Topics covered in the overview include:

• Scope and territorial reach of the GDPR
• Data processing requirements
• Data security obligations
• Consent under the GDPR
• Data subjects' rights under the GDPR
• Privacy notifications
• Vendor management
• Record keeping
• Breach notification
• Penalties for noncompliance
• Ethical and professional responsibility issues
• Recommended steps for U.S. law firms and companies.

Download a copy of the article (PDF)

©2019 by the American Bar Association. Reprinted with permission. All rights reserved. This information or any or portion thereof may not be copied or disseminated in any form or by any means or stored in an electronic database or retrieval system without the express written consent of the American Bar Association. The Journal of The Professional Lawyer is published annually by the ABA Center for Professional Responsibility.

.@StevePuiszis has authored a very comprehensive overview of the EU's GDPR privacy law. If you are a U.S. law firm or company potentially subject to the territorial reach of the GDPR—you don't want to miss this guide. https://t.co/gsyqvTx7sP

— Hinshaw & Culbertson (@hinshaw)