Date
24 04 2017

Time
1:30 pm - 5:30 pm

Location
Technologielaan 1
Mechelen
2800 Belgium

The GDPR ‘due-date’ of 25 May 2018 seems far away, but many organisations will need a lot of preparation to ensure full compliance with this new EU data protection regime. Belgian associations CIOforum and Beltug, and international organisations EuroCIO and INTUG, are collaborating on this event that aims to work with our members to find answers to companies’ shared questions.

We will put a lot of focus on IT vendor assessment, specifically on discussions regarding joint initiatives.

Please register here (via the Beltug website).

Agenda

13:30 Welcome coffee

14:00 Welcome and introduction

Erwin Verstraelen, CIO, AVEVE & President, CIOforum

Danielle Jacobs, General Manager, Beltug; President, INTUG

14:15 The GDPR – should you care? (In brief: Yes!)

Companies are now hard at work preparing to implement the stringent new requirements. Get an overview of the most significant points of interest in the GDPR, including the recent decisions of the WP29, and insights on the clauses you need to foresee in your IT contracts.

Peter Van Dyck, Senior Associate, Allen & Overy

14:45 AVEVE’s GDPR experience

Discover the true story of AVEVE’s experiences heading towards GDPR compliance. Ilse Winters shares best practices, discusses the uncertainties in the regulation, explains the pitfalls, and sheds light on how AVEVE sees their compliance efforts going forward. She also explains why your GDPR project must be a team effort – including not only IT, but also legal and the business units.

Ilse Winters, Director Legal, AVEVE

15:15 Q&A: Your questions, your experience

15:30 Coffee break

16:00 Towards a Code of Conduct for cloud providers

Cloud customers must be able to trust a Cloud Service Provider (CSP), before handing over their data and applications. Following the creation of a draft Code of Conduct for CSPs, the General Assembly of the Cloud Code of Conduct has been set up. The goal is for members to be optimally prepared for the GDPR’s entry into force, and develop steps for implementing the Code.  With both EuroCIO and INTUG involved in this initiative, we will discuss the next steps.

Jörn Wittmann, Managing Director, Self and Co-Regulation for an Optimized Policy Environment in Europe, SCOPE Europe

16:30 Joint initiative towards the major IT suppliers

Beltug has defined the main questions to ask your IT supplier in order to ensure compliance with the GDPR. We will present this initiative and discuss with the audience how to extend it to the international level, with which IT providers, etc.

Jean-Pierre Bernaerts, CIO, Indaver

Danielle Jacobs, General Manager, Beltug; President, INTUG

17:00 The view of the European Commission

After a short introduction of EuroCIO, Freddy Van den Wyngaert, Secretary General at EuroCIO, will talk about the association’s collaboration with the European Commission, and will present Pierre Chastanet.
Pierre Chastanet will discuss how the European Commission supports the development by the industry of cloud-specific Codes of Conduct, and the cooperation between the EC and the business users.

Pierre Chastanet, Deputy Head of Unit for Cloud and Software, European Commission

17:15 Q&A: Your questions, your suggestions

17:30 Wrap up and end of session