From a “Nice-To-Have” to a “Must-Have”: How is your Organization prepared for Data Retention requirements in the New & upcoming Privacy Laws


Date: Wednesday, September 15, 2021

Time:  2:00 p.m. ET | 11 a.m. PT

Cost: Complimentary

Sponsored by:

Consumers around the world are demanding more protection for their personal information. Data breaches are daily occurrences, and the scope of privacy has widened to include how your organization limits the risk of improper use or exposure of personal data. While the demand to remove data once its purpose is fulfilled has been part of GDPR from the beginning, pressure is mounting due to new retention period disclosure rules in the recently adopted CPRA.  

Not having the discipline and resources to fully implement retention requirements can have costly consequences, like in the recent fine imposed on the Mutual Insurance Group company- SGAM AG2R LA MONDIAL by the French regulator, the CNIL. The GDPR’s core principles are clear and are generally also echoed in privacy laws of jurisdictions outside the EU:

In this webcast, we will help you understand how the data retention requirements in privacy regulations differ from past obligations and use technology to establish synergies (relationships, applications, processes) around contextual data uses requested for litigation, audits and investigations forming the foundation for defensible legal and regulatory compliance decisions.

You’ll learn: 

  • How data retention for privacy is different from most existing data retention requirements
  • How to get the triple win of lower risk, reduced costs and compliance
  • How to make significant steps toward progress and compliance in just 60 days 


Constantine Karbaliotis

Counsel, privacy counsel/advisor/coach, virtual CPO/DPO

nNovation LLP

Constantine Karbaliotis is an expert in global privacy compliance and privacy management, with seventeen years’ experience in privacy, on both domestic and international levels, combining his legal acumen with understanding of technology and operational challenges. Constantine has fulfilled numerous roles in privacy, first and most recently as a consultant. Constantine has also acted as privacy officer and leader for two multinational organizations, where he managed the company’s internal compliance and the development and implementation of privacy programs, dealing with diverse areas of international privacy and data protection. During his career, he has also led a team of privacy advisors at a prominent software company serving privacy offices, developing expertise in solutions that support privacy compliance and automation including implementing technologies and processes for major multinationals. Constantine’s experience has helped clients build effective privacy programs to comply with Canadian, US and EU legislation (including GDPR), to remain compliant with ever-increasing regulation and expectations.


Amy S. Mushahwar


Alston & Bird

Amy Mushahwar is a partner on the Privacy, Cyber & Data Strategy team. Amy has over 20 years of experience in the technology space and focuses her practice on data security, cyber risk, privacy, and emerging technologies. Amy advises clients on proactive data security practices, data breach incident response, and regulatory compliance. She handles security incidents and has interacted with federal and state agencies and forensic service providers, overseen investigations, and designed post-incident response notification and remediation plans. In addition to her incident response work, Amy provides compliance support on applicable security laws, PCI-DSS, and security audit standards such as NIST. She also facilitates in-depth security incident simulations. [READ MORE]


Robert Fowler

Director of Strategic Partnerships


Robert Fowler is the Director of Strategic Partnerships at Exterro. Robert has over a decade of experience helping legal, compliance, privacy and IT executives in the areas of information governance, data mapping, data minimization, and third-party diligence. He has helped hundreds of leading companies develop and maintain comprehensive data inventories to comply with expanding data privacy regulations and implement defensible data minimization and deletion strategies to dramatically reduce the amount of email, electronic information and paper records.

His extensive experience and knowledge of information governance and data privacy requirements enables him to help clients establish effective processes for ongoing compliance. Robert has worked with executives at companies including J. Crew, Smith & Wesson, Louis Vuitton, Brown Brothers Harriman, Raymond James and Newell Rubbermaid.

Robert is a Certified Information Privacy Professional, (CIPP/US) and has an M.B.A., Masters of Business Administration from Webster University.


Having issues seeing the form? Click here!

Questions? Please email [email protected] or call at (212) 457-4981