The video record of the conference is available at: https://lnkd.in/eQT8gN8

On 25 May 2021 AZOP hosted the conference titled “GDPR 3 years on: The experiences and challenges of the European SMEs”. The conference was organized by the Croatian Personal Data Protection Agency together with partners in the ARC project, Data Protection Commission Ireland, Vrije Universiteit Brussel, and in cooperation with the Croatian Chamber of Economy, within the EU project ARC – Awareness Raising Campaign on data protection for micro, small and medium-sized enterprises (SMEs), co-financed by the European Union’s “Rights, Equality and Citizenship” programme. 

There are 22 million SMEs in the EU who form the core of the EU enterprise policy. 9 out of every 10 enterprises in the EU is an SME and they are understood to generate two out of every three jobs. Given this, it is a policy objective of the European Commission to promote entrepreneurship and improve the business environment for SMEs. We are honored and delighted that Mr Olivier MicolHead of Unit Data Protection, Directorate-General for Justice and Consumers, European Commission participated at the Conference as a keynote speaker, and in this way gave us support in our efforts to help SMEs to comply with the GDPR.

PROGRAMME:

11:00 – 11:15

  • presentation of the promotional ARC video, (available at https://www.youtube.com/watch?v=HxF92keG4Ss)
  • introductory speeches:
  • Mr Zdravko Vukić, director of Croatian Personal Data Protection Agency
  • Mr Petar Mišević, Croatian Chamber of Economy, Advisor of the President and Head of the Department for Education, Quality and Information security
  • Mr Žarko Tušek, member of the Croatia Parliament and Envoy of the President of the Croatian Parliament
  • Mr Josip Salapić, State Secretary of the Ministry of Justice and Administration and Envoy of the Croatian Government
  • Ms Nataša Tramišak, Minister of Regional Development and EU funds of the Republic of Croatia

11:15 – 11:25 keynote speech, Mr Olivier Micol, Head of Unit Data Protection, Directorate-General for Justice and Consumers, European Commission

11: 25 – 12:25 – panel discussion in English “The impact of the GDPR across  the industries: state of play and future developments”

Moderator: Mr. Tihomir Katulić, Ph.D., Asst. Prof. Faculty of Law, University of Zagreb

Panelists: Mr. Igor Vulje, Deputy Director of the Croatian Personal Data Protection Agency, Ms. MB Donnelly, Assistant Commissioner at Data Protection Commission Ireland (DPC), prof. Dr. Paul de Hert, Vrije Universiteit Brussels – Tilburg University, Mr. Paolo Balboni, Ph.D., ICT Legal Consulting, professor of Privacy & Cybersecurity Law at Maastricht University, Ms. Marija Bošković Batarelo, lawyer, Parser compliance, and Mr. Marijan Bračić, Data Privacy Manager, Business Intelligence

12:25 – 12:35 – break

12:35 – 13:35 – panel discussion in Croatian “How the General Data Protection Regulation impacts the Croatian small and medium-sized enterprises”

Moderator: Ms Sanja Smiljanić Grubišić, journalist, Croatian National TV

Panelists: Mr. Zdravko Vukić, Director of the Croatian Personal Data Protection Agency, Ms. Dijana Kladar, lawyer, Ms. Natalija Parlov Una, certification auditor of information security and privacy (TÜV NORD), Mr Tihomir Katulić , Ph.D., Asst. Prof. Faculty of Law, University of Zagreb, Mr. Igor Barlek (GDPR CROATIA)

13:35 – 13:50 – Q&A

The aim of this conference was to raise awareness of the importance of personal data protection among micro, small and medium-sized enterprises, but also among the general public.

Experts in the field of data protection, information security, representatives of regulatory bodies and members of the EU ARC project Supervisory Committee addressed the issues and challenges faced by Croatian and European SMEs in harmonizing business processes with the GDPR:

Mr. Zdravko Vukić, Director of the Croatian Personal Data Protection Agency, Mr. Igor Vulje, Deputy Director of the Croatian Personal Data Protection Agency, Ms. MB Donnelly, Assistant Commissioner at Data Protection Commission Ireland (DPC), prof. Dr. Paul de Hert from Vrije Universiteit Brussels – Tilburg University, Mr. Paolo Balboni, Ph.D., ICT Legal Consulting, professor of Privacy & Cybersecurity Law at Maastricht University, Ms. Dijana Kladar, lawyer,  Ms. Natalija Parlov Una, certification auditor of information security and privacy (TÜV NORD), Mr Tihomir Katulić , Ph.D., Asst. Prof. Faculty of Law, University of Zagreb, Mr. Igor Barlek (GDPR CROATIA), Ms. Marija Bošković Batarelo, lawyer, (Parser compliance) and Mr. Marijan Bračić (Business Intelligence).

The first panel discussion in English The impact of the GDPR across the industries: state of play and future developments” was moderated by Mr Tihomir Katulić, Ph.D., Asst. Prof. Faculty of Law, University of Zagreb, while representatives of supervisory bodies, IT sector and GDPR experts will discuss the impact of GDPR across the industries. What are the experiences and findings of the Croatian DPA, Irish DPA and Vrije University Bruxelles during the implementation of the ARC project, aimed to support SMEs in their effort to comply with the GDPR? How can DPAs help SMEs to reach better data protection compliance? Do SMEs need more practical and easily manageable tools for GDPR compliance?  What is it like to be a regulator in the era of AI and society transformation?  Does GDPR slow down and holds back the development of IT technologies and innovation? Can the GDPR, the ePrivacy Directive and the new regulations in the field of Artificial Intelligence respond to the challenges in the age of big data, IoT and Industry 4.0? Is there an adequate IT solution to align business with GDPR? How will the Digital Services Act and the Digital Markets Act affect small and medium-sized enterprises? These were some of the questions that the panelists discussed.

The second panel discussion in Croatian entitled “How  the General Data Protection Regulation impacts the Croatian small and medium-sized enterprises” was moderated by Ms. Sanja Smiljanić Grubišić, HRT journalist and editor of the show Consumer Code, and panelist were discussing topics in the field of data protection that are relevant for Croatian entrepreneurs. What is the level of data protection awareness among SMEs three years after the full implementation of the GDPR? What problems do they most often encounter and what are their doubts when harmonizing with the data protection legal framework? What is the role of the data protection supervisory authority and should SMEs be afraid of penalties? Are citizens even aware of their rights of personal data protection and do they exercise them? These were just some of the questions that the panelists have answered. It was emphasized  that small and medium-sized enterprises represent more than 99% of the total number of all enterprises in the Republic of Croatia. The conference “GDPR 3 years on: The experiences and challenges of the European SMEs” focused on the experiences and needs of small and medium-sized enterprises in the implementation of the GDPR, which during the COVID-19 pandemic became the most vulnerable part of the economic system in Croatia and in the European Union

In order to provide SMEs with the necessary support in complying with the GDPR, Croatian Personal Data Protection Agency has been coordinating the implementation of the EU project ARC-Awareness Raising Campaing for SMEs since March 2020. (data protection awareness campaigns for micro, small and medium-sized enterprises), co-financed by the European Union’s Rights, Equality and Citizenship Programme.  The ARC aims to support SMEs in aligning with the GDPR through the implementation of various project activities, such as conducting interactive worskops and developing educational materials tailored to the specific needs of micro, small and medium-sized enterprises. Project activities will run until March 2022. The Croatian Chamber of Economy provides support to AZOP in the organization and implementation of all activities.