LAW 602 - Applied Data Privacy Law for Regulated Industries: Managing Regulatory Change at Financial

While technology has far outpaced regulation in many areas of law, developments in privacy law has exploded in the last 5 years in an effort to keep up. Because of the structures put in place by GDPR and similar regulations, we are witnessing regular, incremental changes within the regulatory landscape at a rate that most organizations, even those in highly regulated industries adept at managing regulatory change, are struggling to adapt. The management of privacy law has required near constant evolution and maturation, and its application has grown increasingly sectoral in nature.

To better understand this problem and how future privacy practitioners will be challenged with solving for it, this course will explore a case study, using the financial services industry as our backdrop, to gain practical experience analyzing real-world questions about how to interpret and apply privacy requirements. The course will survey the key regulations (and regulators) in play, explore how organizations structure their risk management programs to identify, implement, and control for regulatory requirements, and then analyze how privacy requirements have disrupted these traditional legal and regulatory risk management models.