BFI : logo

GDPR Planning & Preparation Conference - EVENT NOW SOLD OUT - RE-RUNNING 29/6/17 Manchester and 5/7/17 London

Date Wednesday 31 May 2017
Venue London - Danubius Hotel Regents Park, London NW8 7JT
 

 

THIS EVENT HAS NOW SOLD OUT.

HOWEVER WE ARE RE-RUNNING THE EVENT AGAIN ON THE 29TH JUNE IN MANCHESTER AND AGAIN ON THE 5TH JULY 2017 IN LONDON.

PLEASE CLICK ON THE FOLLOWING LINKS TO GO TO THE EVENT AND BOOK YOUR PLACE:

MANCHESTER – 29TH JUNE 2017

LONDON – 5TH JULY 2017

 

“The most important change in data privacy law in twenty years”

AGENDA

0900 Coffee & Registration

0930 CHAIR’S WELCOME AND OPENING REMARKS
Katherine Gibson

Senior Associate
DLA Piper LLP

0935 KEYNOTE ADDRESS: CURRENT AND FUTURE IMPACT OF GDPR ON UK HR PROFESSIONALS
• Changes to current Data Protection: definitions and principles
• Privacy notices and fair processing
• Consent issues
• Anonymising and pseudonymising
• New documentation and record keeping requirements
• Changes to territorial scope
• International data transfers
David Smith
Special Advisor
Allen & Overy LLP/

Former Deputy Commissoner
Information Commissoner's Office (ICO)

1015 OVERDOING GDPR SECURITY - WHEN DATA PROTECTION BECOMES BUSINESS PREVENTION
GDPR Requirements for Data Security
Common implementation mistakes
The battle between HR and Security
Killing employee morale
The pros and cons of Shadow IT
Embracing the corporate culture
Enabling good practice
Carl Gottlieb
Consulting Director
Cognition Secure Ltd.

1055 Coffee break

1115 THE ROLE OF THE DATA PROTECTION OFFICER
• Do you need to appoint a dedicated DPO: what companies and organisations are affected?
• What if you don't: what are the pros & cons of appointing a GDPR DPO?
• What should your DPO's responsibilities be? Who should cover the role?
Heledd Loyd-Jones
Senior Associate
Bird & Bird

1155 REVIEWING YOUR HR POLICY ON SECURITY AND RISK TO ENSURE YOU ARE COMPLIANT IN THE EVENT OF A DATA BREACH
• What needs to be in your policy?
• New record-keeping obligations
• Breach notifications and communication
• What needs to be included?
• Reporting obligations, timelines and penalties
• What are the exceptions to this rule? E.g. encryption
Paula Barrett
Global Head of Privacy and Information Law
Eversheds-Sutherland

1235  ENSURING YOUR EMPLOYEE CONTRACTS ARE COMPLIANT
• Consent clauses – ‘freely and actively given’
• What are the limits on consent?
• Changes to subject access requirements
• Data restriction
• Accuracy and objections
• Right to erasure
• Transfer overseas
• Medical records and record retention
Katherine Gibson
Senior Associate
DLA Piper LLP

1315 Lunch

1415 AUDITING YOUR THIRD PARTY PROCESSES: ENSURING COMPLIANCE FROM SUPPLIERS
• Crucial vetting and checking steps
• Due diligence and supplier audits
• Key questions for your third party suppliers: occupational health, payroll providers etc.
• Moving away from employee consent
• Establishing where liability lies
Georgina Lawrence
Associate
Fieldfisher LLP

 1455 AUDITING YOUR HR DATA AND DATA PROCESSES
• Conducting a privacy impact assessment
• Redrafting privacy notices
• What are alternative valid bases for processing personal data
• What data are you holding?
• How is it processed?
• Who shares it and why?
• Staff training imperatives
David Alexander
Data Privacy Manager
Travelex

1535 Afternoon Tea

1555  CASE STUDY: QBE'S JOURNEY TOWARDS COMPLIANCE
Iain Heron
Enterprise Information Architect
QBE European Operations

1635 EXPERT PANEL WITH Q&A: OUTSTANDING QUESTIONS AND ISSUES
Iain Heron
Enterprise Information Architect
QBE European Operations

Georgina Lawrence
Associate
Fieldfisher LLP

Carl Gottlieb
Consulting Director
Cognition Secure Ltd.

1705 Wrap Up & End of Conference