BFI : logo

GDPR Planning & Preparation Conference for Employers - (4th Edition) - Manchester

Date Thursday 29 June 2017
Venue Crowne Plaza Manchester City Centre, Manchester M4 4AF
 

The programme below is currently being confirmed and we will be updating the agenda and confirming speakers over the course of the next few days.

AGENDA

0900 Coffee & Registration

0930 CHAIR’S WELCOME AND OPENING REMARKS
Heledd Lloyd-Jones
Senior Associate
Bird & Bird

0945 KEYNOTE ADDRESS: CURRENT AND FUTURE IMPACT OF GDPR ON UK EMPLOYERS
* Changes to current Data Protection: definitions and principles
* Privacy notices and fair processing
* Consent issues
* Anonymising and pseudonymising
* New documentation and record keeping requirements
* Changes to territorial scope
* International data transfers
David Smith
Special Advisor
Allen & Overy LLP

Former Deputy Commissioner
Information Commissioner’s Office (ICO)

1015 THE ROLE OF THE DATA PROTECTION OFFICER
* Do you need to appoint a dedicated DPO: what companies and organisations are affected?
* What if you don't: what are the pros & cons of appointing a GDPR DPO?
* What should your DPO's responsibilities be? Who should cover the role?
Heledd Lloyd-Jones
Senior Associate
Bird & Bird

1100 Coffee break

1115  ENSURING YOUR EMPLOYEE CONTRACTS ARE COMPLIANT
* Consent clauses – ‘freely and actively given’
* What are the limits on consent?
* Changes to subject access requirements
* Data restriction
* Accuracy and objections
* Right to erasure
* Transfer overseas
* Medical records and record retention
Helen Hall
Employment Lawyer and Legal Director
DLA Piper LLP

1200 AUDITING YOUR THIRD PARTY PROCESSES: ENSURING COMPLIANCE FROM SUPPLIERS
* Crucial vetting and checking steps
* Due diligence and supplier audits
* Key questions for your third party suppliers: occupational health, payroll providers etc.
* Moving away from employee consent
* Establishing where liability lies
Rob Sheldon CIPP/E
Partner
Fieldfisher LLP

1245 Lunch

1345  REVIEWING YOUR HR POLICY ON SECURITY AND RISK TO ENSURE YOU ARE COMPLIANT IN THE EVENT OF A DATA BREACH
* What needs to be in your policy?
* New record-keeping obligations
* Breach notifications and communication
* What needs to be included?
* Reporting obligations, timelines and penalties
* What are the exceptions to this rule? E.g. encryption
Gayle McFarlane
Partner

Eversheds-Sutherland LLP

1430 AUDITING YOUR HR DATA AND DATA PROCESSES
* Conducting a privacy impact assessment
* Redrafting privacy notices
* What are alternative valid bases for processing personal data
* What data are you holding?
* How is it processed?
* Who shares it and why?
* Staff training imperatives

1515 Afternoon Tea

1530 CASE STUDY
Chloe Jennings (Invited)
HR Business Partner
NFU Mutual

1615 PANEL: HR PRACTICALITIES- COMPONENTS OF A REALISTIC PLAN
Carl Gottlieb
Consulting Director
Cognition

Chloe Jennings (Invited)
HR Business Partner
NFU Mutual

1645 End of Conference