BFI : logo

GDPR Planning & Preparation Conference for Employers - (4th Edition) - Manchester

Date Thursday 29 June 2017
Venue Crowne Plaza Manchester City Centre, Manchester M4 4AF
 

AGENDA

0900 Coffee & Registration

0930 CHAIR’S WELCOME AND OPENING REMARKS
Heledd Lloyd-Jones
Senior Associate
Bird & Bird

0935 KEYNOTE ADDRESS: CURRENT AND FUTURE IMPACT OF GDPR ON UK EMPLOYERS
* Changes to current Data Protection: definitions and principles
* Privacy notices and fair processing
* Consent issues
* Anonymising and pseudonymising
* New documentation and record keeping requirements
* Changes to territorial scope
* International data transfers
David Smith
Special Advisor
Allen & Overy LLP

Former Deputy Commissioner
Information Commissioner’s Office (ICO)

1015 AUDITING YOUR HR DATA AND DATA PROCESSES
* Conducting a privacy impact assessment
* Redrafting privacy notices
* What are alternative valid bases for processing personal data
* What data are you holding?
* How is it processed?
* Who shares it and why?
* Staff training imperatives
Razia Begum
Senior Associate
Taylor Vinters

Rachel Ashwood
Senior Counsel
Taylor Vinters

1100 Coffee break

1120  REVIEWING YOUR HR POLICY ON SECURITY AND RISK TO ENSURE YOU ARE COMPLIANT IN THE EVENT OF A DATA BREACH
* What needs to be in your policy?
* New record-keeping obligations
* Breach notifications and communication
* What needs to be included?
* Reporting obligations, timelines and penalties
* What are the exceptions to this rule? E.g. encryption
Gayle McFarlane
Partner

Eversheds-Sutherland LLP


1205  ENSURING YOUR EMPLOYEE CONTRACTS ARE COMPLIANT
* Consent clauses – ‘freely and actively given’
* What are the limits on consent?
* Changes to subject access requirements
* Data restriction
* Accuracy and objections
* Right to erasure
* Transfer overseas
* Medical records and record retention
Helen Hall
Employment Lawyer and Legal Director
DLA Piper LLP

1250 Lunch

1350 AUDITING YOUR THIRD PARTY PROCESSES: ENSURING COMPLIANCE FROM SUPPLIERS
* Crucial vetting and checking steps
* Due diligence and supplier audits
* Key questions for your third party suppliers: occupational health, payroll providers etc.
* Moving away from employee consent
* Establishing where liability lies
Rob Sheldon CIPP/E
Partner
Fieldfisher LLP

1435 THE ROLE OF THE DATA PROTECTION OFFICER
* Do you need to appoint a dedicated DPO: what companies and organisations are affected?
* What if you don't: what are the pros & cons of appointing a GDPR DPO?
* What should your DPO's responsibilities be? Who should cover the role?
Heledd Lloyd-Jones
Senior Associate
Bird & Bird

1520 Afternoon Tea

1540 THE ACCENTURE STORY
Louise Townsend
Senior Legal Counsel
Accenture

1610 PANEL: HR PRACTICALITIES- COMPONENTS OF A REALISTIC PLAN
Louise Townsend
Senior Legal Counsel
Accenture

Heledd Lloyd-Jones
Senior Associate
Bird & Bird

Rob Sheldon CIPP/E
Partner
Fieldfisher LLP

1650-1700 Closing remarks and end of conference