BFI : logo

GDPR Planning & Preparation Conference for Employers (5th Edition) London

Date Wednesday 05 July 2017
Venue London - Danubius Hotel Regents Park, London NW8 7JT
 

The programme below is currently being confirmed and we will be updating the agenda and confirming speakers over the course of the next few days.

 

AGENDA

0900 Coffee & Registration

0930 CHAIR’S WELCOME AND OPENING REMARKS
Ardi Kolah
Executive Fellow & Co Director, GDPR Transition Programme
Henley Business School

0945 KEYNOTE ADDRESS: CURRENT AND FUTURE IMPACT OF GDPR ON UK EMPLOYERS
* Changes to current Data Protection: definitions and principles
* Privacy notices and fair processing
* Consent issues
* Anonymising and pseudonymising
* New documentation and record keeping requirements
* Changes to territorial scope
* International data transfers
Ardi Kolah
Executive Fellow & Co Director, GDPR Transition Programme
Henley Business School

1015 THE ROLE OF THE DATA PROTECTION OFFICER
* Do you need to appoint a dedicated DPO: what companies and organisations are affected?
* What if you don't: what are the pros & cons of appointing a GDPR DPO?
* What should your DPO's responsibilities be? Who should cover the role?
James Mullock
Partner
Bird & Bird

1100 Coffee break

1115  ENSURING YOUR EMPLOYEE CONTRACTS ARE COMPLIANT
* Consent clauses – ‘freely and actively given’
* What are the limits on consent?
* Changes to subject access requirements
* Data restriction
* Accuracy and objections
* Right to erasure
* Transfer overseas
* Medical records and record retention
Kat Gibson
Employment & Data Protection Specialist
DLA Piper LLP

1200 AUDITING YOUR THIRD PARTY PROCESSES: ENSURING COMPLIANCE FROM SUPPLIERS
* Crucial vetting and checking steps
* Due diligence and supplier audits
* Key questions for your third party suppliers: occupational health, payroll providers etc.
* Moving away from employee consent
* Establishing where liability lies
Georgina Lawrence
Associate
Fieldfisher LLP

1245 Lunch

1345  REVIEWING YOUR HR POLICY ON SECURITY AND RISK TO ENSURE YOU ARE COMPLIANT IN THE EVENT OF A DATA BREACH
* What needs to be in your policy?
* New record-keeping obligations
* Breach notifications and communication
* What needs to be included?
* Reporting obligations, timelines and penalties
* What are the exceptions to this rule? E.g. encryption
Liz Fitzsimons
Partner
Eversheds LLP

1430 AUDITING YOUR HR DATA AND DATA PROCESSES
* Conducting a privacy impact assessment
* Redrafting privacy notices
* What are alternative valid bases for processing personal data
* What data are you holding?
* How is it processed?
* Who shares it and why?
* Staff training imperatives

1515 Afternoon Tea

1530 CASE STUDY
Steve Hewitt (Invited)
HR Director
Lumesse

1615 PANEL: HR PRACTICALITIES- COMPONENTS OF A REALISTIC PLAN
Steve Hewitt (Invited)
HR Director
Lumesse

Tom Southgate (Invited)
HR Operations & Insights Manager
CIPD

1645 End of Conference