BFI : logo

GDPR Planning & Preparation Conference for Employers - EVENT NOW SOLD OUT - We are re-running it again on the 29/6/17 Manchester and 28/9/17 London

Date Wednesday 05 July 2017
Venue London - Danubius Hotel Regents Park, London NW8 7JT
 

THIS EVENT HAS NOW SOLD OUT.

HOWEVER WE ARE RUNNING THE EVENT AGAIN ON THE 29TH JUNE IN MANCHESTER AND RE-RUNNING IT AGAIN ON THE 28TH SEPTMEBER IN LONDON.

PLEASE CLICK ON THE FOLLOWING LINKS TO GO TO THE EVENT AND BOOK YOUR PLACE:

MANCHESTER – 29TH JUNE 2017

LONDON – 28TH SEPTEMBER 2017

 

AGENDA

0900 Coffee & Registration

0930 CHAIR’S WELCOME AND OPENING REMARKS
Nicola McKilligan-Regan
Senior Partner Privacy Partnership
CEO Smart Privacy

0940 KEYNOTE ADDRESS: CURRENT AND FUTURE IMPACT OF GDPR ON UK EMPLOYERS
• Changes to current Data Protection: definitions and principles
• Privacy notices and fair processing
• Consent issues
• Anonymising and pseudonymising
• New documentation and record keeping requirements
• Changes to territorial scope
• International data transfers
Nicola McKilligan-Regan
Senior Partner Privacy Partnership
CEO Smart Privacy

1010 THE ROLE OF THE DATA PROTECTION OFFICER
• Do you need to appoint a dedicated DPO: what companies and organisations are affected?
• What if you don't: what are the pros & cons of appointing a GDPR DPO?
• What should your DPO's responsibilities be? Who should cover the role?
James Mullock
Partner
Bird & Bird

1055 Coffee break

1115  REVIEWING YOUR HR POLICY ON SECURITY AND RISK TO ENSURE YOU ARE COMPLIANT IN THE EVENT OF A DATA BREACH
• What needs to be in your policy?
• New record-keeping obligations
• Breach notifications and communication
• What needs to be included?
• Reporting obligations, timelines and penalties
• What are the exceptions to this rule? E.g. encryption
Liz Fitzsimons
Partner
Eversheds-Sutherland LLP
 
1200  ENSURING YOUR EMPLOYEE CONTRACTS ARE COMPLIANT
• Consent clauses – ‘freely and actively given’
• What are the limits on consent?
• Changes to subject access requirements
• Data restriction
• Accuracy and objections
• Right to erasure
• Transfer overseas
• Medical records and record retention
Kat Gibson
Partner
DLA Piper LLP

1245 Lunch

1345 AUDITING YOUR HR DATA AND DATA PROCESSES
• Conducting a privacy impact assessment
• Redrafting privacy notices
• What are alternative valid bases for processing personal data?
• What data are you holding?
• How is it processed?
• Who shares it and why?
• Staff training imperatives
James Leaton Gray
Director
The Privacy Practice

1430 AUDITING YOUR THIRD PARTY PROCESSES: ENSURING COMPLIANCE FROM SUPPLIERS
• Crucial vetting and checking steps
• Due diligence and supplier audits
• Key questions for your third party suppliers: occupational health, payroll providers etc.
• Moving away from employee consent
• Establishing where liability lies
Georgina Lawrence
Associate
Fieldfisher LLP

1515 Afternoon Tea

1535 CASE STUDY: QBE’s JOURNEY TOWARDS COMPLIANCE
Iain Heron
Enterprise Information Architect
QBE European Operations
 
1620 PANEL: HR PRACTICALITIES- COMPONENTS OF A REALISTIC PLAN
James Leaton Gray
Director
The Privacy Practice

Iain Heron
Enterprise Information Architect
QBE European Operations

Kat Gibson
Partner
DLA Piper LLP

Nicola McKilligan-Regan
Senior Partner Privacy Partnership
CEO Smart Privacy

1700 End of Conference