PRACTICAL DATA PROTECTION

A step-by-step and up to the minute guide to meeting the practical requirements of the DPA and its codes if practice.

 

The new General Data Protection Regulation (GDPR) means that Data Protection practitioners and their colleagues need to ensure that their DP skills and knowledge are up-to-date. With a new emphasis on privacy by design, DP Officers will have to conduct PIAs, audit their organisation’s DP compliance, and advise their employers on the risks they face.

 

Manchester
17th October 2016

 

£285 + vat (Lunch and refreshments included)

 
 
 

“Give a user friendly input to a complicated subject. Very helpful“
HC, West Yorkshire Police

"Really useful practical tips for engaging organisations."
LF, Kirklees Council

 

SPEAKER
Paul Gibbons 
is an expert in information rights law especially the Freedom of Information Act. He has worked for the UK Parliament, the London Mayor, a London Healthcare Trust and the University of London. He is regularly invited to speak and write about information rights matters. 

 
 
 

PROGRAMME – 10:00AM – 4:00PM

Overview

  • challenges facing the Data Protection Officer
  • where to go for help
  • getting in shape – governance

General Data Protection Regulation (GDPR) & BREXIT

  • The implications of BREXIT for the new
  • DP law
  • Key differences between DPA and GDPR
  • How to prepare for GDPR (or whatever comes next)

Collecting personal data & transparency

  • drafting a privacy notice
  • relying on consent – opt-in or opt-out?
  • Marketing
  • the effect of GDPR on collection of data

Privacy impact assessments

  • what is a privacy impact assessment (PIA)?
  • GDPR and PIAs
  • when should PIAs be carried out?
  • how to carry out a PIA
  • keeping PIAs under review

Data Protection Audits

  • gathering evidence
  • interview techniques
  • collating and analysing data
  • reporting findings and taking action

Information security & records management

  • security risks and how to manage them
  • reporting data breaches
  • DPA & GDPR requirements for records management.