14:35 - 14:40
Data Protection Summit - Chair's Opening Remarks
Catherine Easton, Lecturer in Law, Lancaster University
Enabling Data Protection and Use with Privacy Enhancing Technologies
- The Road towards PETs: How do you decide whether the technology is necessary and which approach is best for you?
- Can PETs fulfil organisational needs including GDPR compliance and could they create new opportunities for your organisation?
- The DPO perspective on privacy
- What’s next? What could regulators do to help/guide PETs adoption?
Dr Natasha McCarthy, Head of Policy – Data, The Royal Society
Emma Butler, Data Protection Officer, Yoti
Stuart Gunson, Deputy Head of the Data Services for Commissioners Live Service, NHS Digital
15:10 – 15:45
15:45 - 16:25
Post-GDPR Breach Response: Learning from Breach Scenarios
- The crucial 72 hours – How have organisations structured their response within the reporting window?
- How do we define impact and gravity to ensure that responses are measured?
- What’s the role of the DPO post breach and what varying approaches can be used to respond to the specific situation?
Stewart Room, President, National Association of DP and FOI Officers
Adrian Leung, Data Protection Officer, Equifax UK
The Delicate DPO Balancing Act: The Rights of the Data Subjects, the Needs of the Business and Legal Compliance
- Mapping the difference in how businesses expect to use Personally Identifiable
Information compared to how data subjects think their data is being used
- Anticipating the data subject’s gap in knowledge between their data protection
rights and what this translates into when making data requests
- Convincing businesses of what is realistic, and tempering their data use
appetite with lawful basis
Rhiannon Platt, Information Governance Manager and Data Protection Officer, Royal Devon and Exeter NHS Foundation Trust
16:45 - 17:05
Data Protection and Staff Monitoring: Essentials and Implications
- Defining monitoring and its legal basis and identifying practical problems in your current monitoring practices
- The importance of a gap analysis and assessment of your needs before implementing monitoring tools
- Justifying what you are doing, and gaining stakeholder buy in to build a sustainable monitoring programme
- Documentation, documentation, documentation. Getting your documentation in place and the difficulties associated with this