Agenda

08.40

REGISTRATION

09.20

CHAIRMAN’S WELCOME AND INTRODUCTIONS

  • Stewart Room President, National Association of Data Protection Officers

09.35

PANEL SESSION: Preparing for the new DP Regulation. What is it going to look like, how is it going to affect your business and what have you done to prepare?

  • What are the key changes in the DP Regulation reform that will have most operational impact on your business?
  • Have the data protection authorities fully grasped the challenges of the reform proposals for business and if not, what can be done to achieve proper engagement?
  • How should UK and European businesses prepare for EU data protection rules? What are the top actions to be taken?
  • What are the potential economic benefits of the EU data protection harmonisation?

10.25

PANEL SESSION: Enforcement action risks for organisations of multinational reach. Understanding regulation and enforcement trends in the US, Canada, the APEC countries, Europe and the impact for General Counsel and Data Protection Officers

  • Learning about the regulatory approaches and the current enforcement climate globally. Understanding where the differences are found
  • Analysing recent US enforcement cases for security, consents and transparency. What are the regulators really doing and why is it important for a General Counsel to take a truly international view?
  • How will European privacy regulations impact other continents?

 

11.15

COFFEE BREAK

11.35

STREAMED SESSIONS

SESSION A: Data protection in the Cloud and distributed supply chains for data processing and storage. Can organisations achieve an acceptable level of assurance about risk and is legal compliance really possible?

  • To what extent are businesses embracing new ways of working?
  • What are the main legal challenges?
  • How can your organisation go about ‘risk assessing’, ‘auditing’ or ‘monitoring’ these aspects of business so that legal risk is properly ascertained and managed?
  • Is the proposed Data Protection Regulation already out-of-date?

SESSION B: What is ‘Big Data’ ? What kind of ‘Big Data’ projects are commonly undertaken, how will ‘Big Data’ projects develop overtime and how can businesses tackle the privacy data protection and security challenges?

  • Identifying the current business interests in ‘Big Data’
  • Charting the likely trajectory of ‘Big Data’ projects into the future. Understanding the business and operational ramifications
  • Getting on top of the legal and regulatory challenges

12.25

PANEL SESSION: Analysing successful compliance programmes. What has worked and what hasn’t? Pitfalls to be avoided and lessons to be learned

  • Learning from the best practices of data protection compliance framework
  • The prioritisation of actions, balancing of risks and making hard choices while developing multi-jurisdictional/global compliance programmes
  • Understanding regulation and enforcement trends abroad and creating  longevity to the multinational compliance regimes and risk assessments
  • Managing, enforcing and monitoring third-party compliance
  • Rosemary Jay Senior Attorney, Hunton & Williams
  • Mark Keddie Chief Privacy Officer, BT Group
  • Rachel Greening Group Information Risk Manager and Data Protection Officer, Nuffield Health
  • Andreas Klug Privacy & Data Protection Counsel, Vice President, Mastercard – DataCash and Access Prepaid Worldwide, Mastercard Europe
  • Fred Houwen Deputy General Counsel and Group Compliance Officer, Reckitt Benckiser

13.15

LUNCH

14:00

Data Protection in the UK: Meeting the Challenges Ahead

  • Regulating in an age of uncertainty
  • Identifying and addressing the data challenges
  • What this means for the Information Commissioner’s Office
  • David Smith Deputy Commissioner and Director of Data Protection, Information Commissioner’s Office

14.30

STREAMED SESSIONS

SESSION A: Strengthening individuals’ rights. What do General Counsel and Data Protection Officers need to know?

  • Analysing the true meaning and the implications of the “Google “right to be forgotten” case”. How to manage the changes this will lead to?
  • Learning how General Counsel, Data Protection Officers and other privacy professionals can prepare their organisation to fulfil the “right to be forgotten”, “right to erasure” and the “right to data portability” and data subject access
  • Understanding the importance of a comprehensive strategy covering data classification, retention, collection, destruction, storage and search
  • Is it now time to rethink strategies for Privacy Impact Assessment?

SESSION B: Access to personal data, networks and systems by intelligence agencies and law enforcement agencies. Edward Snowden’s disclosures raise many questions of fundamental importance about how the business sector engages with t

  • What legal and ethical obligations apply to these engagements?
  • How operational processes and measures should be put in place to ensure the proper handling of requests for assistance from the authorities?
  • How should business manage the conflicts between the interests of intelligence agencies and law enforcement agencies and the interests of their customers and consumers?
  • Are businesses under a legal duty to now adjust their systems and operations to reduce the risk of surveillance and data access by the authorities?  Can we still send data to the United States, or is nowhere safe?

15.20

COFFEE BREAK

15.40

PANEL SESSION: Infrastructures and agencies for cyber security. How can General Counsel and Data Protection Officers benefit from the Cyber Security Information Partnership, the “10 Steps to Cyber Security”, the “Cyber Security Essentials” and other government initiatives?

  • Understanding the cyber security threat landscape and evaluating its impact on different industry sectors
  • Minimising cyber security risks – what do you need to learn?
  • Outlining the most effective cyber security measures
  • Stewart Room President, National Association of Data Protection Officers
  • Jessica Barker Independent Cyber Security Consultant, J L Barker
  • Stephen Page Non-Executive Director and Boardroom Advisor,

16.30

PANEL SESSION: Avoiding data security breaches. Why do organisations fail? Analysing global case studies and learning how these examples could impact your business

  • Enhancing your incident management processes, your detection and response capabilities in organisations of multinational reach. How to manage data security breaches?
  • Dealing with data breach notifications in practice. Implementing a breach notification process
  • Systems and controls to avoid data privacy breaches. Effective implementation of a Data Leakage Prevention Programme
  • How should businesses deal with insider risks and third-party risks?

17.20

CLOSING COMMENTS FOLLOWED BY “MEET THE EXPERT CHAMPAGNE INTERACTIVE SESSIONS” AND NETWORKING DRINKS RECEPTION

After the closing comments delegates and speakers will be invited to join “meet the expert champagne interactive sessions”  where participants will be split into groups by industry. Discussions in each group will be chaired by the most respected privacy professionals in the UK and abroad.

Those exclusive sessions will enable you to ask any burning questions you have left and network with your peers in the most relevant and beneficial industry environment