Practical LawConferences

• What do they both see as the major challenges?
• What is on the ICO’s agenda?
• Brexit: implications of the UK Data Protection Bill, impact on the regulator and on the European Commission
• What is their understanding of what each member state has been addressing?
• What is the engagement and vision beyond Britain and arranging adequacy?
• Are we negotiating with the right partners?
• Will member states’ use of derogations build a two tier privacy world, for those that do, and those that don’t use the derogations to the fullest extent?
• Can we learn from other regions and build global protections for consumers eg on cybersecurity?

This practical session will offer you insights from companies on how they plan to meet their accountability requirements by putting privacy at the front end.  Hear case studies of where they are now and how they plan to get to their end goal:

• How do you prioritise –  what can be decentralised to other parts of the business?
• Meeting accountability requirements and demonstrating compliance needs

A choice of one of the following options

To achieve GDPR compliance, it is essential that companies embrace cross-functional collaboration between privacy, IT security, legal, and leadership teams. In this session, we will focus on the privacy programme lifecycle from initial assessments to demonstrating on-going compliance, and where automation makes practical sense. You will learn how to leverage software to automate and integrate privacy management into business processes, and how to draw the line between what to automate and what needs a human driver.

Key Takeaways:

• How to best implement efficient and effective data handling practices in the face of the new GDPR requirements
• Learn how to use PIAs and data maps to document and track new initiatives and demonstrate compliance
• Practical tips for how privacy practitioners assess current practices to determine what can and cannot be automated

• Leveraging machine learning and AI algorithms to to defend against advanced cyber-threats
• How new immune system technologies enable you to pre-empt emerging threats and reduce incident response time
• How to achieve 100% visibility of your entire business including cloud, network and IoT environments
• Why automation is critical in enabling security teams, including DPO’s, to prioritise resources and tangibly lower risk
• Real-world examples of subtle, unknown threats that routinely bypass traditional controls

• Why appoint a DPO?
• Demonstrating compliance with the GDPR
• Skills, competencies and experience of the DPO?
• What they can expect to do in their first 100 days?
• Why training a senior manager to be the DPO could work
• Pitfalls in recruiting someone internally?
• Why outsourcing to Team DPO could be the workable solution you need right now?
• What you need to look for in an outsourcing arrangement?

• Identifying stakeholders willing to embed privacy across the business and securing buy in
• Putting privacy at the front end
• Engagement: Keeping your business involved and ensuring they understand its priorities
• Training and teaching
• How to communicate the benefits of privacy, not just the costs

• Is GDPR really offering you a competitive edge?
• Is data the currency of a company or an individual?
• Can or should  the law keep up?

A choice of one of the following options

This session will enable you to fully understand the consent framework and how you can put it into practice with examples of companies who are already using it. It will also examine alternative options to using consent as a basis for processing.

• Clarifying the terminology around ‘consent’
• Transferring consent to the new world: Transforming your consent framework
• What are the alternatives to consent?
• What commercial difference will it make to the business if you choose the alternatives?

• How is GDPR perceived outside of Europe?  How do different countries approach/view GDPR?
• Looking ahead – what can be done by companies now?
• What do we all have in common and can build on?
• How do you make your privacy ‘go global’?
• How do you reconcile working in a global company with offices in UK, Asia and / or USA?

Legislation is now fixed. Customers and suppliers have a level playing field. Both have a burden.  Who is accepting what contractual obligations when it comes to making the Cloud work with GDPR?

• What issues are key for (i) processors and (ii) controllers when negotiating contracts with GDPR language?
• Trying to negotiate with companies who don’t understand the implications that are happening. Assessing the impact of that process on your organisation
• How to build common industry positions around statutory requirements
• Article 28 – tips for practical implementation

• When will the regulation be finalised?
• Who will be affected?
• What does it mean from a direct marketing perspective?
• Understanding the impact of opt-ins and cookies
• How does the E-Privacy Regulation work alongside the GDPR and the NIS Directive?

• Leveraging data to be contributing to the bottom line
• Engendering trust and building a reputation based on protecting your customer’s data
• What are the opportunities for business, to make this harmonisation help us build revenue streams? What can be done now?

The page will be updated with further details on the agenda once they are confirmed.