Skip to main content
Hafan

DPPC+

There’s always too much content to squeeze into one day! Our recorded DPPC+ videos offer bonus content on topics you’ve told us you’re interested in.

 

Cyber Essentials Readiness Tool  

Cyber Essentials is designed for every organisation, regardless of its size, sector, or the background and experience of its business owners and staff. For those without an IT team, the technical aspects of cyber security can sometimes feel overwhelming and may seem like a barrier to getting started. Recognising the importance of addressing this critical gap IASME is committed to developing support and guidance that starts at beginner level and speaks in jargon-free language.  
The Cyber Essentials Readiness Tool is a great starting point. This free online resource helps you understand how your organisation's current cyber security measures compare with the requirements of Cyber Essentials.  
In this video, Emma from the National Cyber Security Centre and IASME’s Chris Pinder shed some light on the Cyber Essentials certification process and show how easy it is to get started with the Readiness Tool.  

Presenters: 

Chris Pinder, IASME  

 

LGA's cyber incident grab bag

The LGA’s Cyber Incident Grab Bag is a practical, easy-to-use resource designed to support local government t Cyber Essentials is designed for every organisation, regardless of its size, sector, or the background and experience of its business owners and staff. For those without an IT team, the technical aspects of cyber security can sometimes feel overwhelming and may seem like a barrier to getting started. Recognising the importance of addressing this critical gap IASME is committed to developing support and guidance that starts at beginner level and speaks in jargon-free language. 

The Cyber Essentials Readiness Tool is a great starting point. This free online resource helps you understand how your organisation's current cyber security measures compare with the requirements of Cyber Essentials. 

In this video, Emma from the National Cyber Security Centre and IASME’s Chris Pinder shed some light on the Cyber Essentials certification process and show how easy it is to get started with the Readiness Tool. eams in responding effectively to cyber incidents, with a strong focus on protecting personal and sensitive data. Structured around four key stages - confirming the need to act, taking first steps, building confidence through response, and designing a recovery path - it provides actionable guidance, contacts, and tools to help organisations manage both service disruption and data risks. The guidance encourages proactive planning, early engagement with the ICO, and empathetic communication during breaches - critical elements in safeguarding public trust and ensuring regulatory compliance.

Presenters: 

Sarah Slate - Local Government Association, Advisor Cyber, Digital and Technology

Dave Sifleet  - Local Government Association, Senior Technical Adviser  Cyber, Digital & Technology

 

Lessons learnt from taking action

In this session Rachel and Ian talk about action taken with case study examples detailing what went wrong and how the ICO responded. We’ll give an outline of the lesson learned and useful tips on how to avoid similar mistakes in your organisation.

Running time: 13 minutes  

Useful links – mentioned in the video:

Presenters: 

 

An introduction to international transfers

Part one; What is a transfer?  

In Part 1 we’ll help you understand ‘what is ‘restricted transfer’? We’ll answer some common questions and explore who is responsible for complying with the transfer rules? We’ll use scenarios to add context.   

Part one running time 18 minutes (TBC upon final edit)   

 

Part two; How to make a transfer 

Watch part one first.  

In part two, we’ll look at how to make restricted transfers in a compliant manner. How to ensure your transfer is covered by one of: adequacy regulations, appropriate safeguards, or an exception. We’ll reflect back on the scenarios outline in part one.  

Approx running time: 10 minutes

Presenters: - please link to speaker bio 

  • Emma Ashworth, Group Manager International, Regulatory Strategy 
  • Kitty Rosser Principal Lawyer, Legal Service, Policy and Commercial 

 

We've had a breach, what happens next?

Approximate running time: 10 minutes

For those new to the topic, personal data breach basics provides an overview of how to recognise a breach, how to deal with a breach if one occurs and who organisations need to tell about it.

Presenter:

  • Rosina Harrison, Lead Case Officer, Personal Data Breach Service
  • David Meller, Lead Case Officer, Personal Data Breach Service

 

No need to panic: Simple ways to deal with SARs

Approximate running time: 13 minutes 

This session aims to make the SAR process easier for you by providing a practical understanding of how to deal with subject access requests. The session may be most useful for smaller organisations, but as we’ll give you practical advice on common issues you might face, the session will also be useful to any data protection specialist who is interested in tips and suggestions based on our real-life experience of answering everyday questions from organisations.

Presenter

  • Nomalungelo Dlodlo, Case Officer, Business Advice Services

 

The nuts and bolts of a cyber investigation

Approximate running time: 11 minutes  

This session considers the factors that help determine whether a cyber incident becomes an investigation, the methods of communication we use, our approach to an investigation and the types of evidence we may request from an organisation. There is also a brief introduction to some of the regulatory outcomes at our disposal. 

We recommend this video is watched as a follow up to the “We've had a breach, what happens next?” session.

Presenter

  • Tom Wilkinson, Principal Cyber Specialist

 

Ask the Apprentices

Approximate running time: 17 minutes

The Defra Group DPO and deputy DPO have established a Data Protection & Information Management Apprenticeship Programme to provide a pipeline of trained information rights professionals (DP and FOI) to fill future vacancies. 15 apprentices have been employed in departments across the Civil Service, including arms' length bodies and non-departmental public bodies such as the Environment Agency.

Presenters

  • Intro: Angela Balakrishnan, ICO Executive Director, Strategic Communications
  • Tim Beale, Aaron Ankrah, Amenemhet Asante, Ross McKay

 

Supply Chain Cyber Security

Approximate running time: 13 minutes

A presentation to help data controllers and processors understand the risks associated with supply chain attacks. Featuring an overview of controller and processor responsibilities under UK GDPR, a discussion of the issues that the ICO has observed during investigations and tips for priority actions to improve your compliance with UK GDPR. The session also provides practical advice on how to secure your environment from attacks that leverage managed service providers.

Presenter

  • Keith Turner, Principal Cyber Specialist

 

The UK BCR Addendum: how to speed up your application

Approximate running time: 11 minutes

Find out how the UK BCR Addendum (launched in December 2023) is working in practice and what steps you can take to speed up your application approval.

Presenters

  • Rebecca Carleton Bland, Principal Lawyer, Regulatory Assurance
  • Kerry O'Donnell, Senior Case Officer Regulatory Assurance, BCRs and International Transfers
  • Daniel Morgan, Senior Case Officer, BCRs and International Transfers

 

The FOI guide to the galaxy – a tour of our online resources

Approximate running time: 13 minutes

The guide takes a tour of the FOI section of the ICO website, going into relevant pages and explaining what resources we have, what’s new and what they can all be used for.

Presenter

  • Charlotte Dean, Lead Upstream Regulation Officer, FOI and Transparency

 

Data sharing to safeguard children

Approximate running time: 16 minutes 

Data protection law provides a framework to help ensure organisations and people share data to help safeguard children in a fair, proportionate and lawful way. However, we know that sometimes people can be unsure about what they can and can't share and worry about falling foul of the law. 

In this session we'll cover our top tips for sharing information to safeguard children to help support you in your work with children. We will reference our 10 step guide on information sharing to safeguard children and other data sharing guidance and materials. 

Presenters 

  • Sarah Lawrence, Senior Policy Officer
  • Hafeeza Joorawan, Senior Policy Officer

 

ICO’s Innovation Services

Approximate running time: 22 minutes 

This video covers the benefits of the ICO’s Innovation Services for businesses. That includes free advice and bespoke support, and help to embed data protection by design into new products and services at the pre-market stage. You’ll learn which of the ICO’s three Innovation Services are best for you - Innovation Advice, Innovation Hub, and the Regulatory Sandbox. 

Presenters 

  • Neil Ryan, Senior Policy Officer, Cross Economy Engagement  
  • Abigail Hackston, Senior Policy Officer, Innovation Advice and DPIAs
  • Sarah Kennedy, Senior Policy Officer, Regulatory Sandbox
  • Nicholas Patterson, Senior Policy Officer, Innovation Hub