The ICO exists to empower you through information.

There’s always too much content to squeeze into one day! Our recorded DPPC+ videos offer bonus content on topics you’ve told us you’re interested in.

We've had a breach, what happens next?

Approximate running time: 10 minutes

For those new to the topic, personal data breach basics provides an overview of how to recognise a breach, how to deal with a breach if one occurs and who organisations need to tell about it.

Presenters

No need to panic: Simple ways to deal with SARs

Approximate running time: 13 minutes

This session aims to make the SAR process easier for you by providing a practical understanding of how to deal with subject access requests. The session may be most useful for smaller organisations, but as we’ll give you practical advice on common issues you might face, the session will also be useful to any data protection specialist who is interested in tips and suggestions based on our real-life experience of answering everyday questions from organisations.

Presenter

Nomalungelo Dlodlo, Case Officer, Business Advice Services

NIS, Cloud and the public sector

Approximate running time: 10 minutes

This session is aimed at security managers, DPOs, IT managers and cyber security practitioners in the public sector who are using cloud services already or are thinking about moving to a cloud environment. We’ll cover:

  • the advantages of using cloud services;
  • how using cloud services changes your risk profile;
  • shared responsibility;
  • what the NIS regulations are and who is affected by them; and
  • techniques for assessing and improving your security posture.

Presenter:

Steve Connolly, Group Manager Assurance, Regulatory Assurance

Data sharing - the basics

Approximate running time: 11 minutes

This session aims to show that data protection law isn’t a barrier to data sharing.

There’s something for everyone regardless of your data protection experience – our aim is to simply explain what to take into account when considering sharing data and show you how you can do that.

We’ll explain how data sharing can happen where needed and give you pointers to make sure you do so appropriately, proportionately, and responsibly.

Presenter:

Rob Cole, Senior Engagement and Policy Officer, Business Advice Services

Employee monitoring: how your business can get it right

Approximate running time: 12 minutes

This session explains how data protection law applies to using surveillance technology in the workplace. It will help businesses understand if employee monitoring is right from them and can be carried out in a way that respects staff and complies with the data protection principles. Doing things right saves time and avoids future disputes. 

It is aimed at small-to-medium sized businesses, but is designed to ensure there is something of value for everyone.

Presenter:

Harry Powell, Senior Engagement and Policy Officer, Business Advice Services

Your data sharing tour guide – how to get the most out of our resources

Approximate running time: 15 minutes

This session will highlight the ICO’s data sharing resources, including:

  • the data sharing code of practice; and
  • other tools and resources on the data sharing web page.

We will explain how you can navigate both the code and data sharing page to find the information you need.

The session will also go through data sharing case studies that demonstrate how you can share personal information confidently and proportionately.

Presenters:

  • Daniel Newbury, Lead Policy Officer, Parliament and Government Affairs
  • Helen Thomas, Senior Policy Officer, Regulatory Strategy
  • Will Johnson, Senior Policy Officer, Regulatory Policy Projects

Better sharing using PETS

Approximate running time: 15 minutes

This session will explain what privacy-enhancing technologies (PETs) are, and how they can be useful when sharing personal data. Building on the ICO’s guidance, the session will cover different types of PETs, how you can use them and how they support data protection compliance. This session is aimed at organisations who are interested in data sharing, but who do not yet have a good understanding of PETs.

Presenter:

Clara Clark Nevola, Group Manager, Anonymisation and Encryption

The nuts and bolts of a cyber investigation

Approximate running time: 11 minutes

This session considers the factors that help determine whether a cyber incident becomes an investigation, the methods of communication we use, our approach to an investigation and the types of evidence we may request from an organisation. There is also a brief introduction to some of the regulatory outcomes at our disposal. 

We recommend this video is watched as a follow up to the “We've had a breach, what happens next?” session.

Presenter

Tom Wilkinson, Principal Cyber Specialist

Ask the Apprentices

Approximate running time: 17 minutes

The Defra Group DPO and deputy DPO have established a Data Protection & Information Management Apprenticeship Programme to provide a pipeline of trained information rights professionals (DP and FOI) to fill future vacancies. 15 apprentices have been employed in departments across the Civil Service, including arms' length bodies and non-departmental public bodies such as the Environment Agency.

Presenters

Intro: Angela Balakrishnan, ICO Executive Director, Strategic Communications

Tim Beale, Aaron Ankrah, Amenemhet Asante, Ross McKay

Supply Chain Cyber Security

Approximate running time: 13 minutes

A presentation to help data controllers and processors understand the risks associated with supply chain attacks. Featuring an overview of controller and processor responsibilities under UK GDPR, a discussion of the issues that the ICO has observed during investigations and tips for priority actions to improve your compliance with UK GDPR. The session also provides practical advice on how to secure your environment from attacks that leverage managed service providers.

Presenter

Keith Turner, Principal Cyber Specialist

The UK BCR Addendum: how to speed up your application

Approximate running time: 11 minutes

Find out how the UK BCR Addendum (launched in December 2023) is working in practice and what steps you can take to speed up your application approval.

Presenters

The FOI guide to the galaxy – a tour of our online resources

Approximate running time: 13 minutes

The guide takes a tour of the FOI section of the ICO website, going into relevant pages and explaining what resources we have, what’s new and what they can all be used for.

Presenter

Charlotte Dean, Lead Upstream Regulation Officer, FOI and Transparency

Data sharing to safeguard children

Approximate running time: 16 minutes

Data protection law provides a framework to help ensure organisations and people share data to help safeguard children in a fair, proportionate and lawful way. However, we know that sometimes people can be unsure about what they can and can't share and worry about falling foul of the law. 

In this session we'll cover our top tips for sharing information to safeguard children to help support you in your work with children. We will reference our 10 step guide on information sharing to safeguard children and other data sharing guidance and materials. 

Presenters

ICO’s Innovation Services

Approximate running time: 22 minutes

This video covers the benefits of the ICO’s Innovation Services for businesses. That includes free advice and bespoke support, and help to embed data protection by design into new products and services at the pre-market stage. You’ll learn which of the ICO’s three Innovation Services are best for you - Innovation Advice, Innovation Hub, and the Regulatory Sandbox.

Presenters