The ICO exists to empower you through information.

Recordings from the DPPC workshops are now available to watch:

Seminar group C

Help! I’ve had an FOI complaint!

Presenters:

So you’ve had that letter from the ICO: someone’s complained about your FOI (or EIR) response. What happens next? What does the ICO expect from you? What should you expect from the ICO? What if the decision notice is appealed?

Let our panel of experienced case officers and an in-house lawyer talk you through the process of investigation, decision and appeal to the first-tier tribunal. This session is designed for FOI practitioners, with little or no experience of working with the regulator, to help you navigate the process comfortably and confidently.

Ask the experts: using the ICO’s data protection audit tools

Presenters:

A Q&A style study of the audit teams’ data protection audit toolkits; how they can be used, and hints and tips by the ICO’s audit team.

Organisations should be able to confidently develop a measurable data protection compliance plan using the tool components for their unique needs. The accompanying action plan template is a convenient aide to capture the recommended corrections and outputs to keep track and measure progress.  

Suitable for large public and private sector organisations with complex or multi-faceted risk fronts.

Sky high: how to comply with UK GDPR when using cloud systems

Presenters:

  • Kitty Rosser (chair and presenting on international transfer and general accountability issues)
  • Sonya Clark (co-chair and presenting on DD and supplier ts and cs)
  • Iman ElMehdawy
  • Dalbir Singh
  • Adam Webb

Cloud systems offer huge advantages but can also pose a compliance risk. During this session, we will consider the advantages of using cloud systems and discuss the key steps you should take to ensure compliance. We’ll use a case study to illustrate how this might apply in practice. There’ll also be a chance for you to ask questions.

This practical session will be of interest to anyone involved in procuring, managing or advising on the use of cloud systems. This session is aimed at delegates with a basic knowledge of the accountability requirements when appointing processors and the international transfer rules.

What's the harm? Reframing how we think about data breaches

ICO Presenters:

External Presenter:

No one wants personal data breaches to happen. There are laws, regulations and systems in place to help prevent them.

But breaches do happen.

Involved in every breach are real people and, in some of these breaches, the potential for real harm.

This workshop will explore the concept of individual harm and impact of a personal data breach, with a focus on individuals whose circumstances may increase the likelihood of harm. Using insight from research and case studies, we will encourage participants to:

  • reflect on harm and its importance; and
  • consider what steps they can take to improve handling a breach.

The workshop is open to everyone, with particular relevance for data protection officers and individuals with an interest in frontline engagement and complaints.