The EU General Data Protection Regulation (GDPR) is a major new piece of legislation came into force across the EU on the 25th of May 2018. It provides a single data protection law for the whole EU. It is Brexit- neutral in that the government has said it will apply in the UK even after Brexit through the new Data Protection Act. The new stringent data protection requirements apply to all organisations in the EU (and it is even extra-territorial in that it also applies to many organisations entirely outside of the EU).
The GDPR implements a raft of new rights for individuals and how their personal data is processed - and processing includes every activity known to man: reading, storing, manipulating, transferring - even possessing.
Every business now uses personal data in some way, whether staff data, customer data, prospect data or supplier data. And there’s plenty more data too. The maximum penalties for getting it wrong have been increased to the greater of 4% of annual global group turnover of an organisation or 20 million Euros, depending on the severity of the breach. The definitions of ‘personal data’ sometimes even applies when that data appears to be anonymised. It is essential to know what the law requires - as it should now be part of ‘Business as Usual’ for every business worldwide.
Mark Weston is a leading expert on GDPR having carried out and supervised over 80 GDPR audits and provided advice to organisations of all types and all sizes. One key benefit of the course is the ability to ask Mark Weston about particular issues that may affect you and your business.
By attending this seminar you will:
- Learn about the GDPR and the new personal data regime
- Understand how it affects your business – root and branch
- Get-to-grips with the basics (and many of the nuances) of the new
data protection law
- Consider how it affects you and the business you work for
- Get up-to-date with an in-depth knowledge of the law and practice of
- Understand the pitfalls – and how to avoid them
- Clarify the roles of controllers, processors and sub-processors
- Master the ins and outs of the rules on obtaining consent
- Expand your knowledge of privacy by design
- Appreciate how to best avoid breaches and fines that may result
- Understand the risks that can be created through poor implementation
or non-implementation of data structures mandated by the new regime
- Discuss any issues you are facing with colleagues from other
organisations to gain new ideas and perspectives
- Understand how to effect change in your organisation so as to instil a
correct data culture – which will manage your risk and exposure
*Please note, events may be cancelled due to commercial or organisational reasons. In this case Research and Markets will refund all registration fees which have already been paid. Research and Markets will not refund any charges arising from the participant having to cancel or re-book transportation or accommodation which he or she has arranged.
All sorts of scenarios are covered, including questions such as:
- Can you keep business cards when they are handed to you?
- What happens to that ‘private data’ you keep in Outlook notes field?
- What controls do you need on the person who cleans out the bins?
- Are you a processor or controller – or both? What if this is true for the same data that you use for different purposes?
- How do you tell people you have their data and what you do with it?
- Do you have to comply with the GDPR if you are based outside the EU?
- What if you process EU citizen data and non-EU citizen data (whether you are in or out of the EU)?
Essential EU GDPR background, terminology and rights
The roles of and relationships between controllers and processors and sub-processors
Implementation of GDPR requirements
Enforcement and regulatory and compensatory aspects of the GDPR
International data transfers
The Data Protection Officer (DPO)
Tailored question and answer session
Mr Mark Weston,
Mark Weston is a partner at Hill Dickinson having joined the firm on 1st February 2016 as Head of Information Technology, Intellectual Property and Commercial (London). Mark joined the firm from Matthew Arnold & Baldwin LLP where for 12 years he was a partner and Head of the Commercial, Intellectual Property and Information Technology Group, before which he spent several years at Baker & McKenzie. Mark’s practice covers both non-contentious and contentious matters in all areas of commercial law, intellectual property law, information technology law, Internet, electronic commerce and on-line services law. He specialises in commercial and tech issues.
He has extensive experience in-house, having been seconded in the past to Hewlett Packard and new technology companies. His practice covers all sorts of commercial areas (including franchising) as well as extensive IT niches including advising clients regarding hardware and software issues (including SaaS, cloud, development, licensing, maintenance and distribution), solutions for and methods of transacting on the Internet, electronic commerce, including B2B, B2C and B2G, S-commerce and M-Commerce, social media, strategies to minimise or maximise liability and carry out compliance audits, outsourcing, facilities management, procurement, company IT policies and data protection (privacy) issues. He also has experience in IT litigation (and different alternative dispute resolution techniques).
Mark is Chairman of the Society for Computers & Law (North London and Home Counties Region), Chairman of the Intellectual Property Interest Group of Lawnet and is a premier member of the Eurojuris Intellectual Property Panel. Mark writes various books on his specialist topics and is an editor and contributor of several publications and articles and lectures at numerous commercial, IP and IT related conferences and training programmes.
Finally, Mark appears regularly on BBC1 (usually providing advice on-screen to BBC Watchdog) and also on Sky News as a legal commentator.
This programme has been specifically designed for those who deal with personal data in any way:
- In-house lawyers
- Private practice lawyers
- Compliance officers
- Company secretaries
- Board members
- HR professionals
- Marketing professionals
- Anyone who uses or possesses personal data
De Vere Grand Connaught Rooms
61 - 65 Great Queen Street