May 25, 2017
08:00-08:30 – Registration & Breakfast
08:30-08:45 – Keynote Introduction and Welcome by SureCloud’s CEO Richard Hibbert
08:45-09:30 – Guest Speaker, Tim Hickman, GDPR Expert at Global law firm White & Case
09:30-10:00 – Key GDPR Processes, led by SureCloud’s COO Nick Rafferty and CEO Richard Hibbert
10:00-10:30 – Q&A and Networking
Date: 25 May 2017 (exactly 1 year until the GDPR comes into force)
This briefing will provide in-depth insights into the challenges of GDPR compliance, by exploring the requirements of the GDPR and examining the key tools and steps for achieving and maintaining an appropriate level of compliance with the GDPR.
Prioritising the right issues: One of the biggest challenges with the GDPR is that it is so wide-ranging, and impacts so many business activities, that it can be hard to know where to start. We will offer insights on how to identify the areas in which businesses should be focusing their compliance efforts.
Legal basis for processing: Every processing activity that a business undertakes requires a legal basis (e.g., consent, compliance with law, legitimate interests, etc.). We will consider how the GDPR limits the options available to businesses.
Principles for processing: The GDPR requires that processing activities are conducted in accordance with certain principles (lawfulness, fairness and transparency, purpose limitation, data minimization, storage limitation, etc.). We will explore these principles, providing best practice examples.
Legacy non-compliance: Many businesses face compliance challenges in relation to existing processing activities, which are not currently GDPR compliant. We will review the best strategies for dealing with such legacy non-compliance.
The ‘Right to be Forgotten’: The GDPR strengthens the rights of individuals in some areas, and creates new rights in others. Among the most challenging issues is the so-called ‘Right to be Forgotten’, which allows individuals to require businesses to delete their personal data in some circumstances. We will provide practical guidance on the steps businesses should take to prepare for these challenges.
We will examine the key controls that organisations need to implement to achieve compliance and provide a demonstration of SureCloud GDPR Suite.The following control areas will be covered:
Gap Analysis and Risk Assessment
Records of processing and compliance activities
Subject access requests
Data protection impact assessments
Contractual mechanisms to achieve and maintain compliance
Guidance on the type of contracts within your organisation that you will need to revise
Insight on how you can use tools to streamline key GDPR processes
A full understanding of the logical steps to start your GDPR compliance journey
An understanding of how other organizations are addressing this area
30 St Mary Axe