Annual Data Protection Update 2016
This year has seen the EU General Data Protection Regulation (GDPR) approved. Get ready for fines of up to €20 million or 4% of global turnover for major breaches.
Why is this event important for YOU?
4% of anyone’s turnover is a lot of money. Even if your organisation is not fined that much for a breach of the Regulation, it will be higher than existing fines and any data protection breach will cause you all kinds of attendant problems and bad publicity.
But do you know how to deal with a breach and how you might ameliorate the damage caused? Do you know what you could do to find out how it happened or what to do to stop evidence being contaminated? You will after this event and that knowledge could save you a fortune and your reputation.
After attending you will:
- Be aware of all the major data protection developments affecting Ireland-based organisations
- Be aware of what you can do NOW to prepare for the changes and dangers to your organisation under the new GDPR and minimise you potential liabilities
- Be aware of all the steps you must take to deal with a data security breach
- Be aware of the steps you can take to assist a robust forensic investigation of a data breach
- Be aware of the latest case law and other employment-related developments arising out of Data Protection and an employer's vicarious liability for an employee's actions
Course overview/outline programme
Our seminar has four complimentary sessions:
- The Data Protection Review: An update on what’s been happening in data protection over the last year and expected to come
- Managing and Containing a Data Breach, Part One – Two scenarios: handling a system breach and loss of personal manual data in a public place
- Managing and Containing a Data Breach, Part Two – What you can do to ensure Forensic Investigations are robust and stand up in court
- Employment Issues and Employer Liability – latest case developments on an employer’s liability for the actions and negligence of your employees
Who is it for?
This event is aimed at HR professionals, Data Protection Officers, Finance Directors and others responsible for data protection issues in the workplace or service provision.
When and where?
8.30am-12.30pm on Tuesday 6th March 2018
Crowne Plaza Hotel, Northwood, Dublin
Standard Rate: € 550
Save an additional €20 if you pay online when booking.
Scott Alexander, Head of L&D, Legal-Island, outlines what to expect from the day’s proceedings and how to maximise return on investment.
The Data Protection Review: What’s been happening in data protection over the last year?
Our speaker from the Office of the Data Protection Commissioner sets out key areas of developments and statistical data highlighting hot spots and danger areas highlighted by the Data Protection Commissioner’s Office and case law.
Also, we consider the next big issues in Data Protection and how these might impact on data breaches in future:
• New EU Regulations expected to include penalties of 2-4% of global turnover
• Liability for data processors
• Mandatory reporting of data breaches
• Sending data outside the EU
• Supersized fines
• Subject Access Requests as a tactic in litigation and grievances
• Data Sharing in the Public Sector - what are your requirements under the Office of DPC guidance?
Seamus Carroll, Head of the Data Protection Unit, Department of Justice & Equality
Managing and Containing a Data Breach, Part One
We split our audience into teams to consider two scenarios. In the first, you arrive into work early one morning to be greeting by the ashen-faced Managing Director of the company who tells you that, following a complaint by a customer of suspicious activity on their bank account, it has been discovered that there has been a major leak of customer data.
In the second, it is you who has caused the breach. On the way to a Workplace Adjudicator’s hearing, you leave your files on the train.
1. What breaches, if any, do you think have occurred?
2. What steps should you take in the first 24 hours?
3. In the next week, what should be your priorities?
4. What costs, if any, could be heading your way and how much might you have saved by prompt action?
Andy Harbinson, Director, Grant Thornton
Networking and Break
Managing and Containing a Data Breach, Part Two - Forensic Investigations
Do you feel equipped to investigate who leaked data, or let in a virus into your system? Would you know where to start, how to stop contamination of evidence, or even what robust evidence looks like?
Our expert, Dr Vivienne Mee from VMForensics Limited explains all and sets out a template to ensure you cover all the angles should a data breach occur and you require a report in order to take action against individuals.
Employment Issues and Employer Liability
Anna Broderick, Partner, Eversheds brings you the latest case law and other employment-related developments arising out of Data Protection and an employer's vicarious liability for an employee's actions. Also, what action might you reasonably take against employees as the stakes become so much higher under the new EU Regulations? Are there actions employers can take now that might limit your liability when the Regulations become active?
Do you have any other questions on data protection or compliance-related issues for our experts?
Networking and Lunch
** Programme subject to changes in accordance with legislative developments**
"The main speakers were very informative and interesting. Gaining knowledge made easy!"
Niamh Byrne, Senior HR, CBRE
"I found all three speakers gave very good presentations on what I would normally not find to be the most interesting of topics! Provided a very clear understanding on what we as an organisation need to do, and also clear on my personal responsibility."
Mark Dorman, Head of Stadium Business, GAA
"Very knowledgeable speakers who delivered interesting and informative lectures. I learned a lot from listening to them and from the session notes that were available to all delegates."
Fionnuala Kilcoyne, HR Manager, NX Systems Limited
"The update made me realise how vulnerable an organisation can be without adequate IT controls and data protection awarenes - excellent."
Carol Tutty, Quality/Risk Manager, Clane General Hospital
Anna Broderick Partner
Anna has been with Eversheds for 10 years and has focused on employment law and data protection including freedom of information. She has built up substantial experience of advisory and contentious HR and data protection issues. Anna works with senior management and HR clients to advise on all aspects of employment law throughout the employment relationship. She also works with clients on equality, industrial relations and health and safety issues in both the public and private sector. She regularly advises clients on internal employment policies including disciplinary, grievance, dignity at work and retirement policies.
Vivienne Mee Founder
Vivienne has over 10 years’ experience in the field of IT Forensics and Electronic Discovery.
She is recognised throughout her career for being a leader in the delivery of IT Forensics and Electronic Discovery services, delivering world class service to a diverse group of clients from leading pharmaceuticals, large financial institutions, to government departments.
Seamus Carroll Head of the Data Protection Unit
Department of Justice and Equality
During Ireland's Presidency of the European Council of the EU from January to June 2013, he has acted as Chair of the Working Group which has been engaged in intensive discussions on the European Commission's data protection reforms. During this period, he has also been closely involved in the preparation of reports to meetings of Justice Ministers on the progress being made during negotiations.
Andy Harbison Director
Andrew is the most experienced computer forensics investigator in private practice in Ireland. He has completed in excess of 350 separate computer investigations for clients ranging from multinational companies and major financial services companies to small and medium sized enterprises and private individuals. He has innovated a number of important IT investigative techniques and seen them put into Irish precedent.