Northern Ireland Data Protection Update 2023

Northern Ireland Data Protection Update 2023

Legal Island's annual Northern Ireland Data Protection Update is specifically designed to provide you with a comprehensive overview of the data protection issues that matter to HR professionals and employers in Northern Ireland.

We set out the most important data protection risks and solutions facing employers and their organisations. As well as discussing the future (or otherwise) of GDPR.

After attending you will:

  • Have received a comprehensive update on data protection developments that affect employers in the UK.
  • Will have had ample time to question the data protection experts.
  • Our sessions will be recorded (with full participant DP permissions!), so that you can watch back after the event and check your understanding of developments.

Who is it for?

This event is aimed at employers and HR professionals with data protection responsibilities and concerns.

When & Where?

This event will take place online between 9.15am and 1.00pm on the 17th May 2023

on the Hopin  platform.


Standard Rate: £245 + VAT

Save an additional £20 when you book and pay online when booking.

In association with: 

Pinsent Masons logo







Welcome and Introduction: Christine Quinn, Legal Island 


Pinsent Masons’ Data Protection Round-Up 2023 

Anna Flanagan, Senior Associate at Pinsent Masons LLP and expert in regulatory enforcement, sets out the most important data protection risks and solutions facing employers and their organisations, including: 

  • Data Protection and Digital Information (No. 2) Bill 
  • International transfers and Schrems II 
  • Legal bases for processing – Key points from Experian and Meta decisions 
  • The case of FKJ-v-RVT [2023] EWHC 3 (KB) - WhatsApp – improperly obtained material and the law  


Q&A with Anna Flanagan 


Information Commissioner’s Office (ICO) Update 2023 

Simon Beattie, Senior Policy Officer at the Information Commissioner’s Office, provides an update on the important data protection trends and developments direct from the ICO, including: 

  • The latest campaigns from the ICO 
  • Top priorities for 2023/24 
  • Analysis of fines and other penalties 


Q&A with Simon Beattie 


Refreshment Break – Get a cup of something, take a break from the screen, catch up on emails, whatever… 


ChatGPT vs GDPR – What AI Chatbots Mean for Data Protection 

ChatGPT and similar AI ‘chatbots’ have entered the mainstream in the last few months. A myriad of articles appear daily listing the reasons for and against and predicting that the robots are coming for our jobs! 

But just what are the genuine date protection concerns around using AI in an employment context? 

Anna Flanagan, Senior Associate at Pinsent Masons looks at the pros, cons and whether ChatGPT is GDPR compliant, including: 

  1. Data Collection 
  2. Data Security 
  3. Fairness and transparency 
  4. Accuracy and reliability 
  5. Accountability 
  6. Right to be forgotten 


Q&A with Anna Flanagan 


Cybersecurity is an HR issue, not just a matter for IT 

Cybersecurity often feels like the responsibility of the IT department, but as recent examples in the media show, HR are critical in the fight to protect data. From The Guardian newspaper to Royal Mail and WH Smith, high-profile organisations have been brought to a standstill by cyberattacks in recent months. And it’s recognised that the largest threat to an organisation’s cybersecurity is employees’ failure to comply with data security rules, not hackers. 

Hacking and cybersecurity came to the fore and very much became HRs problem when the ICO issued a £4.4million fine to a construction company. The ICO found the company had outdated systems and protocols, failed to train staff properly, and conducted inadequate risk assessments. 

Keith Anderson, Lead Information Security Consultant at Vertical Structure provides his top tips for avoiding the scammers and explains: 

  1. Best practice for your systems and protocols. 
  2. The importance of staff training, and how to do it. 
  3. How to conduct an ICO-worthy risk assessment. 
  4. Preventative controls that you can implement now. 
  5. The biggest cyber risks to be aware of (and how to avoid them) 
  6. Suella Braverman sent government emails to her personal account – who cares? And did someone say WhatsApp and Matt Hancock?! Keith explains why these stories matter. 

Anna Flanagan, Senior Associate at Pinsent Masons looks at the legal framework relating to cybersecurity including: 

  1. How to assess risk following an incident 
  2. Ransomware: when can you pay a ransom? Should you pay a ransom? 
  3. The investigation and legal privilege 
  4. Data Subject Claims: employees and ex-employees  


Q&A with Keith Anderson and Anna Flanagan 


Data Protection and HR: Key issues 

While remote work has become commonplace, not all employers want their employees to remain relatively unsupervised, and many want to closely monitor their remote workers. Some employers are investing in surveillance technology for this purpose, but this carries a real risk of violating an individual's privacy rights. The first industrial action by Amazon staff in the UK was related to what employees see as over-use of surveillance technology to log and monitor their ‘down time’, including drink and toilet breaks. The issue of worker surveillance should be high on the agenda of NI employers. 

If done properly and with good reason, this can help employers to maintain a level of trust with their employees and to promote staff confidence by remaining transparent about any new processes they seek to implement. 

Anna Flanagan, Senior Associate at Pinsent Masons explains: 

  1. How to determine if monitoring is truly necessary and appropriate?  
  2. How and when to tell employees 
  3. How to remain sensitive to the physical and mental well-being or employees. 
  4. Consider also what information to collect about employees: special category information, criminal conviction? What extra considerations are there? 
  5. Data sharing: what to do when relevant authorities seek information relating to your employees.  


Q&A with Anna Flanagan 


Summary and Close  



"Helpful, informative and held my interest throughout! It was "pacey" and delivered in bite-sized chunks with a break in between which allowed my attention span to be re-set each time - I thought that was clever! "
Jonathan Young, DPO, Ards & North Down Borough Council

"Session very good and delivered what I was expecting."
Anne Woods, Co-Head of Organisational Development, The Cedar Foundation

"Content was very relevant and comprehensive - timely and to the point."
Anne Watson, Head of HR, The McAvoy Group Ltd

"Excellent update on Data Protection, with knowledgeable presenters. Good pace, overall very good."
Gwyneth Evans, HR Manager, Ryobi Aluminium Casting (UK) Ltd

"Wealth of information speakers had and case study examples."
Melissa Moffett, HR Assistant, Kilwaughter Minerals Ltd

"DSARS and Retention discussions was useful as relevant to current activity. Same with the ICO activity as couple of the topics prompted consideration I things I need to be considering."
John Hart, Compliance Manager, Danske Bank UK

"Very good speakers and chair. Easy to follow and understand. Lots of great resources shared."
Olga Pollock, HR Manager, firmus energy


  • Anna Flanagan
    Anna Flanagan Senior Associate
    Pinsent Masons

    Anna has experience of advising on information law with a focus on data protection in both contentious and non-contentious forums. She has experience of liaising directly with the Information Commissioner's Office on behalf of clients and she often delivers training sessions to Boards and Senior Management Teams on data protection compliance.

  • Keith Anderson
    Keith Anderson Lead Information Security Consultant
    Vertical Structure

    Keith helps Vertical Structure keep everything safe for their clients by helping them achieve and maintain certification to standards including ISO27001:2013, Cyber Essentials and GDPR Compliance.

    Keith brings a wealth of knowledge from his past experience in Project Delivery and working within digital transformation at an enterprise level, and working with organisations such as ALDI International, C&A, Energia, Carlsberg, Visa, Lidl Ireland, Virgin Trains, SGN, Deloitte, BBC, Lloyds Bank and Santos Brazil.

    Keith is ISO27001 Certified ISMS Lead Auditor certified.

  • Simon Beattie
    Simon Beattie Senior Policy Officer
    Information Commissioner's Office

    Simon is a Senior Policy Officer at the Information Commissioner’s Office. Based in Belfast, he specialises in promoting good practice in information rights by raising awareness of organisational responsibilities across all sectors.

    In addition, he also influences policy by working closely with the NI devolved legislature and the wider public sector, ensuring that data protection compliance is embedded where appropriate.

Event details


Half - Day Event


17 May 2023


Online - Hopin


Standard Rate: £245 + VAT