Harrowells Banner Image

Our Resolve. Your Resolution.

What GDPR means for those responsible for compliance in their organisation

New rules concerning the storage, handling and use of data come into force in May next year – by virtue of the implementation of the General Data Protection Regulations (or ‘GDPR’) and the Data Protection Bill 2017. With a focus on giving individuals more control over their personal data and limiting how and why organisations store and use all types of personal information about individuals, this new legislation is a big step up from the current data protection regime. The range of information covered is extensive and includes data about employees, prospective job candidates, suppliers, contractors and, of course, your customers and prospective customers.

For many organisations, the new requirements will not necessarily be onerous but will require some planning and documentation to take place in advance of the May deadline – so it is important to act now. Our seminar will provide practical guidance on the planning and documentation you need to put in place in advance of the May deadline. This will include:

  • Picking the best people to fulfil the necessary roles
  • Developing systems for efficiently auditing and recording the types of personal data you hold or process, where it is held (including considerations for dealing with ‘informal’ or ‘shadow’ storage) and why
  • Prioritising what internal processes or documentation need to be changed and by whom
  • Ensuring appropriate permissions are in place from customers, employees and others about the processing of their personal data
  • Educating line managers and staff to recognise what is personal data, particularly sensitive data, and how to handle this appropriately
  • Putting in place processes to deal with individual requests about personal data records and potential ‘data breaches’
  • Methods for ensuring that all aspects of your operation are developed with consideration of the storage and handling of data through ‘data impact assessments’
  • Considerations for dealing with third party contracts including some basic contract terms, tendering processes and businesses outside the EEA

Whether you are a business owner, a director, a senior manager or have specific responsibilities for compliance in your organisation, this seminar is designed to provide a practical framework that you can implement in the months leading up to the GDPR deadline. This seminar is likely to prove very popular so early booking is advised.

Date: Tuesday 19th December 2017

Venue: Bar Convent, York

Timings: 08.15 registration & refreshments; 9.00 seminar starts; 10.15 seminar ends followed by time for 1-2-1 questions