All organisations need to be aware of their data protection obligations. They have to be organised to comply with those requirements, be proactively engaged with the evolving contexts in which they are operating and they should be supporting their data practitioner staff in their roles and in their professional development. However the context in which organisations store, share and use data is fast evolving - both in terms of law and best practice and in respect of how public and private sector organisations operate. How therefore do organisations need to respond in order to remain agile in an ever changing data world so that they support the development and constant upskilling of their critical data protection professionals, ensure the organisation is always learning from best practice and collectively react swiftly to the planned and unplanned changes that can threaten data security?
Data protection and good practice never stands still. Currently the UK government is proposing new legislation in the form of the Data Protection and Digital Information Bill, introduced to parliament in September 2022. The ICO is directly affected by those proposals in respect of its structure and its governance which the Bill aims to reform and the intention also to transfer these to a new body, the Information Commission. The ICO itself meanwhile is also pursuing a shift in its own approach to its regulatory function through the implementation of its ICO25 plan. The ICO states that "ICO25 gives clarity about the risks and opportunities we believe need our most urgent attention and where we intend to focus our efforts, both for the long-term and in terms of our priorities for the next 12 months."
Change is imminent for the regulator, for those who are regulated and is also always present for the context in which both operate. The ICO itself says that "The environment in which we work is complex, fast moving and ever changing." However the roles of data practitioner professionals are perhaps the main constants in the data field. Always needed and always accountable, these post holders in every organisation are the critical point at which good data protection and information governance practice either works or fails. The law and guidance states what should happen. The ICO is the body that takes action after failure. However it is the data practitioner professionals who are at the live point of data management and protection and who are therefore the key element which needs to be properly resourced, trained, upskilled and valued in their organisations.
This conference examines where data protection terrain is evolving and how and why the role of data protection professionals needs to be supported, invested in and promoted in order to cope with current and future challenges. It will focus on three themes:
Topics to be discussed
Who should attend
This conference is intended for all those working in the data protection/management and information governance fields and is intended for both organisations and individuals. It is relevant to public, private and Third sector organisations which hold, process, manage or share personal data and is for data practitioner professionals, accountable persons and also for those in executive and non-exec roles with a responsibilty for legal compliance, reputation management, corporate accountability or strategic leadership.
Regional Manager, Scotland
Information Commissioner’s Office
Head of Service - Data Protection Officer
Public Health Scotland
Head of Information Assurance & Data Protection iTECS
Scottish Government
Chief Data Protection Officer
Data Privacy Advisory Service
Head of Information Risk, Security and Governance
National Records of Scotland
Senior Lecturer (Information Studies)
University of Glasgow
Partner
Brodies LLP
Jenny Brotchie
Regional Manager, Scotland
Information Commissioner’s Office
Jenny has been with the ICO Scotland team since 2018. In that time she has worked with a wide range of stakeholders from across the private, public and third sector providing advice and guidance on a issues and policy proposals ranging from law enforcement processing to data sharing with the third sector. She has a particular interest in ensuring that the processing of personal data benefits the most vulnerable in society.
Prior to joining the ICO Jenny worked at the Carnegie UK Trust managing a variety of policy advocacy and research projects including those centred on public service reform and evidence based policy and practice. She has also held a number of third sector roles focused on sustainability.
A biologist by training Jenny has spent time in molecular biology research labs and has always had a love of data!
Richmond Davies (Dr)
Head of Service - Data Protection Officer
Public Health Scotland
Dr Richmond Davies is a clinician, senior public health leader, and a chartered governance professional who heads health, well-being, social care, and cancer statistics. He is also a certified GDPR Practitioner and Data Protection Officer.
Richmond started off as a graduate civil engineer, changed discipline to move into teaching of mathematics, the practice of mental health, and governance and then senior organisational leadership. He works for a public sector organisation responsible for protecting the people of Scotland from infectious and environmental hazards, providing evidence of what works to reduce health inequalities, and transforming data into meaningful insights to address Scotland’s public health challenges. He is a fellow of the faculty of clinical informatics and a clinical safety officer.
Richmond is passionate about getting people excited about the management, use, beauty and revolution of data and their role in research, knowledge creation and sharing. He does this, not only as a practitioner, but also as Secretary of the Scotland branch of the Chartered Governance Institute UK & Ireland, the professional body for risk, governance and compliance. In his previous adjunct academic role he was able to inspire, supervise and share knowledge with higher education students.
Richmond is also a Board Director and Trustee of the Scottish Library and Information Council (SLIC), an independent advisory body to the Scottish Government on library and information related matters. SLIC regularly undertakes research, awards grants, and promotes innovation and a greater understanding of the library and information sector in Scotland.
Richmond’s interests are human information behaviour, information literacy, public health data science, data protection, pedagogy, and governance, risk and compliance.
Helen Findlay
Head of Information Assurance & Data Protection iTECS
Scottish Government
Helen is responsible for the section which provides advice and guidance for The Scottish Government on data protection and information assurance. Her career reflects a wide range of experience in data management and protection and information governance in both the public and private sectors. Helen's section led on EU Exit data adequacy mitigation planning for the Scottish public sector and she has worked in New Zealand and Scotland.
Nigel Gooding
Chief Data Protection Officer
Data Privacy Advisory Service
Nigel is founder of the Data Privacy Advisory Service, and he plays a vital part in our success. Due to his extensive experience, Nigel is recognised as a leading expert in the industry.
A hugely experienced Data Protection Officer (DPO), Nigel has held a number of senior roles in private and public sector. These include a national board role with NHS Direct as Chief Operating Officer, along with a recent DPO role at South Western Ambulance NHS.
Nigel is the DPO at Macmillan Cancer support, Bristol Airport and several other organisations. He has also worked in a number of local authorities, and was DPO at Teignbridge and Watford Council.
He is also the External Examiner, Master of Laws (LLM) Cyber, Information,Technology and Innovation Law degree at Robert Watson University in Aberdeen.
He also has experience in working and liaising with the ICO and other EU supervisory authorities. Nigel has worked with clients in multiple jurisdictions, including those outside the EU and the GDPR adequacy arrangements. He was also the strategic Data Protection Subject Matter Expert advising the Government of Jersey in Health, Social Care and Children’s Service including Safeguarding and Education.
Nigel has also recently led the development of a Global Data Strategy with one of the largest companies in the world. This covers legislative compliance, data and information governance and data value.
Nigel holds Master’s degrees in Data Protection and Information Governance, Information Rights Law with a speciality in Children’s and Young Person’s data sharing, Freedom of Information, and Environmental Information regulations law. He also holds practitioner level qualifications, wrote the first UK DPO CPD Accredited Training Course, and is the lead trainer for the DVLA.
Nigel is also the External Examiner, Master of Laws (LLM) Cyber, Information,Technology and Innovation Law degree at Robert Watson University in Aberdeen
Iain Gray
Head of Information Risk, Security and Governance
National Records of Scotland
Adele Redhead (Dr)
Senior Lecturer (Information Studies)
University of Glasgow
Dr Adele Redhead is a lecturer at the University of Glasgow, where she leads the MSc in Information Management and Preservation. Adele is a qualified archivist and has extensive experience in archives and records information management in a variety of sectors.
Martin Sloan
Partner
Brodies LLP
Martin is an experienced lawyer specialising in IP, Tech and Data. He combines technical knowledge with an interest in understanding his client's business to provide pragmatic advice and practical solutions.
Martin's expertise includes technology procurement, IT outsourcing, business process outsourcing, commercial contracts, intellectual property, data protection, ePrivacy and cyber risk. Martin regularly helps clients in relation to the legal and commercial risks relating to the development and use of new technology, such as cloud-based services, and projects involving AI, blockchain and big data.
Martin works with clients across a range of sectors including financial services, media, food and drink, charities and the third sector, and the public sector. Martin also advises technology businesses and innovative tech start-ups, including fintech and adtech.
Book delegate places or purchase video recording.
