Data protection requirements for all organisations in the UK and Scotland are governed by law setting out what needs to be complied with and how. However, the new Data (Use and Access) Bill is moving swiftly through Parliament and will conclude during 2025. This Bill contains a range of changes with implications for all data practitioners and data protection officers, impacting on when, how and why compliance is needed. Do you know what data practitioners and organisations need to understand about what will be in the new Act, what changes and responses will be required and what the impact will be of the other wider drivers of change in the data environment?
The Bill proposes a range of changes to the data regulatory regime and is intended to modernise how data is used and accessed across public and private sectors. The legislation aims to create a framework which balances innovation with privacy. Its objectives include streamlining access to data for innovation, protecting personal data and encouraging public trust. Key features of the Bill include the introduction of data intermediaries, the creation of a trust framework and new provisions regarding data sharing for public interest. The Bill also introducues a range of changes for data protection and privacy legislation ranging from data subject access requests through to fines and penalties and, perhaps, enhanced enforcement powers for the Information Commissioner’s Office.
This regulatory change takes place, as ever, in the context of serious ongoing data protection challenges. These range from widespread inadvertent disclosures through to WhatsApp data lapses following its widespread use during and since pandemic. Physical breaches continue to manifest with a range of organisations seeing personal data exposed. Training is critical in data management and, in most cases, failing to train underpins breach occurrences. The pace and volume of data sharing, driven by responses to externalities such as AI and changes in work patterns and locations continues to increase dramatically. The huge value of data as the life blood of both public services delivery and private sector competition, with the scale of associated data management required, increases the compliance burden.
While change is coming, the roles of data professionals are the main constants in the field. Always needed and always accountable, these post holders in every organisation are the critical point at which good data protection and information governance practice either works or fails. The law and guidance states what should happen. The ICO is the body that takes action after failure. However it is the data practitioner professionals at the live point of data management and protection who are the key element that needs to be properly resourced, trained, upskilled and valued in their organisations.
This conference examines what the new data legislation will mean and will require, the impact on the role of data protection professionals, data protection officers and other relevant staff in the field and the broader pressures and drivers of change for data management. It will focus on three themes:
Topics to be discussed
Who should attend
This conference is intended for all those working in the data protection/management and information governance fields and is for both organisations and individuals alike. It is relevant to public, private and third sector organisations which hold, process, manage or share personal data and is for data practitioner professionals, accountable persons, data protection officers and also for those in executive and non-executive roles with a responsibility for legal compliance, reputation management, corporate accountability or strategic leadership.
Founder, Owner, and Executive Chair
Data Privacy Advisory Service
Data Protection Officer and Freedom of Information Adviser
RGDP (Really Good Data Protection)
Senior Lecturer
University of Otago
Nigel Gooding
Founder, Owner, and Executive Chair
Data Privacy Advisory Service
Nigel is founder of the Data Privacy Advisory Service, and he plays a vital part in our success. Due to his extensive experience, Nigel is recognised as a leading expert in the industry.
A hugely experienced Data Protection Officer (DPO), Nigel has held a number of senior roles in private and public sector. These include a national board role with NHS Direct as Chief Operating Officer, along with a recent DPO role at South Western Ambulance NHS.
Nigel is the DPO at Macmillan Cancer support, Bristol Airport and several other organisations. He has also worked in a number of local authorities, and was DPO at Teignbridge and Watford Council.
He is also the External Examiner, Master of Laws (LLM) Cyber, Information,Technology and Innovation Law degree at Robert Watson University in Aberdeen.
He also has experience in working and liaising with the ICO and other EU supervisory authorities. Nigel has worked with clients in multiple jurisdictions, including those outside the EU and the GDPR adequacy arrangements. He was also the strategic Data Protection Subject Matter Expert advising the Government of Jersey in Health, Social Care and Children’s Service including Safeguarding and Education.
Nigel has also recently led the development of a Global Data Strategy with one of the largest companies in the world. This covers legislative compliance, data and information governance and data value.
Nigel holds Master’s degrees in Data Protection and Information Governance, Information Rights Law with a speciality in Children’s and Young Person’s data sharing, Freedom of Information, and Environmental Information regulations law. He also holds practitioner level qualifications, wrote the first UK DPO CPD Accredited Training Course, and is the lead trainer for the DVLA.
Nigel is also the External Examiner, Master of Laws (LLM) Cyber, Information,Technology and Innovation Law degree at Robert Watson University in Aberdeen
Trish Knight
Data Protection Officer and Freedom of Information Adviser
RGDP (Really Good Data Protection)
Trish has worked in a wide range of public, private sector blue chip and smaller companies and has over 10 years’ experience information governance and information security. She has a Masters in Business Administration, is a Fellow of the Chartered Institute of Management, and is a certified Data Protection practitioner. Her blend of experience and strong communication skills means she is able to quickly get to know a business and give excellent support for data protection needs.
Sean Whitaker (Dr)
Senior Lecturer
University of Otago
Following Dr Sean Whittaker’s graduation from the University of Dundee LLM Programme in Environmental Law, he began his doctoral studies in University College Cork, Ireland. He was awarded his doctorate in 2018, which was titled “Legal Transplants and Regimes Governing Access to Environmental Information in England and Wales, the United States and China”.
Before being appointed as a lecturer Dr Whittaker worked as a judicial assistant in the High Court of Ireland under Judge Caroline Costello and as a post-doctoral research at the University of Dundee for the “Uncovering the Environment: The Use of Public Access to Environmental Information” project.
He was previously the Executive Director of the Centre for Freedom of Information at the University of Dundee and has a keen interest in issues relating to environmental law, the Aarhus Convention and comparative legal theory.
Book delegate places or purchase video recording.
