The ICO exists to empower you through information.

Bitesize sessions

New for 2023, a selection of short sessions packed full of useful guidance and updates that you can enjoy over lunch.

Helping you to get transparency right in the health and social care sector

This session is an introduction to the upcoming sector-specific guidance on transparency in the health and social care sector. The guidance is aimed at helping organisations understand the ICO's expectations when it comes to data protection transparency. The guidance and the session are intended for anyone involved in delivering transparency and privacy information to patients, including IG staff, DPOs and communication and media teams.



Better data sharing using privacy-enhancing technologies

This session will explain what privacy-enhancing technologies (PETs) are, and how they can be useful when sharing personal data. Building on the ICO’s recently published guidance, the session will cover different types of PETs, how you can use them and how they support data protection compliance. The session is aimed at organisations who are interested in data sharing but who do not yet have a good understanding of PETs.




NIS, Cloud and the public sector – advantages, responsibilities and navigating risk

This bitesize session is aimed at security managers, DPOs, IT managers and cyber security practitioners in the public sector who are using cloud services already or are thinking about moving to a cloud environment. We’ll cover:

  • the advantages of using cloud services;
  • how using cloud services changes your risk profile;
  • shared responsibility;
  • what the NIS regulations are and who is affected by them; and
  • techniques for assessing and improving your security posture.



Data Sharing – the basics of how you can

This bitesize session aims to show that data protection law isn’t a barrier to data sharing. There is something for everyone, regardless of your data protection experience, but its aim is to explain in a simple way the things to take into account when considering sharing data and show you how you can. The guidance looks to help ensure that data sharing is able to take place where needed and give pointers to make sure any such sharing is appropriate, proportionate, and responsible.



Employee monitoring – how your business can get it right

This bitesize session aims to introduce how data protection law applies to using surveillance technology in the workplace. It looks to help businesses understand if employee monitoring is right from them and can be carried out in a way that respects staff and complies with the data protection principles, saving time and avoiding future disputes. It is aimed at small-to-medium sized businesses but is designed to ensure there is something of value for everyone.



Navigating the data sharing code and resources

This session will highlight the ICO’s data sharing resources, including:

  • the data sharing code of practice; and
  • other tools and resources on the data sharing web page.

We will explain how you can navigate both the code and data sharing page to find the information you need.

The session will also go through data sharing case studies that demonstrate how you can share personal information confidently and proportionately.



Reprimands: A bite size session on what we’ve learned so far’

Could this happen to you? In this bite size session, we discuss the learning points from some of the recent reprimands we've issued and offer some top tips about what you can do to protect your organisation’



A basic introduction to common data protection issues in contracts


Using BCC - what to consider when assessing the risk

This bite size session will look at when you might use BCC for emails, what other options you may choose to protect your recipients’ information and how to assess the risk.