There’s always too much content to squeeze into one day! Our recorded DPPC+ videos offer bonus content on topics you’ve told us you’re interested in.
- We've had a breach, what happens next?
- No need to panic: Simple ways to deal with SARs
- NIS, Cloud and the public sector
- Data sharing: the basics
- Employee monitoring how your business can get it right
- Your data sharing tour guide – how to get the most out of our resources
- Better sharing using PETS
- The nuts and bolts of a cyber investigation
- Ask the Apprentices
- Supply chain issues
- The UK BCR Addendum: how to speed up your application
- The FOI guide to the galaxy – a tour of our online resources
- Top tips to help you share information to safeguard children
- ICO innovation services
We've had a breach, what happens next?
Approximate running time: 10 minutes
For those new to the topic, personal data breach basics provides an overview of how to recognise a breach, how to deal with a breach if one occurs and who organisations need to tell about it.
Presenters
- Rosina Harrison, Lead Case Officer, Personal Data Breach Service
- David Meller, Lead Case Officer, Personal Data Breach Service
No need to panic: Simple ways to deal with SARs
Approximate running time: 13 minutes
This session aims to make the SAR process easier for you by providing a practical understanding of how to deal with subject access requests. The session may be most useful for smaller organisations, but as we’ll give you practical advice on common issues you might face, the session will also be useful to any data protection specialist who is interested in tips and suggestions based on our real-life experience of answering everyday questions from organisations.
Presenter
Nomalungelo Dlodlo, Case Officer, Business Advice Services
NIS, Cloud and the public sector
Approximate running time: 10 minutes
This session is aimed at security managers, DPOs, IT managers and cyber security practitioners in the public sector who are using cloud services already or are thinking about moving to a cloud environment. We’ll cover:
- the advantages of using cloud services;
- how using cloud services changes your risk profile;
- shared responsibility;
- what the NIS regulations are and who is affected by them; and
- techniques for assessing and improving your security posture.
Presenter:
Steve Connolly, Group Manager Assurance, Regulatory Assurance
Data sharing - the basics
Approximate running time: 11 minutes
This session aims to show that data protection law isn’t a barrier to data sharing.
There’s something for everyone regardless of your data protection experience – our aim is to simply explain what to take into account when considering sharing data and show you how you can do that.
We’ll explain how data sharing can happen where needed and give you pointers to make sure you do so appropriately, proportionately, and responsibly.
Presenter:
Rob Cole, Senior Engagement and Policy Officer, Business Advice Services
Employee monitoring: how your business can get it right
Approximate running time: 12 minutes
This session explains how data protection law applies to using surveillance technology in the workplace. It will help businesses understand if employee monitoring is right from them and can be carried out in a way that respects staff and complies with the data protection principles. Doing things right saves time and avoids future disputes.
It is aimed at small-to-medium sized businesses, but is designed to ensure there is something of value for everyone.
Presenter:
Harry Powell, Senior Engagement and Policy Officer, Business Advice Services
Your data sharing tour guide – how to get the most out of our resources
Approximate running time: 15 minutes
This session will highlight the ICO’s data sharing resources, including:
- the data sharing code of practice; and
- other tools and resources on the data sharing web page.
We will explain how you can navigate both the code and data sharing page to find the information you need.
The session will also go through data sharing case studies that demonstrate how you can share personal information confidently and proportionately.
Presenters:
- Daniel Newbury, Lead Policy Officer, Parliament and Government Affairs
- Helen Thomas, Senior Policy Officer, Regulatory Strategy
- Will Johnson, Senior Policy Officer, Regulatory Policy Projects
Better sharing using PETS
Approximate running time: 15 minutes
This session will explain what privacy-enhancing technologies (PETs) are, and how they can be useful when sharing personal data. Building on the ICO’s guidance, the session will cover different types of PETs, how you can use them and how they support data protection compliance. This session is aimed at organisations who are interested in data sharing, but who do not yet have a good understanding of PETs.
Presenter:
Clara Clark Nevola, Group Manager, Anonymisation and Encryption
The nuts and bolts of a cyber investigation
Approximate running time: 11 minutes
This session considers the factors that help determine whether a cyber incident becomes an investigation, the methods of communication we use, our approach to an investigation and the types of evidence we may request from an organisation. There is also a brief introduction to some of the regulatory outcomes at our disposal.
We recommend this video is watched as a follow up to the “We've had a breach, what happens next?” session.
Presenter
Tom Wilkinson, Principal Cyber Specialist
Ask the Apprentices
Approximate running time: 17 minutes
The Defra Group DPO and deputy DPO have established a Data Protection & Information Management Apprenticeship Programme to provide a pipeline of trained information rights professionals (DP and FOI) to fill future vacancies. 15 apprentices have been employed in departments across the Civil Service, including arms' length bodies and non-departmental public bodies such as the Environment Agency.
Presenters
Intro: Angela Balakrishnan, ICO Executive Director, Strategic Communications
Tim Beale, Aaron Ankrah, Amenemhet Asante, Ross McKay
Supply Chain Cyber Security
Approximate running time: 13 minutes
A presentation to help data controllers and processors understand the risks associated with supply chain attacks. Featuring an overview of controller and processor responsibilities under UK GDPR, a discussion of the issues that the ICO has observed during investigations and tips for priority actions to improve your compliance with UK GDPR. The session also provides practical advice on how to secure your environment from attacks that leverage managed service providers.
Presenter
Keith Turner, Principal Cyber Specialist
The UK BCR Addendum: how to speed up your application
Approximate running time: 11 minutes
Find out how the UK BCR Addendum (launched in December 2023) is working in practice and what steps you can take to speed up your application approval.
Presenters
- Rebecca Carleton Bland, Principal Lawyer, Regulatory Assurance
- Kerry O'Donnell, Senior Case Officer Regulatory Assurance, BCRs and International Transfers
- Daniel Morgan, Senior Case Officer, BCRs and International Transfers
The FOI guide to the galaxy – a tour of our online resources
Approximate running time: 13 minutes
The guide takes a tour of the FOI section of the ICO website, going into relevant pages and explaining what resources we have, what’s new and what they can all be used for.
Presenter
Charlotte Dean, Lead Upstream Regulation Officer, FOI and Transparency
Data sharing to safeguard children
Approximate running time: 16 minutes
Data protection law provides a framework to help ensure organisations and people share data to help safeguard children in a fair, proportionate and lawful way. However, we know that sometimes people can be unsure about what they can and can't share and worry about falling foul of the law.
In this session we'll cover our top tips for sharing information to safeguard children to help support you in your work with children. We will reference our 10 step guide on information sharing to safeguard children and other data sharing guidance and materials.
Presenters
- Sarah Lawrence, Senior Policy Officer
- Hafeeza Joorawan, Senior Policy Officer
ICO’s Innovation Services
Approximate running time: 22 minutes
This video covers the benefits of the ICO’s Innovation Services for businesses. That includes free advice and bespoke support, and help to embed data protection by design into new products and services at the pre-market stage. You’ll learn which of the ICO’s three Innovation Services are best for you - Innovation Advice, Innovation Hub, and the Regulatory Sandbox.
Presenters
- Neil Ryan, Senior Policy Officer, Cross Economy Engagement
- Abigail Hackston, Senior Policy Officer, Innovation Advice and DPIAs
- Sarah Kennedy, Senior Policy Officer, Regulatory Sandbox
- Nicholas Patterson, Senior Policy Officer, Innovation Hub