23 November 2016
Roundtable for exchanging ideas on planning and managing a GDPR compliance programme.
Host: Mark Keddie, Chief Privacy Officer, BT Group
Afternoon Roundtable for peer group exchange will focus on managing the EU General Data Protection Regulation (GDPR) compliance process. Regulators and policy makers will not be invited to these roundtables.
Whatever happens with Brexit, your organisation will continue to trade with some of the 30 countries in the European Economic Area and you need to ensure that your organisation is complying with the GDPR.
The emphasis will be on sharing experience to help you organise and manage the process rather than giving legal advice on the impact of the GDPR.
The roundtables will be hosted by companies and take place in London in November 2016 and January and March 2017. Hosts will report on progress in their organisations. In addition, you should expect to discuss your plans with the group. Everyone learns and benefits from this participatory process.
The Roundtable will be limited to 25 people to facilitate discussion in a relaxed atmosphere.
A summary will be prepared after each session by Privacy Laws & Business on a non-attributable basis for distribution to the group.
- Data mapping
- Constructing a plan to ensure consistency across your organisation and assessing the human and financial resources you need to achieve it, for example, defining the role of Data Protection Officer, agreeing where the role would fit in your organisation, and proposing a budget and timeline
- Cultivating potential allies, for example, Chief Financial Officer, Head of Internal Audit, Chief Information Officer, Head of Information Security, Head of Risk
- Gaining time and attention from your board/top management in terms appropriate for your corporate culture, for example, data breach management, risk of fines
- Making your case to obtain and secure more resources from top management, for example, corporate and personal liability of directors, reputation management