Maintaining Momentum

28 November 2018

HSBC, London


The ICO’s way ahead for certification and codes of practice

Date and Location

Wednesday 28 November 2018
09.00 - 17.30

Location: HSBC, Canary Wharf, London

Host: Cameron Craig, Deputy General Counsel - Group Head of Data Privacy, HSBC, UK

Six months after the adoption of the GDPR and the UK Data Protection Act 2018, this Roundtable is your opportunity to discuss the practical steps you are taking and how they are working in practice:

  • How are you continuing to maintain your momentum when some top managers may have started to give less attention and fewer resources to GDPR implementation?
  • How have your action plans shifted over time?
  • On which specific issues would you like to exchange experience on integrating the GDPR in general and the UK’s Data Protection Act 2018 in particular into your everyday operations?

This event is limited to 25 people to facilitate discussion in a relaxed atmosphere.
Lunch is included, ideal for networking.

This event qualifies for 6 SRA Continuing Professional Development hours.

Information Commissioner's OfficeIn the middle session of the day, Helen Moores, Senior Policy Officer at the Information Commissioner’s Office, will join the Roundtable to explain the ICO’s new policies on certification and codes of practice, important methods supporting companies’ duty to demonstrate accountability. Certification is a new area for European data protection law with many issues to resolve. Codes of conduct can enable sectors to act together, addressing common issues that will be hard to solve in isolation.

Your dialogue with Helen will give you plenty of time to ask questions and discuss the implications for your company and sector. We can expect her to cover:

  1. What are the essential elements of certification and codes of conduct?
  2. Who will conduct validation and how will the process work?
  3. Which sectors will receive priority for certification and codes of conduct?
  4. To what extent will companies have an opportunity to participate in the development of the ICO’s standards and codes of conduct?
  5. To what extent will adherence to accredited certification provide a defence against ICO enforcement action?
  6. While the UK is in the Brexit transition period for the next year or so, to what extent will there be coordination on this issue between Data Protection Authorities in different Member States?
  7. If Brexit goes ahead, will the ICO continue to utilise these EU-wide standards?

Following the session with Helen, you will have the opportunity to discuss with other members of the group how you envisage working within this new framework combining flexibility with responsibility.

A follow-up report will be produced by the PL&B editorial team after the Roundtable summarising the issues and action points without identifying the names of organisations or those reporting on their experience. The anonymity of this arrangement gives everyone involved the confidence to speak freely.

This series is hosted by companies rather than law firms to ensure that the emphasis is on practical experience rather than legal advice. We greatly appreciate HSBC hosting this event.