The GDPR is here and so is the new Data Protection Act. The electronic Privacy Regulation (ePR) will be coming soon and we still need to comply with the current Privacy and Electronic Communications Regulations (PECR) in the meantime.
Our new workshops are here to help you to review how well your organisation is doing with its compliance with the various regulations currently. They are also perfect for updating your knowledge on the current status of all the regulations as well as for new employees who need to learn what they contain and how they apply to them.
The workshops will fill in gaps in your knowledge but the main focus is to provide you with the opportunity to establish areas where you need to take action to ensure that you fully comply with the regulations.
The Are we there yet? workshops are directly tailored to:
- your organisation
- your product or service
- your market – including B2B, B2C and charities
- your customers’ needs and expectations
- how you use data for marketing purposes
- whether your organisation processes personal data as a “data controller” or “data processor” or both
- your existing knowledge
- your current state of compliance
- your specific concerns
The day will include:
1. Overview – where are we now?
What has happened since May 2018
- The GDPR is in force
- The Data Protection Act 2018 is in force
- PECR is still in place
- ePR (e Privacy Regulation) is currently being reviewed. What is it likely to contain
- The HM Government is seeking a legally binding data protection agreement with the EU for post Brexit 2.
2. What you have done to be compliant with the laws?
- Information audit
- Reviewed and cleared personal data where needed
- Established lawful bases for processing personal data
- Put in place systems to record and manage consent
- Created privacy notices and policies
- Agreed a process for right of access to personal data
- Created written agreements with data processors
- Put data protection management in place. E.g. risk assessments
- Appointed a Data Protection Officer – if needed
- Put protection in place for personal data transferred outside the European Economic Area
- Put processes in place to handle data breaches
3. A reminder of the key aspects of the GDPR with real life examples.
E.g. extracts from privacy notices and consent forms:
- What personal data includes?
- Lawful bases for processing
- Data minimisation and retention
- Transfers of data
- Individuals’ rights and the need to consider
- Corporate individuals
- General partnerships and limited partnerships
- Privacy by design
- Data Protection Officer responsibilities
- Data Protection Impact Assessments
- Accountability and Governance
- Data security - Data breaches
- Penalties – what happens if...?
4. How does this apply to you?
- Gaining consent - Examples: Photos, CCTV
- Think data protection at all times
5. Compliance assessment workshop
- Checklist and action plan
6. Q & A session
The workshops are aimed at all those in your organisation that handle personal data. Compliance with the GDPR, the Data Protection Act and the PECR is vital and any changes still needed involving data collection, processing and communications must be made without delay. This may require decisions to be taken at senior management levels. Marketers are likely to be the key attendees but the workshops can also be invaluable to those in IT, finance, service, human resources, sales and any other customer facing roles.
What will you get from the workshop?
At the end of the workshop, you will have a clear understanding of what else you need to do, why you still need to do it, how to go about getting it done and who should be involved. You will also know where to go for support with any areas.
About the workshop leader
The workshop leader is Steve Bax from Bax Interaction. Steve is a Chartered Marketer, a member of the Market Research Society and a Fellow of Cambridge Marketing College. He is a highly experienced tutor and trainer and has been teaching marketers the key aspects of data protection and privacy regulations and directives for over 13 years. Steve has been delivering a workshops and seminars on the GDPR, the Data Protection Act, PECR and the proposed ePR reforms since May 2017.
The Are we there yet? workshops are available for small numbers of delegates from various organisations at a Cambridge venue or as tailored in-house sessions.