8:45

Welcome and opening remarks from the Chair

Francesca Comyn

Francesca Comyn

Legal Affairs Correspondent, The Sunday Business Post

Your obligations and what they mean for your organisation

8:55

INTERNATIONAL OPENING ADDRESS: The GDPR: Strengthening data protection in the EU

Christian D’Cuna

Christian D’Cuna

Policy Advisor, European Data Protection Supervisor (the EU’s independent data protection authority), Brussels

9.15

Demystifying the GDPR and understanding how it will impact your business

Our national regulator will clarify what it all means for your organisation as you look ahead to May 2018.

John Keyes

John Keyes

Assistant Commissioner, the Office of the Data Protection Commissioner

Getting to grips with compliance

9.35

INTERNATIONAL KEYNOTE ADDRESS: Countdown to GDPR: What you need to do to make sure you are ready

Plus, what if you haven’t even started?! What you need to do RIGHT NOW to ensure compliance on time.

Paul Jordan

Paul Jordan

European Managing Director, International Association of Privacy Professionals (IAPP), Brussels

9.55

Managing Consent: Understanding what’s changing under GDPR

The GDPR is changing how consent is attained. The ͞opt-out͟ that we are all used to using to get consent will be a thing of the past. In addition, any existing consents for data already collected on this basis will be invalid. In this session, we’ll discuss:

  • Breaking down consent: How should you be interpreting it?
  • Understanding the legal basis for consent
  • Effectively offering your data subjects the opportunity to opt-out
  • How is the regulator viewing consent?
Fintan Swanton

Fintan Swanton

Managing Director, Cygnus Consulting and former President, Irish Computer Society and Association of Data Protection Officers

10.15

Q&A with speakers

10.30

Morning Break

11.05

Establishing accountability to ensure compliance

In order to protect personal data it’s vital to know how it moves through your organisation. Knowing your data processing operations, why you process data and how it is protected is key to establishing a strong privacy programme. Because the GDPR will increase accountability and governance obligations, you will have to demonstrate to the regulator and other stakeholders that you have implemented operational compliance. What are the best approaches to setting up an accountability framework?

Paul Breitbarth

Paul Breitbarth

Director, EU Certification Research and Senior Solutions Advisor, Nymity

11.35

PANEL DISCUSSION: Establishing a culture of Compliance: Why does it matter?

Everyone in the organisation needs to understand what’s at stake when it comes to compliance with the GDPR. Our panellists share their advice and insights on how to get internal buy-in for your privacy programme

Peter McParland

Peter McParland

CEO, Perception Consulting

Tom Hulton

Tom Hulton

Compliance Manager, An Post and Chairman, ADPO (Association of Data Protection Officers)

Melanie Blake

Melanie Blake

Group Head of Compliance, Paddy Power Betfair

12:15

Lunch

1.25

Welcome back from the Chair

Francesca Comyn

Francesca Comyn

Legal Affairs Correspondent, The Sunday Business Post

1.30

Getting the most out of your Privacy Impact Assessment (PIA)

If your organisation is processing personal data that is likely to result in a high risk to the data subject’s rights, a PIA must be carried out prior to commencing that processing. The PIA is a valuable tool for assessing your organisations’ data privacy risk. In this session, we’ll take a closer look at how to conduct a PIA and get the most out of it. Even if you are on a limited budget, there are steps you can take to conduct a basic assessment.

Kabir Barday

Kabir Barday

CEO, OneTrust

1.50

Preparing for the inevitable: Ensuring you are ready to handle a breach when it happens

The time to prepare for a breach is not after it happens and your company’s name is in the headlines. The time to prepare is now! Creating a data protection plan with the potential risk of a breach in mind is vital to ensure you are prepared. In this session, we’ll look at:

  • The emerging breach notification requirements under the GDPR and the practical impact they will have on organisations
  • What you should be doing to make sure you are prepared to handle a breach
  • And avoid harm to your company’s reputation
Tom Brett

Tom Brett

Cyber Security Expert, ICT Advisor and course Director, Institute of Public Administration

2:10

Q&A with speakers

The practicalities…

2:25

Managing your resources: Determining where to use your human and financial capital

Allocating resources for GDPR implementation and your privacy programme is a pain point for many organisations. Knowing what will be required of staff as well as how much to spend isn’t clear no matter how many employees you have. In this session, we’ll discuss how to manage resources whilst still ensuring compliance:

  • Investing in training your staff
  • Determining whether outsourcing is the best option for your organisation
  • Prioritising where you should be allocating your resources on a tight budget
Phillip Fischer

Phillip Fischer

CIO and PMO Europe, Aramark

2:45

LOCKNOTE PANEL: Where are you on your GDPR journey? Practical tips and advice from our panellists who share their insights and experience

This is an interactive session so have your questions ready:

  • Test your vendors: When you have several providers who claim they can solve your GDPR issues, how do you choose the right one?
  • DPR and the Cloud: How to ensure your service provider is compliant? Companies and their outsourced service providers are now jointly liable under the GDPR. What does this mean for your business?
  • The evolving role of the DPO: Who should be the DPO? Integrating the role into your business, the benefits and pitfalls of outsourcing the DPO role, what to expect post-implementation
Brian O'Connor

Brian O'Connor

Group Data Protection Officer, Aviva Ireland

Fergal Crehan

Fergal Crehan

Regulatory Affairs Executive at Three Ireland

Aoife Sexton

Aoife Sexton

Co-Founder, Frontier Privacy and Ambassador, the GDPR Awareness Coalition

Corné Purcell

Corné Purcell

Data Protection Officer, Lloyds Pharmacy and United Drug Wholesale

3:30

Wrap up and summit close