A Post-Brexit Perspective: Managing Personal Data Breaches

Brexit will have a profound effect on how U.K. businesses address their privacy programs. Faced with new challenges for maintaining data transfers across Europe, organisations need a proactive plan to manage personal data breaches. Because of this, organisations are asking questions like: when can you rely on the one-stop shop mechanism? What is the overlap between ICO requirements and U.K.-relevant sectoral law breach obligations, such as the PECR, NIS and eIDAS? How will Brexit affect breach management and notification obligations with respect to the ‘U.K. GDPR’ and EU GDPR requirements?

This session will address these questions, share the latest updates on Brexit, highlight specifics of the ICO’s requirements, and provide practical advice for ongoing incident and breach management in the post-Brexit era.

What you will take away:

• Learn the overlaps between ICO requirements and U.K.-relevant sectoral law breach obligations.

• Understand the impact of Brexit on ‘U.K. GDPR’, EU GDPR breach management and notification obligations.

• Gain actionable insights and practical advice for ongoing incident and breach management in the post-Brexit era.

Panelists:

Clare Atkinson, CIPP/E, CIPM, Head of Privacy, Bupa Global

Phillip Lee, CIPP/E, CIPM, FIP, Partner, Privacy, Security and Information, Fieldfisher

Linda Thielova, CIPP/E, CIPP/US, CIPM, Data Privacy Counsel, OneTrust

Dan Whitehead, Senior Associate, Hogan Lovells