Click HERE to reserve your
place now !!!
8:30 - 9:00 Registration & Coffee
9:00 - 9:15
Chairman's Introduction: Privacy
& Data Protection overview
Alastair Gorrie,
Partner, Orrick, Herrington & Sutcliffe
Panel One: Data export
compliance including binding corporate rules and outsourcing
9.15 - 9.45
Global Data
Transfers Practical Options for Companies
John
Whelan, Partner, A&L Goodbody, Ireland
- Data protection
compliance options available for U.S. companies operating in E.U.
- Methods
to address data transfer restrictions to U.S.
- Individual consents or data
protection agreements
- Pros and cons of the "U.S. Safe Harbor" Programme
- Global privacy policies
- Obligations/exposure when E.U. personal
data hits U.S. company data bases
- U.S. privacy law, CAN-SPAM and HIPAA
applications to E.U. data reaching U.S.
9.45 -
10.10
Data Security Law and Practice: Data Security Compliance for
Companies doing Business in Europe and America.
Philip Nolan, Partner, Mason Hayes+Curran,
Ireland
- Recent data security
breaches arising in the U.S. and the E.U.
- Security breach notification
laws in the US and Europe
- Lack of awareness in the E.U.?
- Making
data security a business practice
10:10 10:40
SOX, Data Protection and
Hotlines: Whistle while you work?
Robert Bond,
Partner, Speechly Bircham LLP, UK
- SOX 301(4)
- French,
German and other EU concerns
- CNIL Guidelines and Authorisation
-
Article 29 Working Party review
- Can 301(4) and EU laws sit side by side?
10:45 - 11:00 Coffee
11:00 -11:25
Data Protection Law in Practice -
How can companies achieve compliance?
Steven De
Schrijver, Partner, Van Bael & Bellis, Belgium
- Reasons for
carrying out a data protection audit
- Different stages of a data protection
audit:
Pre-audit
Performance of the audit
Post-audit (including a discussion of the actual compliance measures)
11:25 - 11:50
Data Protection and
Outsourcing
Mark Watts, Partner, Bristows,
UK
- What are the data protection legal issues?
- What are
the respective positions and duties of the client and service provider?
-
How to deal with offshore outsourcing and international transfers?
- How to
address data protection in outsourcing deals?
11:50 - 12:15
Binding Corporate Rules: The UK
Regulators perspective
Boris Wojtan, UK
Information Commissioners Office
- The motivation for the BCR
procedure
- The practical approach adopted by the ICO
- The work
currently underway
- Cooperation procedure between EU DP Authorities
12:15 - 12:40
The Irish commissioner's
view: compliance, enforcement and the future
Billy
Hawkes, Data Protection Commissioner, Ireland
12:40 - 1:00
The Data
Protection Interactive
- SOX, Data Protection and Hotlines
-
Binding Corporate Rules
- Data Protection and Outsourcing
Panel Chairman: Alastair Gorrie
Panellists:
John Whelan, Phil Nolan, Robert Bond, Steven De Schrijver, Mark Watts, Boris
Wojtan, Billy Hawkes
13.00 -
14.00 Lunch
Panel Two: Using
and Managing Personal Data
14:00 -
14:10
Co-chairman's Introduction: Direct Marketing and Managing
Personal Data
Co-chair: Geraldine Lawlor,
Head of Anti Money Laundering, Data Protection & Competition Law, AIB
Capital Markets, Ireland
14.10
- 14:40
Mitigating the Privacy risk of Sales & Marketing
Tim Beadle, Director, Marketing Improvement,
UK
- Why Sales & Marketing are the greatest risk areas
-
How to make the business case for Privacy
- Best practice on the Web for
privacy
- Best practice on databases and Salesforce Automation for privacy
14:40 - 15:05
Realizing business
Value through Privacy Control Architecture
Paul
Lavery, Partner, McCann FitzGerald, Ireland
- Issues: legal
compliance does not equal compliance in practice
- Approach: only
methodology available
- Outcomes: ROI, Iron clad compliance &
transparency
15:05 - 15.30
Case
Study: Data Protection within Practical Marketing
Tim Trent, Consultant, Marketing Improvement,
UK
15:30 - 15:45
Panel
Discussion: Using and Managing Personal Data
Panel Chairman: Geraldine Lawlor
Panellists:
Tim Beadle, Paul Lavery, Tim Trent
15:45- 16.00 Coffee
Panel Three: Subject access requests, Employee Protection
and litigation
16:00 -
16:35
Data Subject Access Requests: Analysis and Practical
Guidance
Renzo Marchini, Dechert LLP,
UK
- The Data Subject's Right of Access under the Directive
- Back to basics: definitions of "personal data" and "personal data filing
systems"
- Is the narrow definition given in UK case law consistent with
the Directive (analysis of Durant v Financial Services Authority)?
- Recent
Article 29 Working Party guidance
- Official guidance from supervising
authorities
16:35 - 17:00
Recent
Developments with Employee information in Europe: subject access requests and
litigation
Anne Coles, Senior Partner, AMC Law,
UK
EMPLOYEE INFORMATION
- Employee records what you
can collect, what you can retain and what you must delete
- Monitoring your
workers - email, web access, CCTV and surveillance - -what you can and can't
do
- Health records - occupational health schemes, drug and alcohol
testing, genetic testing and beyond
LITIGATION
- Celebrity cases
don't make good law
- Brief examination of recent case on privacy and data
protection
17:00 - 17:25
Panel Discussion: Subject access requests and
litigation
Panel Chairman: Alastair Gorrie
Panelists:
Renzo Marchini, Anne Coles
17:25 Chairman's
final remarks and close of conference
- End of Conference -
18:00 21:00 Cocktail
Party
Click HERE to reserve your
place now !!!