Recent high profile security breaches have pushed data security high up the agenda of most organisations. In the light of such data security concerns and advice and recommendations from the Information Commissioner and other bodies, this session examines the practical steps that must be taken to ensure compliance with the law in this area.

The session looks at what constitutes a data security breach and how such breaches can occur. It also considers how to avoid breaches, and the practical steps that should be taken when a breach occurs.

Key aspects of this session include:

• Analysis of the underlying law including a detailed review of the Seventh Data Protection Principle
• The Information Commissioner's latest guidance
• The law of confidentiality and its relevance to data security
• Applicable regulatory regimes including guidance from the FSA
• Data security implications of using external contractors and outsourced service providers
• Examination of the Information Commissioner's new power to issue Monetary Penalty Notices and other legal and commercial consequences of data security breaches
• Managing a data security breach - law and best practice

Delegates are encouraged to bring their own questions to this interactive session.

Topics covered include:

• Relevant information security standards, including ISO27001
• Laptop encryption - the impact of the Marks & Spencer decision
• Taking a holistic approach to data security - staff vetting and access and other organisational measures
• The implications of using external contractors to carry out data processing activities
• Informing data subjects and notifying the Information Commissioner about data security breaches - what is required?
• Confinement strategies to prevent further dissemination of lost or stolen data
• The Information Commissioner's new power to fine for serious breaches of the data protection principles

About the Workshop Trainer

Phil Tompkins is a director at Dickinson Dees LLP. His practice areas includes information law and IT law. Phil advises private and public sector clients on data security and all aspects of data protection law.

Phil lectures on the LLM in information rights law at Northumbria University and is currently writing a practitioner's guide on information sharing for the Law Society.

Who should attend:
Data Protection Officers, IT Managers, Compliance Officers, Corporate Security Officers, legal advisers; persons responsible for risk management

Dates and Locations:
London Wednesday, 18th March 2009
Belfast Tuesday, 12th May 2009 *
Manchester Friday, 5th June 2009
London Thursday, 8th October 2009

Venues:
All our courses take place in high quality central city hotel venues

Timing:
Short Day: 10am to 4pm
* 9.30am to 3pm in Belfast

CPD:
Accredited by the Law Society with 5 hours CPD

How Much?

£395 plus VAT ( £454.25 ). Discount: 15% discount for second delegate, 20% discount for third and subsequent delegates.

Further Information

Tel: +44 (0)845-226 5723
Fax: +44 (0)870-137 7871