Data Security ( Scotland )

With Christine O'Neill and Grant Campbell, Partners, Brodies LLP

Courses available Edinburgh, Glasgow and Aberdeen

Data protection law requires that personal information be held and used securely. Recent headlines have shown that organisations are not doing enough to ensure the security of people's personal information. It is not always obvious what measures should be taken by organisations to comply with the legal obligations.

This session informs delegates of what they need to know to help prevent an investigation by the Commissioner, as well as the adverse publicity that may arise from a data breach.

This workshop examines the law as it relates to data security and the practical steps that organisations need to take to ensure compliance with their obligations. The session looks at how to avoid a data security breach, as well as what can be done to mitigate the effects of a breach that does occur. The session considers the practical implications of the recommendations of various recent government and other reports on the security of data.

There will be plenty of time for questions and delegates are encouraged to bring any queries to the session.

Key aspects of this training session include:

• Analysis of the requirements of the Seventh Data Protection Principle on data security, including the implications of outsourcing
• The Information Commissioner's latest guidance
• The law of confidentiality and its relevance to data security
• Applicable regulatory regimes, including the recommendations of the Financial Services Authority
• Managing a data security breach - what the law requires of the organisation and what best practice dictates
• The legal and commercial consequences of the loss, corruption or theft of data the Information Commissioner's powers regarding data security issues

Course content, topics covered include:

• Information security standards, including ISO27001
• Laptop encryption - the impact of the Marks & Spencer decision
• Taking a holistic approach to data security - staff vetting and access and other organisational measures
• Using external contractors
• Security breaches: informing individuals and the Information Commissioner
• Confinement strategies
• The Information Commissioner's new power to fine for serious breaches of the data protection principles

About the Workshop Trainers

Christine O'Neill is a partner with Brodies LLP. She has an established practice in public and administrative law.

She has particular expertise in freedom of information, data protection and regulation of investigatory powers. As a litigator she has been involved in a number of court actions involving FOI in Scotland and she advises several public authorities on a range of FOI matters. Christine is a regular and experienced contributor to conferences and training events on FOI issues.

Grant Campbell is a partner in Brodies LLP and leads the firm's non-contentious information law practice.

He is an expert in data protection law and advises a wide range on data protection policy and compliance questions.

Both trainers are part of the Brodies team which has advised the Office of the Scottish Information Commissioner.

Who should attend:
Data Protection Officers, IT Managers, Compliance Officers, Corporate Security Officers, legal advisers, persons responsible for risk management

Timing:
Half Day - 9.30am to 1pm

CPD:
May allow 3 hours CPD by the Law Society of Scotland

How Much?

£395 plus VAT ( £454.25 ). 15% discount for second delegate. 20% discount for third and subsequent delegates.

Further Information

Tel: +44 (0)845-226 5723
Fax: +44 (0)870-137 7871