GDPR: Assessing the assessments. Auditing your application of the GDPR rules
Although the general hubbub around the launch of GDPR in 2018 may seem to have calmed down, it remains the case that organisations of all sizes cannot be complacent about data privacy.
The past year has seen authorities around the world levy hundreds of millions of pounds of fines against organisations who did not apply data privacy rules correctly. This year alone the UK Information Commissioner’s Office has fined Interserve £4.4 million and even more eye-wateringly, Instagram was fined 405 million Euros by the Irish Data Protection Commissioner.
Aside from these headline breaches, regulators across Europe have cracked down with a host of fines on many other organisations of all sizes which have failed to protect their customers’ data. Even some of the fines for small organisations have run into six figures.
International GDPR expert Robert Bond is collaborating with Ganly Tipper Learning Limited, which offers specialist training in the field of data privacy. ‘Assessing the Assessments: Auditing Your Application of the GDPR Rules’ is being delivered online on Monday 9th and Tuesday 10th January 2023.
Robert Bond said: “With the levels of financial penalty being levied on organisations for data breaches, business leaders and business owners literally cannot afford to be complacent in this area. Prevention is always better than an enforced ‘cure’ given the possible financial penalties and huge reputational damage that can result. The less ‘if only we had’ moments the better for firms. Unfortunately, there are some firms who haven’t done this cost benefit analysis on a continuous basis.
“There are, of course, many legitimate ways of interacting with your customers and any organisation that knows these and how to safely apply them is significantly reducing their risk of breach.”
Founder and Director of Ganly Tipper Learning Limited, Gerry Ganly (pictured), said: “The fact of the matter is that customers and clients of organisations of all types and sizes now expect their privacy to be protected and respected at all times, whether they are doing their personal banking or buying a Christmas present online.
“Of course, the risk applies to all organisations operating across private, public, and third sectors and not just those operating in regulated areas sectors such as financial services or gaming.
“The workshop will cover the data risk assessments that need to be used in order to comply with data protection laws. It is essential to realise the auditing of your position is a valuable risk assessment tool which is vital in protecting the business.”
Robert will discuss the growing number of data risk assessments that need to be used in order to comply with data protection laws. Whether or not the law mandates data risk assessments, it is essential to realise that assessments are a valuable risk management tool and are proactive in protecting the business.
Using practical examples and case studies, Robert will share his expertise on:
- Legitimately using Legitimate Interest Assessments
- Effective use of Data Protection Impact Assessments
- Ensuring Privacy by Default & Design
- Data Transfer Risk Assessments
- Online Safety Risk Assessments
The full day workshop ‘Assessing the Assessments: Auditing Your Application of the GDPR Rules’ is being delivered by Robert Bond over two half days on Monday 9th January (morning) and Tuesday 10th January (afternoon) 2023.