The following persons, all experts in their fields, will be speaking and taking questions at the 8th Annual Data Protection Compliance Conference.

Delegates will have an opportunity to network with speakers and delegates during the lunch break, coffee breaks and at the Wine and Canapés Reception.
 

Conference topic:  Monetary penalties, the power to conduct data protection compliance checks and increased funding are all on the horizon for the Information Commissioner’s Office.  In this keynote address the new Information Commissioner, Christopher Graham, discusses the impact that these developments will have both on organisations and on the regulator.  He will also give his views on the opportunities and challenges ahead.

Biography:   Christopher Graham becomes UK Information Commissioner in June 2009, with responsibility for overseeing the Freedom of Information Act and Data Protection Act regimes - promoting access to official information and protecting personal information.  Christopher was Director General of the Advertising Standards Authority from April 2000 to June 2009.  From 2003-2005, he was Chairman of the European Advertising Standards Alliance, the federation of advertising self-regulatory bodies across the EU Single Market.  Prior to joining the ASA, Christopher was Secretary of the BBC for three years.  Christopher first joined the broadcaster as a News Trainee in 1973.

He was Deputy Editor of The Money Programme and became Managing Editor of News Programmes for TV and Radio.

How to deal with enforcement actions Margaret Tofalides Partner, Manches

Conference topic:  The Information Commissioner has new powers, and enforcement actions are on the rise.  In this presentation, Margaret Tofalides gives practical advice on dealing with the ICO when your organisation is the subject of an investigation.

Biography:  Margaret Tofalides is a Partner with Manches in the Technology and Intellectual Property team.  She is a nationally recognised expert in data protection and privacy law, advising leading companies in the information services, retail and financial sectors.  She works closely with the Information Commissioner’s Office and industry groups, advising several industry bodies and leading players in the offline and online electronic environment.

Privacy by design: building privacy into the project lifecycle Andrew Dyson Partner, DLA Piper

Conference topic:  Organisations must now consider privacy issues at the creation stage of any project involving personal data.  In this talk, Andrew Dyson discusses how information professionals can be effective in working alongside the business to develop plans that deal with privacy risks from the outset.

Biography:  Andrew Dyson is a Partner in the Technology Media and Commerce group at DLA Piper.  He advises clients on IT contracts and information law issues, with specialist expertise in data protection and freedom of information.  Andrew works closely with significant public and private sector organisations, developing effective strategies for compliance.  He has particular expertise in advising on the management of personal data in the context of outsourcing transactions, corporate acquisitions and in the health and HR environments.

Data protection issues in employment during corporate reorganisation Cindy Paul Data Protection Manager, Deloitte LLP

Conference topic:  Change is in the air - many organisations are merging, as well as taking steps to in-source or reorganise functions.  The effect of these changes on the use of staff data is often overlooked.  In this presentation, Cindy Paul discusses the issues that must be taken into account.

Biography:  Cindy Paul is a manager in Deloitte's data protection and privacy team.  She advises a range of clients on data protection and privacy issues.  In her previous role as Data Protection Manager with AXA Life, Cindy gained considerable experience in providing comprehensive risk based advice on the privacy aspects and contractual terms of marketing projects, outsourcing and off-shoring, corporate partnerships and company mergers and acquisitions.  Cindy has also advised on policy development and best practice for data security in FSA regulated customer services processes, as well as the design and implementation of new software and IT systems for financial services companies.

Database issues: keeping personal data safe Richard Hollis Chief Executive Officer, Orthus

Conference topic:  Alongside restructuring, downsizing, mergers and acquisitions, incidents of employees removing personal data from organisations is increasing.  Richard Hollis discusses such employees’ current motives and methodologies and presents the ten fundamental ways to protect the personal data held by your organisation in the current economic climate.

Biography:  Richard Hollis is the Chief Executive Officer of Orthus, a European information security risk management consulting firm specialising in providing independent information risk management services.  As a Certified Information Security Manager (CISM), Certified Protection Professional (CPP) and a Payment Card Industry (PCI) Qualified Security Assessor (QSA), Richard designs, implements and manages comprehensive information security programmes and architectures for technology driven companies.  Over the course of his career Richard has served as Director of Security for Phillips and Deputy Director of Security for the US Embassy Moscow Reconstruction Project, as well as a variety of sensitive security positions within the US government and military.

Closing the privacy gap when data are used in software development, testing and training Paul Garstang Data Privacy Leader, IBM

Conference topic:  Often data are used for software development, testing and training, but organisations frequently overlook the need to have adequate security measures in place during this time.  In this talk, Paul Garstang discusses proactive strategies to remove this vulnerability within your organisation.

Biography:   With over 20 years experience in IT, first with Princeton Softech and then with IBM, Paul has been a champion for data privacy in the often overlooked test and development environments.  He has worked with organisations across the private and public sector, including BT, Deutschebank, Chivas Regal, Yorkshire Water & Aviva in helping them implement enterprise wide strategies for ensuring adequate protection of sensitive data.

Managing data protection throughout the organisation David Pickersgill EMA Director of Commercial Compliance, Johnson & Johnson Vision Care

Conference topic:  Every person in an organisation who deals with personal data needs to be aware of the regulations, restrictions and policies about handling such data.  This can be a difficult task in both small organisations as well as large multi-national organisations.  In this presentation, David Pickersgill discusses the challenges that he faces and gives practical examples of how he manages to get people on board.

Biography:   David Pickersgill is the EMA Director of Commercial Compliance for Johnson & Johnson Vision Care and is responsible for the development and implementation of the commercial compliance programme across Vision Care EMA which includes data privacy and records management.  David has been in the healthcare industry for 17 years, during which time he has gained broad experience across a number of functional areas including sales, logistics, project management and compliance.

Cloud computing and data protection compliance Hazel Grant Partner, Bird & Bird

Conference topic:  Many organisations are turning to cloud computing and similar technologies to manage their information.  However cloud computing raises some unique data protection issues due to the uncertain location of the data.  Hazel Grant discusses the issues to be addressed when using cloud computing technologies for personal data, including issues with data transfers, data controller/processor status and auditing compliance.

Biography:  Hazel Grant is a Partner in Bird & Bird’s IT Sector Group, where she advises on public procurement and contract law for IT projects, the licensing of software, databases and data protection.  Hazel’s clients range from central government departments to web retailers and global professional partnerships.

E-discovery: conflicts between EU Member States and the US in litigation Renzo Marchini Counsel, Dechert

Conference topic:  There is a conflict between EU data protection rules and e-discovery and disclosure requirements of US courts.  This session explores this conflict, what the regulators and courts are saying, as well as practical solutions to the problems.

Biography:  Renzo Marchini is head of Dechert’s international privacy/data protection team, where he specialises in IT, commercial and intellectual property issues.  Many of his clients are in the financial services sector.  Prior to joining the firm, he was a software engineer at Logica.  Renzo lectures and writes regularly on data protection, IT law and e-commerce.  He contributed the chapter on data protection in Exchange and Alternative Trading Systems (Sweet & Maxwell).

Pan-European issues when creating a multi-national data protection compliance programme Monika Kuschewsky Partner, Van Bael & Bellis

Conference topic:  Multi-national organisations must comply with the varying data protection laws of the EU Member States.  Monika Kuschewsky discusses the requirements in France, Germany and Spain and gives advice on practical steps to take, and pitfalls to avoid, when setting up a multi-jurisdiction compliance programme.

Biography:  Monika Kuschewsky is a Partner at Van Bael & Bellis in Brussels.  She heads the firm’s European data protection law practice and is qualified as a company data protection officer.  She has coordinated and supervised
pan-European data protection law projects and audits for several multinationals and SMEs established in Asia, Europe and the USA.  Monika develops and implements tailor-made compliance programmes and regularly advises on questions of data protection law, with a particular focus on international data transfers, outsourcing, HR and direct marketing.

Chair's opening remarks Bridget Treacy Partner, Hunton & Williams

Biography:  Bridget Treacy leads the UK Data Protection and Outsourcing practice at international law firm Hunton & Williams.  She has built considerable expertise in advising on domestic and international data protection issues, particularly in the context of cross-border outsourcing and technology transactions.

Bridget’s transactional background has ensured that her data protection advice is centred on achieving practical, rather than merely theoretical, solutions to privacy issues.  Bridget is the Editor of Privacy & Data Protection journal.