About the Data Privacy Cluster
With regular speakers and updates, the Cluster aims to help people to stay abreast of the constantly changing requirements and controls as countries around the world update their individual data protection laws.
Next Meeting
No upcoming events found, please check back soon.
Previous Meetings
Data Privacy Cluster Meeting: Don't Take Me Home!
1st March 2023 | 14:30 - 16:30
Moneypenny Western Gateway Wrexham LL13 7ZB
Purpose
The Cyber Wales, Data Protection and Ethics cluster exists to showcase best practice, whilst providing a community resource for individuals and businesses alike. We want to bridge the gap between traditional IT and Data Protection, speakers are challenged to drop the jargon and inspire us all to think differently.
Event Title: Don’t take me home
Cyber Wales is delighted that on St David’s Day, the day that celebrates the patron Saint of Wales, we will be holding the latest Cyber Wales event in Wrexham. A city known for its long history of football, with the local Club, Wrexham AFC, being the third oldest professional football club in the world. The anthem, Don’t take me home, can often be heard from the terraces, win, lose or draw, in the end it is the being there that counts. Our host’s Moneypenny will be ready to welcome us all on a day of national celebration. The invitation extends across borders and we know you will all want to enjoy the Bara Brith and Welsh Cakes, as much as the speakers and discussion! Luckily, if you are not able to make it in person, you can register to join us online, after all it is being part of the community that counts.
Register to attend in person (limited availability), or join the event online.
Agenda
14:30 Arrival and Networking
14:45 A Cyber Wales Welcome
15:00 Tom Edginton
Tom is the Information Security Manager for Moneypenny, with over 25 years of working in a variety of IT technical and management roles across public and private sectors, including oceanographic research, retail, high end property, finance and business services. His journey into Cyber security started 10 years ago.
He leverages his broad technical knowledge and management experience to continually improve Moneypenny’s security posture and response to any potential breach.
15:30 Clare Patterson and Luke Beckley
Clare has over 25 years of experience in risk management, including working in data protection over the last 12 years. She launched CP Data Protection 5 years ago with the aim of bringing data protection to life and giving clear and practical advice. She works with clients in social housing and similar values-led sectors and is passionate about making a difference through her work. You'll usually find Clare balancing work with family-life, listening to rock music and podcasts, sipping on coffee, and eating pasta. She is also getting ready to launch a podcast with co-host Nathan Bent soon, called \"What's The Difference?”
Luke is the Head of Data Governance and Management at British Land. Data has been a part of Luke’s working life for over 25 years, having managed an array of complex projects from data analytics, information governance and data privacy working in a number of organisations. Luke is passionate about supporting organisations make sense of their data, manage the information environment, drive regulatory compliance whilst understanding and engaging in developing a data ethics framework. A massive tennis fan, he loves drawing analogies from the game and avidly follows (and play’s)! So, should you have a racket to hand, he is available and willing for a round!
16:00 Chad Wollen
Chad is co-founder of Privacy Experience Agency. He has been at the forefront of all things customer-centered digital for 25 years. Working at WPP’s world famous Henley Centre gave Chad a grounding in understanding and predicting consumer behavior. Having held roles at Yahoo, AOL, ITV and Vodafone, Chad has had a mix of customer insight, marketing strategy, innovation and analytics responsibilities, putting him in the midst of the opportunities offered by data and digital platforms.
Whilst at Vodafone, Chads experience and interests with customers, data and innovation came to the fore as Global Head of Permissions Management. The opportunities offered by data could not be unlocked without a new customer and brand driven approach to Privacy. Chad initiated and ran a global programme to do just that. Those major privacy experience projects were the catalyst of what would eventually become PEA.
Immediately before founding PEA, Chad was Chief Marketing Officer of Smartpipe – a Privacy Enhancing Ad Tech platform. At PEA, Chad works with clients globally, to conduct research, deliver strategies and create privacy experiences and communications – all to embed the voice of the data subject into privacy.
16:30 Tours of the Moneypenny building and networking opportunity for those present
Thank you for attending
This event will be run as a hybrid event with an on-premise meeting complimented by a dial-in facility.
The on premise event will be held at Moneypenny, Western Gateway, Wrexham, LL13 7ZB. Maximum of 45 people and free parking available onsite.
Data Privacy Cluster Event: North Wales - 21 October 2022
21 October 2022 | 14:30 - 16:30
Best Companies, Hamilton House, Rackery Lane, Llay, Wrexham LL12 0PB
Purpose
The Cyber Wales, Data Protection and Ethics cluster exists to showcase best practice, whilst providing a community resource for individuals and businesses alike. We want to bridge the gap between traditional IT and Data Protection, speakers are challenged to drop the jargon and inspire us all to think differently.
Event Title: A New hope
It has been a period of isolation with years of online events. Yet, there is a new hope, as we enter a period of re-connecting face to face. We are very excited to relaunch our in-person Data Protection and Ethics series of events, with the first being in Llay Wrexham. Hurrah!
Register to attend in person (limited availability), or join the event online via Teams.
Agenda
14:30 Arrival and Networking
14:45 Chris Roberts – A Cyber Wales Welcome
15:00 Camilla Winlo
Making user-centered privacy work for you
Head of Data Privacy at Gemserv, Camilla is an experienced leader and a regular media commentator noted for her commercial, pragmatic and strategic view of data privacy issues. Key achievements include winning Best Privacy by Design at the DMA Awards and Best Privacy and Data Ethics Initiative at the DataIQ awards, both for work with WarnerMedia and DQM GRC. Prior to moving into data privacy, she was a senior marketer and part of the leadership teams that launched three new financial services brands to market in response to regulatory change.
15:30 Tim Burnett
Security Architect at Costain Group, Tim is an experienced information security consultant, advocating a business-led approach to risk awareness, data protection and threat mitigation. Following 12 years’ experience working across a broad range of network infrastructure and IT systems, from the days when the IT manager really did “do it all”, he has accrued over 20 years’ experience working in information security and data protection, in a range of roles including technical consultancy, UK CISO of a large multi-national, consultancy and advisory services, and DPO of a customer-facing UK & New Zealand based company. He is currently working as a security consultant in a large UK civil engineering company.
16:00 Tim Turner
Director at 2040 Training and the chap behind DPO Daily. Tim has worked on Data Protection, Freedom of Information (FOI) and Information Rights law since 2001. He started at the Information Commissioner’s Office as a Policy Manager on FOI issues, just after the 2000 FOI Act was passed. He has worked with central and local government, wrote guidance and policies for the Commissioner and has spoken at a number of conferences and events. Tim has been Data Protection & Freedom of Information Officer for two councils as well an Information Governance Manager for an NHS organisation. He ran his first training course in June 2005, when his employer at the time gave him permission to run a few courses on the side, as long as it didn’t cause any disruption.
16:30 Thank you for attending, networking opportunity for those present
This event will be run as a hybrid event with an on-premise meeting complimented by a Teams dial-in facility.
The on premise meeting will be held at Best Companies, Hamilton House, Rackery Lane, Llay, Wrexham LL12 0PB. Maximum of 45 people and free parking available onsite.
Teams invite for the dial-in to follow
Hi everyone,
Thank you to those of us who joined us for the session of the Data Privacy Cluster - which was all about Data Ethics!
At our first Data Privacy Cluster meeting, we surveyed attendees and asked what topics they wanted to hear more about. The two topics were Data Ethics and GDPR management platforms.
This session provided a practical introduction to establishing 'Data Ethics' within an organisation:
- We started by exploring what 'ethics' means to us, and ways to manage friction between ethical conduct and business needs
- Then, we took a look at some of the many ways in which data can be dangerous; and how those dangers can be controlled, before moving on to the sticky questions of deciding what you CAN, MAY and SHOULD do with people's data
- Finally, we discussed some case studies of unethical data practices to look at what went wrong
More about Rowenna:
- Over the 10+ years since switching fields, Rowenna has been helping to bring data protection law to life in commercial and voluntary sector organisations, from in-house and more recently; as a consultant
- In 2020, Rowenna established her own company, Miss IG Geek Ltd; providing advice, support, training and guidance on data protection and eprivacy
- If she won the Lottery, Rowenna would probably carry on working in data protection anyway, because its intersection of technology, social order and human rights is just too interesting to miss out on, even if it is a bit of an uphill struggle most of the time
The session was aimed towards:
- Data Protection professionals: Data Protection Officers and consultants
- IT Managers
- Legal professionals
- Procurement teams
- Those seeking to use personal data to drive growth and profitability
Download the slides from the event: Here
.
Hi everyone,
The Data Privacy Cluster is resuming meetings and we are expanding our special interest areas to include Data Governance and Ethics.
The first meeting back will be held on Tuesday 6 July at 16:00 for an hour and will be run as a GoToMeeting session.
As Clusters Leads, we are looking forward to presenting our rationale for the evolution of the Cluster to include:
- The Inclusion of governance frameworks such as Cyber Essentials, ISO2001 etc. which will help give context to how to implement security controls to protect data.
- Understanding of risk and how it effects the organisation (i.e., Third party risk up and down the supply chain, remote working etc.)
- Ethics of security and governance (i.e., dealing with the board and stakeholders, political impact internal and external)
- Asking members to come forward with their stories of journeys into governance to support the DPA.
Gentle reminder… the cluster is not a spring-board for sales pitches or flag-waving about products or services so please help us to keep it vendor neutral.
As a cluster we want to continue to educate businesses, individuals and ourselves not only about data privacy but also about governance, risk and compliance.
We’d love to see you all there – https://businessbutleruk.zoom.us/webinar/register/WN_tioowqlURh6QfLyo6gLIwg
After registering, you will receive a confirmation email containing information about joining the webinar.
Point in Time Notice for Cyber Wales invite Given that members of Cyber Wales and participants at Cyber Wales events will have provided their personal data for the purpose of being informed about and possibly being involved in Cyber Wales' activities, we believe that we have the right to process the personal data previously provided to satisfy those purposes and will rely on this “legitimate interest” as the legal basis for processing personal data until you ask us to stop. We will not process the personal data for any other purpose and we further believe that members reasonably expect us to process their data and communicate with them in this way.
Point in Time Notice for Event on Zoom By registering for this Cyber Wales event, you will be providing your personal details. You may be a member of Cyber Wales or a participant of this Cyber Wales event. These details will not be used for the purpose of providing the Webinar. Zoom's Privacy Notice is found here https://zoom.us/privacy . We will not process the personal data for any other purpose. The legal basis we use for this processing is “Legitimate Interest”.
.
This Cluster is an informal networking group for all those with a responsibility for ensuring an organisation's compliance with the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.
With regular speakers and updates, the Cluster aims to help people to stay abreast of the constantly changing requirements and controls as countries around the worls update their individual data protection laws.
Data Privacy Cluster - July 2019
4th July 2019 | 16:30 - 18:00
CPS Recruitment, 1st Floor, Golate House, St Mary Street, Cardiff, CF10 1DX
This Cluster is an informal networking group for all those with a responsibility for ensuring an organisation's compliance with the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.
With regular speakers and updates, the Cluster aims to help people to stay abreast of the constantly changing requirements and controls as countries around the worls update their individual data protection laws.
On 4th May 2016 a new General Data Protection Regulation was published in the Official Journal of the EU along with notice that it will come into effect on the 25th May 2018. It takes the form of a “Regulation” as opposed to the old “Directive” which means it has the power to impose fines and it applies to…
“Data controllers and processors outside the EU whose processing activities relate to the offering of goods or services (even if for free) to, or monitoring the behaviour (within the EU) of, EU data subjects”
So, if you hold or process information about any EU citizen then you will need to be compliant with these new regulations regardless of whether you are a European company or the outcomes of BRexit – any company in the world can be fined. It is very different to many existing data protection laws and contains many onerous obligations that will take time to prepare for.
This Sub-cluster of the Wales Cyber Security Clusters is open to those with a responsibility for ensuring an organisation's compliance with the new EU General Data Protection Regulation who want to share ideas, challenges and best practice in the run-up to the 2018 deadline.