Masterclass – Data Breach Handling and Minimising Breach Risk in the Voluntary / Not-for-Profit Sector
Tuesday 26th April
Headlines in recent months continue to report data breach cases in the Scottish voluntary/not-for-profit sector. For the first time in 2021, Information Commissioner’s Office (ICO) enforcement actions in the sector were reported. Since introduction of the UK GDPR in 2018, there has been a year-on-year increase in enforcement actions taken by the regulator.
There are several unique risk-factors in the sector, including the use of volunteers with access to confidential and sensitive ‘special category’ personal data, and limited organisational resources to prioritise data protection compliance
This Masterclass is aimed at those in a senior role within a voluntary/not-for-profit organisation with a working knowledge of legal requirements relating to data protection and privacy who are looking for high-level training on what data breaches must be reported to the regulator, how also to handle breaches with a view to minimising risk of fines or investigations and/or enforcement actions, and what practical steps can be taken to improve data protection compliance in a way that reduces the likelihood of breaches arising.
What will this event cover?
- Overview of the UK GDPR provisions on data breaches
- Training on ICO guidance on handling and reporting breaches, and the reporting process
- Practical case studies from 2021 complaints to the regulator involving the voluntary sector and consideration of trends which emerged when enforcement action is taken
- Identifying risk areas for the voluntary sector and recommendations or action points to minimise those risks
- Overview of the in-house training, policies and procedures around data protection which will help minimise risk and demonstrate compliance with the UK GDPR requirements in relation to data breaches.
What are the outcomes?
- Improve professional knowledge of the UK GDPR provisions on data breaches
- Improve understanding of their personal and organisational responsibilities under data protection legislation
- Understand how to ensure the organisation minimises risk of breaches, complaints to the ICO, or regulatory investigations/enforcement
- Understand how to document investigations and report data breaches to meet the accountability requirements of data protection laws, with practical advice on handling data breaches, including investigation and how to approach reporting to the regulator.
- Understand how to evidence compliance to meet the UK GDPR accountability requirements
Who should attend?
This course is suitable for those in a senior role in the voluntary sector with responsibility for data protection compliance, including CEOs, members of senior management teams, Data Protection Officers, or other privacy/data protection champions in the organisation. It is pitched at professionals with a working knowledge of legal requirements relating to data protection and privacy who are looking for high-level training on handling data breaches, minimising the risk of data breaches, or improving data protection compliance. It is suitable for all management levels with responsibility for compliance.
What will the cost be?
£50 + VAT per delegate. Discounted rate available for ACOSVO members.
Reserving a place
To book places online, please complete the form below. Alternatively, please e-mail firstname.lastname@example.org.