THIS EVENT IS NOW FULLY BOOKED: Data Subject Access Requests and Data Breaches for HR
- 20 November 2018
- 9:00am – 10:30am Registration from 8:30am
- 5 Chancery Lane, London, EC4A 1BL
- Entry: Free
Submit your details to request event materials
Organisations can be on the receiving end of extensive requests from clients or customers, employees or even members of the public. However they are perhaps most common, and most problematic, in an employment context – a disgruntled employee may bring a DSAR to gather evidence for a claim, or increase pressure with the hopes of securing an exit package.
Dealing with requests can be a headache. In addition to coping with the sheer volume of documents such requests can produce, overstretched IT or HR personnel need to work with concepts which have yet to be defined (for example what is “manifestly excessive”?), apply complex doctrines (such as the law relating to privilege) and deal with complex issues (such as how to treat the data of third parties).
In addition, GDPR ushered in a new regime of mandatory reporting and notification for data breaches. It could be as simple as an employee sending an email to the wrong email address. HR professionals are now being asked regularly to ask whether a data loss or data breach triggers the notification threshold for the ICO (or other regulators across Europe) and whether data subjects should be informed. There is also a need to consider the impact on an employee population that the news that their data may be in the wrong hands may have.
In our breakfast workshop for HR professionals we look at some FAQs on the new DSAR regime and also at spotting and handling some of the more “routine” data breaches.
PLEASE NOTE: This event is now fully booked. If you would like to be added onto the waiting list, please contact our events team.
I am Co-Head of Lewis Silkin's Data & Privacy Group. I work in three main areas: data & privacy, general employment law, and sports law.
- +44 (0)20 7074 8196