On October 3rd, 2019 Information Governance and IT professionals from the North East, North West of England and Scotland gathered for the launch of the Northern Information Governance Forum at the prestigious Head Office of Virgin Money in Newcastle.
The event was opened by Mark Dennis, Managing Director of Evolve North (one of the sponsors of the event) who introduced the forum as ‘a self help group for Data Protection and Cyber Security folks’. Mark stressed that the NIGF requires support from all of us, nothing is set in stone and its ownership is all of us. Mark thanked the additional sponsors of the launch event including; Virgin Money, Online Systems, and NGI.
The first speaker for this event was Alex Hodge from Grosvenor Estate sharing the challenges of Data Protection in a Diverse Organisation.
Alex talked the forum through the complexity of the Grosvenor Estate organisation and how they developed their Information Governance framework. He explained how their team developed their clever ‘Information Governance awareness’ 5-week campaign which helped communicate their plan with all staff; from gamekeepers to office-based workers. The aim of the campaign was to distil key information in a humorous but informative way.
The second speaker of the day was Dan Hunter, Data Privacy Business Partner at Virgin Money. Dan shared the Virgin Money experience, and their simple ethos is that everybody should care about privacy. He explained how Virgin Money was able to get buy-in from employees through e-learning programmes and a bespoke Data Protection Matters hub on the company’s Intranet.
Dan talked about the requirements of GDPR, breaches, fines and Risk Management. He highlighted the Dutch fine structure emphasising the point that there are now a growing number of sources that help firms in their financial risk assessments. He also covered Data Subject Access Requests challenging organisations to be transparent and to invest in understanding customer expectations whilst also raising the question of how it is we can allow customers/clients to self-serve their information requests in the future?
The final speaker was Helen McElroy who is a Senior Information Governance Specialist with Evolve North. Helen talked about what a GDPR Certification Scheme could look like and an update on Brexit – Deal or No Deal.
Helen went into more detail on Codes of Conduct, the ICO’s role and purposes and advantages of a Certification scheme. She then went on to outline the roles of the different bodies; ICO, UKAS, Accredited Certification bodies and EDPB. Further to this she highlighted Evolve North’s discussions with the ICO around Scheme Areas.
On the subject of Brexit Helen highlighted the need to consider personal data transfers between the UK, EEA and other countries and what additional safeguards may need to be implemented when the UK leaves the EU, , with practical advice on what to do now.
At the end of the day the forum was opened up to topic suggestions for future events, from engaging senior management, to mobile devices and monitoring, small businesses and charities, what would a toolkit look like, a session about what did we learn from this?, Breaches, Employee engagement at all levels, access to employment and roles in Information Governance and inviting the ICO for a Q&A panel or session.
You can view the presentations from the launch event here: