Friday 07 May 2021 @ 15:20
Information Commissioner's Office
Printable version

Five things we learned from DPPC 2021

The ICO’s Data Protection Practitioners’ Conference 2021 was held this week, bringing together more than 3,000 data protection professionals from across the country. Here are five headlines from the day.

UK SCCs to go out for consultation in the summer

The ICO is working on bespoke UK standard contractual clauses (SCCs) for international data transfers. Speaking at the ‘Ask the ICO’ Q&A session, ICO Deputy Commissioner Steve Wood said: “I think we recognise that standard contractual clauses are one of the most heavily used transfer tools in the UK GDPR. We’ve always sought to help organisations use them effectively with our guidance. The ICO is working on bespoke UK standard clauses for international transfers, and we intend to go out for consultation on those in the summer. We’re also considering the value to the UK for us to recognise transfer tools from other countries, so standard data transfer agreements, so that would include the EU’s standard contractual clauses as well.”   

A challenging year has brought positives

Emily Keaney, ICO Director of Domestic Regulatory Strategy, described the past year as “business as usual, but on steroids” and this was a feeling echoed across the day. But amid the challenges, several speakers emphasised the positives.

Charlene McQuillan, Data Practitioner Officer at the Department of Health NI, spoke about the strengthening of relationships between data protection officers (DPO) and senior management that she had experienced. And Dawn Monaghan, Head of Information Governance Policy at NHSX, talked about how the COVID-19 response showed the power of data in supporting the work of frontline staff and bringing benefits to individuals.

Elizabeth Denham, UK Information Commissioner, summed it up: “As a community we’ve proven our resilience. And we’ve shown that a pragmatism, coupled with a principles based law, can adapt to the circumstances of the day. In the face of high stakes and high pressure, we have all raised our game.”

Data protection can be a balancing act

The ‘Data Ethics’ seminar was one of the most well attended seminars of the afternoon – unsurprising when set against the results of our public consultation last December that showed two thirds of organisations that had appointed a DPO had adopted data ethics frameworks.

Ellis Parry, ICO Data Ethics Adviser, explained how data ethics works as part of a consideration of the law, and spoke about the role ethics can have in balancing the interests of society, including individuals, minority groups and data controllers.

The popular ‘Accountability in Practice’ seminar gave practical advice on achieving that balance, with Elizabeth Archer, ICO Principal Policy Adviser, speaking about the importance of “creating and embedding a positive data protection culture.” She explained how the ICO’s accountability framework can help organisations think about the risks around data processing, and how to mitigate them.

Data protection made easy for SMEs

It's vital to their success that all small organisations – including small- to medium-sized enterprises (SMEs), small businesses, and sole traders – make maximum use of the data they hold in a responsible way. Paul Arnold, ICO Deputy CEO and Chief Operating Officer, said: “Our SME hub was introduced in 2019, born out of our commitment to help smaller organisations to get access to tailored, specific advice to help them navigate what can be a complex legislative framework and to help them maximise the use of the data they hold.”

That was reflected in two popular ‘Data protection for beginners’ seminars that covered the data protection basics for those starting out or looking to brush up on their knowledge and skills. Both seminars were led by four case officers whose day-to-day roles focus on supporting and advising SMEs on the ICO’s small business helpline. Daniel Morgan, ICO Case Officer, said: “Good data protection practices make good business sense and can enable your business to grow and thrive.”

There are lots of top tips and simple guides on our SME web hub, which have been tailored to the needs of all small organisations looking to strengthen their practices.

Unlocking the benefits of data sharing

Looking ahead beyond the immediate crisis, data sharing will be central to what comes next, as Phil Earl, Deputy Director at Department for Digital, Culture, Media and Sport, made clear about the National Data Strategy. He said: “We want the strategy to be setting a really high level of ambition for what we want to do – to position the UK as a global champion of data, driving the international flow of data across borders, but doing so in a way which continues to protect data to a high standard.”

Building on the benefits of data sharing, we ran three seminars that covered the ICO’s data sharing code, giving practical tips and case studies, and busting some data sharing myths. Viv Adams, ICO Principal Policy Adviser, said: “Data protection law enables data sharing, providing a positive framework to share data fairly and proportionately. These practical tools are there to help you decide when and how to share data.”

 

Channel website: https://ico.org.uk/

Original article link: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2021/05/five-things-we-learned-from-dppc-2021/

Share this article

Latest News from
Information Commissioner's Office

Housing association reprimanded for exposing personal information on online portal

19/04/2024 14:10:00

We have issued a reprimand to Clyde Valley Housing Association in Lanarkshire after personal information was accessible to other residents on an online customer portal. 

ICO publishes guidance to improve transparency in health and social care

16/04/2024 09:10:00

The Information Commissioner’s Office (ICO) is supporting health and social care organisations to ensure they are being transparent with people about how their personal information is being used.

Information Commissioner’s Office seeks views on accuracy of generative AI models

12/04/2024 12:25:00

The Information Commissioner’s Office (ICO) has launched the latest instalment in its consultation series examining how data protection law applies to the development and use of generative AI.

ICO joins global data protection and privacy enforcement programme

04/04/2024 15:20:00

The Information Commissioner’s Office (ICO) has signed onto a new international multilateral agreement with the Global Cooperation Arrangement for Privacy Enforcement (Global CAPE) to cooperate in cross-border data protection and privacy enforcement.

ICO sets out priorities to protect children's privacy online

04/04/2024 09:10:00

The Information Commissioner’s Office (ICO) is calling on social media and video-sharing platforms to improve their data protection practices so children are safer when using their services. 

ICO publishes new fining guidance

19/03/2024 09:10:00

The Information Commissioner’s Office has published new data protection fining guidance setting out how it decides to issue penalties and calculate fines.

ICO reprimands Dover Harbour Board and Kent Police over information sharing

18/03/2024 10:20:00

The Information Commissioner’s Office (ICO) has issued reprimands to Dover Harbour Board and Kent Police after they breached data protection law.

ICO reprimands London Mayor's Office for Policing and Crime for complaint web form error

15/03/2024 14:10:00

The London Mayor’s Office was yesterday reprimanded by the Information Commissioner’s Office (ICO) for a web glitch that potentially revealed the personal information of people who were complaining about the Metropolitan Police Service.

ICO fines Wigan-based Pinnacle Life £80,000 for “predatory” spam call campaign

07/03/2024 12:25:00

Wigan-based company Pinnacle Life has been fined £80,000 by the Information Commissioner’s Office (ICO) for a year-long unlawful spam phone call campaign.