Boost your GDPR knowledge and address the GDPR challenges at the DPO workshop



Our deep-dive DPO workshop to improve, refine and sharpen your hands-on GDPR capabilities on the facts you need to address the continued GDPR challenges. You can participate in the 12th annual Nordic GRC and IT Security Summit or register for the GDPR Bootcamp separately.

This DPO workshop will provide the techniques for implementing or updating the compliance program to fit your organisation. The primary agenda components of the DPO workshop are:
  • IT Security and Data Breach
  • How can we prevent abuse or misuse of personal data?
  • How do we address violations?
  • What are the remedies that we use to correct the faults and errors?
  • Privacy by Design: Understanding the Mandates and The Practical Dimensions
  • What are the legal basis of IT and cybersecurity compliance in the organisation?
  • How to ensure consistent consent from data subjects to secondary processing
  • The review of the audit process for implementing change in processing personal data?
  • Data Privacy Impact Assessments: The Full Picture
  • How should regularly reviews of the data and process (regular data flow mapping, audits, risk assessments and reviews) to ensure the legal basis has not changed
  • How is the personal information is collected and used?
  • Do we use data precisely for the purpose it was collected?
  • Top Operational Responses to GDPR: What To Do and When
  • We walk through a couple of step-by-step experiences.

The realities of GDPR data breach notification and responses require exceptional in-house communication (with information on what to do before, during, and after an incident occurs) to prepare the organisation for a violation, handle tricky multi-jurisdictional legal notices will also be discussed.

Therefore, if you are uncertain that your team is ready for the most significant European data protection reform in 20 years, this workshop will help you prepare. The two experts together with an IT Security manager offer a practical, hands-on view of the essential assessment of the GDPR with knowledge about key concepts, scope of application, individual rights, core principles, compliance in practice, accountability, data protection impact assessments and more.

Key takeaways:
  • The immediate actions to take when presented with a potential data breach
  • How to handle cyber security and lower the risks and exposure to IT and data breaches
  • Regulatory Developments; Info security, Trans-Border Data Flow
  • Learn practical techniques for implementation of a privacy program fitting your organisation
  • Learn from two industry veterans who will help highlight the differences between the new regulation and earlier directives

DPO workshop moderators; Thor Thorsen Ahrends, Compliance Officer & DPO, at the Central Bank of Denmark (Nationalbanken) and Kersi Porbunderwalla CEO, The EUGDPR Institute.

DPO Program - 9TH May 2019

09:00-09:10 Welcome & Introduction to The DPO-Day Session.
Opening Remarks from The Chairman & Co-Chair
09:10-09:45 GDPR Third-Party and Vendor Risk Management
  • The Most Common Security & Privacy Challenges
  • How to Address Outsourcing Operations That Alleviate Business Challenges?
Henning Mortensen, CISO / CPO, Brdr. A&O Johansen A/S
09:45-10:30 How to Streamline Post-Implementation GDPR Processes and Procedures
  • Put in Place to Third-Party Vendor Risk Management, Audit and Incident Management
Ole Brams, VP Danske Bank
10:30-10:45 Coffee Break
10:45-11:30 Addressing a myriad of GDPR risks and question
  • How do you calculate risk? What constitutes low, medium or high risk?
  • How do you define a risk criteria?
  • What’s the difference between inherent, current and residual risk?
Kim Aarenstrup, Executive Advisor NCC Group, Ex. Head of National Cybercrime Center
11:30-12:15 A privacy-focused workforce - an essential element of a GDPR privacy program
  • Why did organisations fail with sub-standard implementation?
  • The foundations to be able to successfully address the GDPR topics
Tim Clements, CIPP-E, CIPM, CIPT, FIP
12:15-13:00 Data Processing Agreements
  • Prerequisites for determining appropriate technical and organisational measures
  • Method for determining appropriate technical and organisational measures
  • Guidelines for supervision of data processor and sub-processor based on ISO 27000
David Ulrik Kristiansen, DPO, Statsforvaltningen (The State Administration)
13:00-13:30 Lunch
13:30-13:40 Introduction to The Afternoon Session on GDPR Execution Issues
  • Remarks from The Conference Chairman and Co-Chai
13:40-14:30 Practical Examples from A GDPR Implementation Project
  • How to Control Stakeholders and Steer the Execution Project?
Thor Ahrends, Danmarks Nationalbank, Legal Compliance Officer & DPO
14:30-15:15 Coffee Break
15:15-15:40 The Unintended Consequences GDPR Mandates
  • Issues for The Sales and Marketing Team, Reporting Breaches and Data Subject Access
Gunver Heimdal-Kej, Databeskyttelsesrådgiver (DPO) hos Danmarks Radio
15:40-16:30 The Importance of Conducting Risk Assessments Under GDPR As A Global Privacy Law
  • A scenario-based approach to risk assessment with examples on how to tailor your approach based on risk level
Hernan Huwyler, CPA, MBA, Head of Center Of Excellence ISS A/S