From 25th May 2018, the use of individuals’ personal data will be governed primarily by the General Data Protection Regulation (GDPR). This workshop will explain what that means for not-for-profit organisations in the arts and cultural sector.
Our keynote speaker is Leo Sharrock, Director of Data Platforms at The Audience Agency. He is co-author of Arts Council England’s (ACE’s) Guidance material on data sharing which was originally produced in consultation with the Information Commissioner’s Office (ICO) in 2016, and he has now worked with the ICO to bring the guidelines up to date with GDPR. He will explain what GDPR guidance material appropriate for the arts and cultural sector is available or planned from the ICO and ACE and summarise what GDPR means for arts organisations. He will answer questions at the end of his talk and in a panel Q&A session during the afternoon.
Richard Antonel is responsible for data protection at the Guildhall School Music and Drama, where he is Head of IT. He is also a member of the Arts Panel of the IT livery company, regularly giving pro bono advice to IT4Arts member organisations. And he has a law degree! Mark Brett is an expert in information assurance and governance/risk/compliance. With over 25 years of experience as a senior manager in local and central government, he now works with local authorities in England and Wales to assist them with information governance, data protection and privacy issues. Richard and Mark will draw together their study of the 99 articles of the GDPR and the views presented in various public seminars to explain in simple terms the key aspects of the new law for arts and cultural organisations – what it says, and what to do about it.
Leo, Richard and Mark will be joined for a panel discussion and Q&A by Stefan Fafinski, this year’s Master of the IT livery company. His is a cyber consultant with Bright Line Law, has taught undergraduate and postgraduate technology law in a number of universities and is a member of the editorial board of the International Review of Law, Computers and Technology. His PhD thesis was on the regulation and governance of computer technologies.
As the final session of the day, Mark will put GDPR in the wider context of legal and regulatory compliance.
When: Thursday, 22nd February, starting 10.00am, ending at 4.30pm
Where: The Worshipful Company of Information Technologists Hall, 39a Bartholomew Close, London, EC1A 2JN
- Date 22/02/2018