Data protection toolkit for London Tech Week 2022

As part of London Tech Week 2022, and as sponsors of Tech London Advocates since their initial founding, we are opening up access to our recent digital business webinar programme focusing on best practice in data protection.

This toolkit contains a wealth of resources covering areas such as:

• International data sharing
• Data sharing contracts and best practice
• Cyber Security
• Dealing with data breach claims

We hope you find this toolkit useful. If you have any feedback or require any further assistance please contact rich.morley@penningtonslaw.com

International Data Transfers: the new rules and what you need to do to comply

Transfers of personal data from the UK and EU to other countries are regulated under the GDPR/UK GDPR. There are now a number of new compliance steps for organisations to consider, implement and anticipate. These include:

• new EU standard contractual clauses (and requirements to update any current contracts that use the 'old' standard contractual clauses)
• anticipated new UK international data transfer agreement (to replace the 'old' EU standard contractual clauses, post-Brexit)
• transfer impact assessments in respect of data transfers to certain countries.

Data sharing contracts and best practice

Organisations are increasingly sharing personal data with each other and the UK Information Commissioner’s Office states that data is one of “modern society’s greatest assets”. In order to share personal data, organisations must be aware of compliance steps to take, both under the GDPR/UK GDPR and the ICO’s recently published updated guidance on this topic.

During this session we will:

• look at the fundamental requirements and considerations when sharing data in the UK and the EEA
• review key messages from the ICO
• take you through a couple of data sharing scenarios and discuss the contractual issues and concerns that often arise, including those around anonymisation and pseudonymisation
• give you ideas as to how to best approach and resolve these in the context of commercial needs.

Cybersecurity – responding to the increasing threat of cyber attacks

Cybersecurity is an increasing concern for all organisations, as the volume and sophistication of cyber-attacks continues to rise. The UK government’s Cyber Security Breaches Survey 2021 concluded that 39% of businesses had suffered a cybersecurity breach in the past 12 months.

Reports suggest the risk level is higher than ever due to widespread homeworking in response to COVID-19 leading to vulnerabilities.  The consequences of suffering a cyber-attack can be catastrophic and are likely to include legal liability, contractual breach, reputational and financial damage as well as regulatory consequences.

During this session, our team of experts will provide some practical insights into dealing with this increasing threat, focusing on:

• prevention – data protection and privacy by design, employment contracts & internal policies, supply chain audits, insurance, prevention plans and training
• action – immediate crisis response, strategic planning, ransomware demands, interaction with Regulators, reputation management and business continuity
• remediation – litigation strategy, investigations, review and improvement plans.

Data Breach Claims

Data breaches continue to increase across the UK, with two in five business reporting having experienced breaches or cyber security attacks in 2021. The cost of data breaches is also seeing double digit growth year on year alongside increases in the price of cover for cyber insurance – which grew by 92% in the UK in 2021.
 
Businesses need to focus on their approach to preventing these incidents with robust policies and processes - but do you know how your organisation should deal with a data breach claim?
 
Join experts from our commercial disputes resolution team who will provide an overview of the legal landscape in England and Wales on data breach claims, as well as practical insights to help you consider how best to deal with this increasing area of risk.

Key topics include:

• The current legal landscape - a look at important judgments and their impact on the data breach claims landscape

• The future of class action litigation in data breach claims - have we seen the end of the mass claims threat?

• Developing your strategy - dealing with data breach claims and the most common pitfalls

Global Data Protection Guide

Given the growing international patchwork of data protection laws, and the need to adopt a holistic approach to compliance, you might find the Multilaw Global Data Protection Guide a useful resource to refer to. Edited by our firm, this handy guide covers 39 jurisdictions (including specific guidance on laws in several US states).

https://www.multilaw.com/Multilaw/Data_Protection_Laws_Guide/Data_Protection_Laws_Guide.aspx