4th Annual

Compliance  -  GDPR  -  Process - Strategy

 Thursday 10th December 2020
08:00am - 16:30pm BST
Virtual Event
The must-attend online event for the Data Protection and Technology community with live keynote talks, breakouts and interactive exhibition hall - all hosted live on a virtual platform. Free to attend for end users in leadership roles in technology  - join us from anywhere in the world.

The Virtual Summit

The conference will contextualise the changing regulatory landscape, considering the business impact of the GDPR and DPA (2018) and how it is changing policy and process in practice. 

When GDPR came into force in May 2018 it significantly raised the bar of obligation and accountability, ensuring that all organisations who handle personal data adhere to strict regulations around privacy, security and consent. 2 years on from implementation, the conference will consider how data protection procedure has moved on, with insight from frontline practitioners reflecting on how practices within their organisation have changed.
The event will also provide an update from the regulator; exploring regulatory action policy, decision making for fines and penalties, and clarifying some of the most prominent areas of misconception and non-compliance.

Core conference topics for the online event include:

•    Key legal issues and obligations
•    Data security and encryption
•    Privacy Impact Assessments
•    Databases, data mapping and classification
•    Privacy by design
•    Practical strategy implementation 


2019 Speakers

Privacy Consultant, OneTrust
COO and Co-Founder -Talking Medicines
Head of Regions - ICO
EEA Data Protection Manager - Facebook
GDPR Practitioner, iCaaS
Marketing Director, iomart
Chief Data Protection & Chief Privacy Officer - Mars
Head of Technology Policy, ICO
Partner, Addleshaw Goddard
Sr Proposition and Data Protection Manager - Standard Life Assurance, part of the Phoenix Group
Journalist & Broadcaster - BBC Scotland
Founder, DIGIT
Show More










DIGIT has rapidly grown into the largest independent business technology community in Scotland. We run an extensive series of virtual conferences and online events focused on core areas of emerging Technology, Digital and IT. We also run Scotland's leading IT & Digital News Platform www.digit.fyi with over 100,000 page views per month.

The virtual events provide a unique platform for knowledge exchange, drawing stakeholders together to explore best practice, technological innovation and business outcomes. Our conferences attract a senior delegate following and have become renowned as an important forum for high-level networking.

​We are delighted to announce that DIGIT will be running our conference programme in a virtual environment. Not only will you be able to enjoy our full events line-up, but you’ll be able to log-in remotely and join us from anywhere in the world.

2019 Sponsors

OneTrust New.png

2019 Exhibitors

Act Now.png

For enquiries about sponsorship and exhibitor opportunities, contact Ray Bugg on ray@digit.fyi


2019 Agenda 


GDPR and DPA 2018 were designed to raise the bar of obligation and accountability, ensuring that organisations who handle personal data adhere to strict regulations around privacy, security and consent. 18 months on from implementation, the opening session will contextualise how the Data Protection landscape has changed and reflect on progress, perception and persisting challenges.


08:30 Arrival, Refreshments and Badge Collection


09:20 Introduction from the Conference Chair

Mark Stephen, Journalist & Broadcaster, BBC Scotland


09:30 Data Protection in the GDPR Era

  • The ICO’s experience since GDPR was fully implemented

  • Lessons to be learned and myths to be busted

  • Taking regulatory action

  • Helping the data controller

Ken Macdonald, Head of ICO Regions, ICO


10:00 Practitioner Observations on the Evolving Data Protection Landscape

  • The evolving privacy and data protection  landscape, trends and observations

  • How have trust, privacy and customer expectation shifted

  • What are the main data issues and compliance challenges facing practitioners 

Evie Kyriakides, Chief Data Protection & Privacy Officer, Mars


10:20 ISO27001 & the GDPR: Identifying Overlap and Streamlining Efforts

  • Map the most common security operations standard, ISO 27001 to the world’s most influential piece of privacy legislation, the GDPR 

  • Identify how much work toward GDPR compliance that security teams have likely already done 

  • Develop a framework to reduce the risk of a damaging incident while increasing productivity and customer trust

  • Learn about the stakeholders, teams, tools and processes that should come together for a comprehensive privacy and security strategy

Charlie Grey, Privacy Consultant, OneTrust


10:40 Question & Answer Panel

11:05 Refreshments, Exhibition & Networking



This session will explore three key topics in a smaller and more interactive breakout setting. The three breakout sessions will be run in parallel and then repeated, providing delegates the opportunity to attend two of the options on offer.

11:40   Breakout 1

12:10   Transition

12:15   Breakout 2

A: The consumerisation of privacy – legal impact

GDPR and similar regulation across the globe, coupled with the explosion of big data and high profile privacy cases, has led to a previously unparalleled level of privacy awareness. Data is undoubtedly now a consumer commodity, and in some cases privacy has become a weapon.  In this session we look at the legal aspects of this new privacy landscape, and how organisations can handle the risks, focusing on:


•             Breaches and class actions

•             New developments in data subject rights

•             Trends in transparency

•             Cookies and marketing

Helena Brown, Partner, Addleshaw Goddard

B: Solving Mass Data Fragmentation

Data is an enterprise’s most valuable digital resource.    It should be a competitive asset, but with the introduction of GDPR, data  has become a costly and risky IT management headache.     Secondary data has become so fragmented across infrastructure silos and locations that it is too complex for IT to protect or locate – let alone leverage.     Learn how to identify mass data fragmentation in your organisation and establish best practices across your organisation for safely and cost-effectively defeating it.

Alan Gardiner, Marketing Director, iomart

C: Delivering effective GDPR training

•             Why aren’t businesses delivering effective training?

•             Making it relevant, a priority and ongoing.

•             Getting the message across.

•             Long-term consequences of insufficient training.

Megan Kane, GDPR Practitioner, iCaaS

12:45 Lunch, Exhibition & Networking


This session will split into streams to provide a closer insight of specific aspects of data protection from frontline data protection practitioners. The three streams will cover: data protection myths, privacy by design, and organisational engagement. Delegates will select one stream to attend.


13:35 Stream 1: Debunking Data Protection and Data Sharing Myths

  • Exploring common myths and misconceptions

  • Data protection says no

  • Clarity on data sharing

  • Raising awareness and changing perceptions

Alice Wilson, DPO, HEFESTIS & Lisa Powell, DPO, HEFESTIS

13:35 Steam 2: Engagement and Alignment 

  • The evergreen nature of data

  • Recognising what different roles & functions need to get out of data

  • Organisational buy-in: we all need to buy into it together and be on the same page

  • Are we still engaged post GDPR?

  • Activity must align with addressing risks

  • Balancing priorities


Paul Sherrard, Sr Proposition and DP Manager, Standard Life Assurance: part of the Phoenix Group

13:35 Stream 3: Privacy by Design

  • What does privacy by design look like in practice

  • How can you create a product that contains adequate built in safeguards

  • What does the roadmap look like, what are the key principles

  • What are the primary challenges

  • How can data protection work hand in hand with innovation

  • Internal collaboration, conflict resolution and troubleshooting

Elizabeth Fairley, COO, Talking Medicines 

14:10 Transition to Session 4



The recent explosion of data has driven huge strides forward in automation, personalisation, Machine Learning and Artificial Intelligence, accompanied by a raft of new products and services. But this explosion of data and new technologies has also created a wave of new challenges across privacy, security and DP. 


The final session will examine two prominent areas of discussion, data portability and AI regulation, and explore the balance between innovation and advancement with data protection, privacy and control. The conference will then conclude with a panel discussion considering some of the key DP challenges posed by emerging technologies.

14:15 Data Portability and the Rise of Data Intermediaries

  • The role of data portability as a vehicle of access, personal ownership and innovation

  • Features and benefits: diversity, control, choice

  • Data protection and privacy considerations

  • Progress and ongoing collaborations and open source tools

  • What it means to build portability in a privacy-protective way

  • Ensuring the internet remains a space characterized by growth and innovation

Calum Liddle, EEA Data Protection Manager, Facebook


14:35 Regulating the Use of AI

  • How do we as a regulator think about the use of AI and ML

  • What are the main challenges and liabilities facing organisations deploying AI

  • How can these be mitigated in practice

  • Exploring and understanding contentions in the law

  • Tangible advice and guidance 

  • Steps towards formalised guidance and operating frameworks

Ali Shah, Head of Technology Policy, ICO

14:55 Question & Answer Panel

  • Calum Liddle, EEA Data Protection Manager, Facebook

  • Ali Shah, Head of Technology Policy, ICO

  • Elizabeth Fairley, COO, Talking Medicines 

  • Alice Wilson, DPO, HEFESTIS & Lisa Powell, DPO, HEFESTIS

  • Paul Sherrard, Sr Proposition and DP Manager, Standard Life Assurance: part of the Phoenix Group

  • Mark Stephen, Journalist & Broadcaster, BBC Scotland

15:35 Closing Remarks

15:40 Networking Drinks Reception

16:30 Close of Conference


*The conference programme is provisional and subject to change and revision


Catchpell House

Carpet Lane



Tel: 0131 553 9381


  • Twitter - White Circle
  • LinkedIn - White Circle
  • Facebook - White Circle
  • Instagram - White Circle


© 2019 by DIGIT