Back to browse activities

This activity has assisted other people in the following competencies: Technical legal practice

Full description

The General Data Protection Regulation (GDPR) will start to be enforced on 25 May 2018. From this date, attention will turn to handling enforcement and claims by individuals and ensuring that organisations stay compliant as their uses of personal data develop.

Full agenda is available here.

This conference will look in detail at the powers granted to the Information Commissioner by the UK Data Protection Bill and her Office’s policy on enforcement. It will also look in detail at how organisations can use the tools in the GDPR itself (records of processing, Data Protection Impact Assessments and Data Protection Officers) to ensure they remain compliant.  

Throughout the conference, we will examine how the provisions in GDPR are supplemented or varied by the UK's new domestic legislation, the Data Protection Bill, which is expected to receive royal assent in spring 2018. 

Why attend?

  • Prepare for GDPR ‘business as usual’
  • Learn how to deal with individuals exercising their rights
  • Get to grips with the enforcement regime
  • Benefit from case studies and worked examples to cement your understanding
  • Be ready for what comes next


Ruth Boardman

Ruth Boardman jointly heads Bird & Bird’s International Privacy and Data Protection Group. Her extensive experience includes advising a broad range of public and private sector organisations on information law matters, including representing them on their dealings with Data Protection Authorities and the EU’s Article 29 Working Party. Ruth co-wrote Data Protection Strategy (Sweet & Maxwell), has edited the Encyclopaedia of Data Protection (Sweet & Maxwell), is on the editorial board of journal Data Protection Law & Policy, is a contributor to leading online data compliance tool and has served on various boards of the International Association of Privacy Professionals.

Elizabeth Upton

Elizabeth Upton is a senior associate in Bird & Bird’s Commercial Practice based in London. She advises clients on a wide range of data protection issues, including general compliance strategies and specific issues such as data transfers and monitoring employees in the workplace, as well as the likely impact of the GDPR. She has been involved in data protection audits for a number of large UK companies and has previously done a secondment for a large telecommunications company.

Francis Aldhouse

Francis Aldhouse is a consultant to Bird & Bird, specialising in information law and policy. Until 2006, he was UK Deputy Information Commissioner, directing the registration, administration, complaints, publicity, investigations and strategic data protection policy functions for the Commissioner. In addition to being a solicitor he holds an LLM and an MSc in Management Studies.

Emma Drake

Emma Drake is experienced in drafting and advising on a wide variety of data protection issues, including the GDPR. She has drafted privacy policies, data processing agreements, privacy impact assessments and acceptable use policies. She has provided detailed advice on a variety of subjects, including security breaches, data subject rights, employee monitoring and whistleblowing schemes. Emma also has particular experience of co-ordinating and advising on international data transfer and compliance projects. Emma is an IAPP-certified information privacy professional.

Heledd Lloyd-Jones

Heledd Lloyd-Jones has particular expertise in the management of complex information requests, having acted for clients both in the courts and in the Information Tribunal in connection with disputed requests. She also provides non-contentious advice on general data protection compliance, data security breach management, international data transfers and contractual matters. She has a special interest in data protection challenges arising in the fields of healthcare provision, health regulation and life sciences.

James Fenelon

James Fenelon advises UK and international clients on a wide variety of subjects, including GDPR compliance projects, international data transfers, and the law relating to cookies and similar technologies including profiling and online behavioural advertising. James holds a Bachelor of Civil Law from University College Dublin and a Master of Laws from University of Cambridge (including specialism in information law). James is an IAPP-certified information privacy professional.

Back to browse activities

You might also be interested in these activities