Risk Management Across the EU: workshop to delve into the details

GDPR is an EU wide thing, and even if, one day, Brexit finally happens, the GDPR will still apply in the UK. But there are differences across the region. A forthcoming seminar, to be held on September 5th in central London will look deep into the issues.

In this GDPR era, organisations have new responsibilities on how they manage and process data. If they trade across regions where GDPR applies, they must be aware of how interpretations of the GDPR vary across the region. Broadly, the considerations are much the same, but the detail reveals devilish and sometimes subtly different interpretations. Managing the risk associated with this is essential. 

Take the Data Protection Impact Assessment, or DPIA, it is critical that organisations understand how, when and by whom they are carried out.

The workshop will explore the detail. It is being taken by GDPR guru Ardi Kolah. It’s not just Ardi’s expertise that comes in handy. And an Executive Fellow and Director of the GDPR Transition Programme at Henley Business School, Founder of GO DPO and Founder/Editor-in-Chief of the Journal of Data Protection and Privacy, as well as author of Speed Read of GDPR, his expertise is irrefutable. But Ardi is a superb presenter and teacher, too.

For organisations, getting this right is not just a matter of complying with regulation, avoiding potentially crippling fines. The public’s perception matters too, and in the era of social media, the risk of data protection related issues leading to loss of trust among customers is serious. Equally, modern communication tools can help create trust; building long and fruitful relationships with customers.

And if, or perhaps when, a breach occurs, managing it effectively is not just critical for obeying regulations, it is vital for earning and maintaining trust with customers and other data subjects.

Areas covered in the workshop include: 

  • Basic principles of a risk-based approach – the concept of likelihood, harm and vulnerabilities
  • Data types link to different categories of risk, plus location, access and transfer
  • What is a Data protection Impact Assessment and when should you undertake a DPIA?
  • How to carry out a DPIA and who should be responsible for this
  • What are ‘high risk’ processing activities under the GDPR and what is acceptable ‘residual risk’?
  • Consulting Supervisory Authorities
  • An overview of the German, Austrian and Belgian approaches
  • ‘Blacklists’ and ‘whitelists’ for determining when and when not to carry out a DPIA
  • Publishing the DPIA

For more information on the workshop, visit the website.


The inaugural Data Protection World Forum (DPWF) will be held on November 20th & 21st 2018 at the ExCeL London which will provide a broader focus across the data protection and privacy space amidst the progressive tightening of global data protection laws.

Ahead of the end of year event, DPWF has launched a series of intensive workshops.

Further information on the DPWF and workshop details are available at: https://www.dataprotectionworldforum.com/