3B: Ongoing GDPR compliance:  Privacy by design

11.45am – 12.30pm GMT, 19 March 2024 ‐ 45 mins

Session

Organisations that hold and process personal data gave a lot of thought to how they protect it, and how they respect peoples’ rights, when GDPR came into force in 2018. Six years later, many are asking whether they’re still doing everything necessary to ensure compliance. A particular area where understanding remains somewhat shrouded in mystery is ‘privacy by design’ both in terms of what it means in practice, as well as how risk managers can determine whether it’s true of systems used within their organisations. 
  
This session looks at how you can establish whether your organisation is still complying with the legal requirements of GDPR, taking the two areas where organisations struggle most, and proposes pragmatic solutions to them. We’ll then zoom in on privacy by design, demystifying some of the core principles of secure coding, and give risk managers a checklist of questions for development teams and software providers.