• What will be included in the new Data (Use and Access) Bill?
• What areas of compliance is the ICO focused on in 2025?
• What guidance has the ICO issued during the last 12 months?
• What approach is the ICO taking to protecting the personal data of employees?
• What is the ICO’s most recent advice about the use of cookies on websites?
• What are ‘dark patterns’ and how are joint regulators tackling the issue?
• What is the ICO’s approach to artificial intelligence (AI) and data protection?
• What are the new rules on international data transfers?
• When and how should data transfer risk assessments be performed? 
• How are the courts in the UK approaching compensation claims in relation to breaches under GDPR?
• What trends are we seeing in UK and EU enforcement actions?
• What action has the ICO taken regarding the use of AI by Snapchat?
• What lessons can you take from recent ICO enforcement actions and reprimands?
• How has the ICO changed the methodology it uses to calculate the appropriate level of fines it imposes?

This course will benefit the following people…

• Those performing the role of a DPO or Data Protection lead/co-ordinator
• People who already have an understanding of GDPR and need to be updated on the new guidance and legal context
• Anyone with responsibility for compliance or information and privacy matters
• Anyone with a responsibility for managing data or advising on data protection issues

• A course pack containing the information presented on the day
• A certificate of attendance

• Keith Dewey

  Keith is a well-established information security and data protection practitioner, with extensive experience in training, public speaking and consulting.

  He has held CISO and DPO roles at large UK companies, and worked across a range of industries including financial services, utilities and real estate. Keith is also a Certified EU GDPR Practitioner, has a Certificate in Information Security Management Principles (CISMP) and passed the Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC) exams.

  View testimonials

• Gary Shipsey

  Gary has over 20 years’ experience turning data protection law into practical solutions. After starting his career in local government and then the Audit Commission, in 2013 Gary started his own business.

  He has since worked with over 350 organisations across a number of sectors, including charities, education, health, public and private business of all sizes. This work ranged from training boardrooms through to frontline staff; detailed audits; policy reviews; Data Protection Impact Assessments and personal data breach management.  Gary has acted as external Data Protection Officer for a number of UK organisations, from nationwide charities to SMEs.

  Gary hold BCS Practitioner Certifications in Freedom of Information, Data Protection and Information Risk Management.