Post GDPR – Key issues, misconceptions, social media and e-privacy, managing compliance

A one-day conference

Talbot Hotel, Stillorgan, Co. Dublin

Date: 6th March 2019

The General Data Protection Regulation (GDPR) has been described as the biggest data protection change in a generation, and has already altered how businesses handle data for the foreseeable future. With GDPR now in play, we examine how its implementation has panned out so far, what have been the main challenges for compliance and what can we expect in the near and short term future.

This event typically sells out quickly, so prompt booking is strongly advised to secure your place at the early bird rate Save €100.00 – Early Bird Rate is €395.00 + VAT (Normal rate €495.00 + VAT)

Please note the early bird discount can close sooner than expected once a certain amount of seats fill up, therefore your prompt booking is strongly advised to avoid disappointment

Book your place now!

This conference will also highlight and explore common misconceptions within the GDPR framework, we look at how GDPR applies in practice to social media, and we give real insights on the steps required to create a Retention Policy, as well as examining what’s involved in conducting Data Protection Impact Assessments. We will explore how to monitor and manage compliance within GDPR and the potential risks to your data compliance obligations. This is a must attend event for regulation compliance and future data regulatory requirements.

This conference will be of interest to all businesses in Ireland (large and small) such as, corporate consultants, retailers, banks, technology companies, healthcare organisations, marketing firms, legal firms, consultants, advisers, Data protection officers, local authorities, government departments, semi-state agencies and universities to name just a few.

Full Day Programme 8.50am to 4.30pm

Keynote speaker;

Review of the data environment post GDPR, issues and impacts arising from its implementation in May 2018, common issues, misconceptions and issues of potential confusion on GDPR compliance. 

E-Privacy Regulations

  • Examine the changes which it will introduce and how it will interact with GDPR

Speaker: TJ McIntyre, Lecturer, UCD, Chair, Civil Liberties Group, Digital Rights Ireland and consultant, FP Logue Solicitors

Personal Data – Misconceptions explored

  • What is personal data – dispelling common misconceptions about what is and isn’t personal data
  • Joint controllership
  • Use of biometrics
  • Use of information about criminal offences
  • Controller-processor agreements

Speaker: Fred Logue, FP Logue Solicitors

GDPR on Social media including Facebook, Twitter, WhatsApp, LinkedIn

  • Case study – medical messaging
  • Workshop & Case Study – How to, in terms of DPIA (Data Protection Impact Assessment)
  • Employee misconduct / breach of GDPR – implications 

Speaker: Peter Davey, Castlebridge

Transparency principle and what it means

  • Staff training and awareness options
  • Data transfers (International and 3rd party)
  • Data Processor Agreements
  • Role of the supervisory authority

Speaker: Bernard Gaughan, Concern

How to create a Retention Policy – Steps to take

Speaker: Elaine Comyn, Data Privacy Consultant, Castlebridge

Data Breaches & Reporting

  • The assessments of breaches and where they meet the reporting threshold or the threshold of requiring notification to the data subject.
  • Data breach from a practical perspective – putting in place a data breach plan, updates on changes to data breach practises, Data breach response plan – the A to Z

Speaker: Liam McKenna, Mazars

Monitoring & Managing compliance with GDPR

  • What to monitor and how often?
  • Case Study: How one organisation is tackling this issue
  • Automated ways to manage GDPR
  • The need for organisations to have a systemic approach to checking “how secure are we?”
  • What areas of vulnerability organisations should be looking at and – what checks should be carried out, how frequent and by whom should it be done?

Speaker: Gerard Joyce, CalQrisk

Vendor Management – the risks to your business

  • Case Study: High Profile Breaches
  • The relationships… organisations (controllers and processors) and their outsourced data processors
  • The responsibilities
  • Avoiding external data breaches
  • The importance of robust processing agreements
  • Doing Due Diligence
  • Control Monitoring

Speaker: Paul O’Brien, CalQrisk  

DPC Sanctions and Civil Actions: Emerging Trends 

Interaction between GDPR and the freedom of information regime 

Claire Hogan, Barrister-at-law, The Law Library

There will be 5 CPD points awarded to all attendees at this conference from the CPD certification service

Dr TJ McIntyre

Dr TJ McIntyre

Lecturer, UCD, Chair, Civil Liberties Group, Digital Rights Ireland and consultant, FP Logue Solicitors

Dr TJ McIntyre is a Lecturer in Law in the Sutherland School of Law, University College Dublin, the chair of civil liberties group Digital Rights Ireland and a consultant solicitor with FP Logue Solicitors where he specialises in privacy and data protection issues.

Read more

His research looks at information technology law, crime, and civil liberties, with a particular focus on fundamental rights in the online environment. He is a leading commentator on technology law in the national and international media.

Fred Logue

Fred Logue

Principal, FP Logue Solicitors

Fred is the principal of FP Logue Solicitors specialising in technology, intellectual property, information law and commercial law.

Read more

Unusually for an Irish lawyer Fred has a science background and worked as an engineer before becoming a solicitor. Fred has extensive experience and expertise in licensing and exploitation of software and technology. He specialises in advising clients on strategy, contracts, transactions and disputes in business sectors where technology plays a key role, as well as online and digital markets. His clients include software companies, media organisations, NGOs and public authorities. Fred is also a leading information lawyer, advising on FOI, access to environmental information, data protection and privacy. Fred has acted in major information law cases before public authorities, administrative decision makers, Irish Courts, European institutions, and the United Nations.

Peter Davey

Peter Davey


Peter is a senior management consultant and IT programme manager with experience in data analytics, strategy consulting, compliance and change management.

Read more

He began his career as a researcher at Musgrave Park Hospital in Belfast working on the historical effects of myelograms in the treatment of scoliosis.
Prior to joining Castlebridge, Peter worked extensively in senior management positions in global consulting firms in London and Singapore and as an advisor to leading RegTech software start-ups. He holds an MBA from City University, London, and has taught strategy and project management MSc programmes as a visiting professor at National University of Singapore and the University of London.

He is a previous graduate and current examiner on the Law Society of Ireland’s Certificate in Data Protection Law and Practice and Chief Operations Officer at Castlebridge where he leads teams of consultants advising both national and multinational enterprises and government on the formation and implementation of Information Governance and Data Strategy.

Elaine ComynElaine Comyn

Data Privacy Consultant

Elaine Comyn began her career in the RTE press office as a publicist for two Eurovision Song Contests, as well as the Gay Byrne and Pat Kenny radio shows, among others.

Read more

She has worked in Marketing for several global brands for over 17 years, specialising in Go to Market strategy and operations, cross-functional leadership, process decisioning and people management. At 3 Ireland, Elaine led the Marketing Operations team within the Customer Value Management department. She was responsible – on a daily basis – for ensuring all customers’ marketing permissions & preferences were compliant with data protection law. She was also a key decision maker within their Direct Marketing Incident team working closely with Data Protection, IT Security and Compliance teams.

Elaine is strategically and commercially driven and has an ability to drive positive and interactive stakeholder engagement. She combines this experience with a formal training qualification (QQI) and recently completed the Professional Diploma in Data Protection from the Institute of Banking/Association of Compliance Officers at UCD. Elaine also holds a degree in Business from TCD, and a Post Grad Diploma in Public Relations from DIT.

Paul O’BrienPaul O’Brien

Managing Director, CalQRisk

A co-founder of CalQRisk, Paul has extensive business experience managing multinational companies at operations, general management, and director levels.

Read more

A marine engineer, he has knowledge of the petrochemical, mechanical engineering and energy industry sectors. He has implemented operational excellence programmes at division level and is an expert in management by objectives. A trained ‘black belt’, he has acted as an assessor of the EFQM award and has led the implementation of a division wide Six Sigma programme. He has driven the integration of complex acquisitions on three continents. Paul is an instinctive risk assessor, with a specialty in alignment of business objectives with the risk context. Commenting on GDPR, Paul says that ‘taking a risk-based approach to achieving and maintaining GDPR is expected by the regulator – you can achieve compliance by managing the risks to the data subject and to your business’.

Liam McKenna

Liam McKenna

Partner, Mazars

Liam is a Partner in the Mazars Consulting Services practice.

Read more

He focuses on delivering regulatory driven change. Liam has 20 years of industry experience. He commenced his career working in Information Security and subsequently moved into Data Protection. He has managed the delivery of significant compliance driven projects with budgets in excess of €50m. Liam has assisted numerous organisations across the public, private and semi-state sectors with data protection issues. This includes meeting their compliance obligations, responding to breaches, developing and implementing remediation plans post breaches and responding to ODPC reviews.   More recently Liam has led Data Protection Impact Assessments within Banking, Public Sector, Health and Biometrics. As a leader in Mazars 200-person European Privacy Practice, he led the development of our GDPR compliance approach and methodology and has been applying this approach to clients since late 2016. He is currently adapting the Mazars European outsourced Data Protection Officer service for the Irish Market.

Gerard Joyce

Gerard Joyce

Director of Risk Management, CalQRisk

Gerard is co-founder of CalQRisk with over 30 years experience in the ICT sector in various roles; engineering, technical sales, customer operations, IT management and risk management.

Read more

He is a member of the Institute of Risk Management, London (IRM), chairman of the NSAI Risk Management Consultative Committee and a member of the ISO International Risk Management Technical Committee (TC262) that is responsible for the development of risk management standards and guidance material. Gerard has worked with organisations in financial services, credit unions, education, aviation, technology and public service, providing advice and guidance on governance, compliance and risk management.

Talbot Hotel (Formerly Stillorgan Park Hotel)

SAVE €100.00 BY BOOKING THE EARLY BIRD RATE OF €395 + VAT per Person – Normal Rate @ €495 + VAT.

Please note the early bird discount can close sooner than expected once a certain amount of seats fill up, therefore your prompt booking is strongly advised to avoid disappointment

CMG Events Conference Discount

  • 10% discount for the third delegate booked or subsequent bookings thereafter from the same company.

The rate to attend includes morning tea/coffee and refreshments on arrival at registration, mid-morning tea/coffee and pastries and buffet lunch. You will receive the speakers PowerPoint presentations within 24 hours after the event. 

Tel: 01 293 4764


   Telephone:+353 1 2933650

Early Bird Booking rate: €395.00 + VAT Normal Rate: €495 + VAT

Company Name (required)

Number of Delegates Attending (required)

Delegate's Name(s) (required)

Delegate's Position(s) Within Company (required)

Delegate's Email(s) (required)

Booker's Name (required)

Booker's Email:

Booker's Telephone (required)

Payment Options (required)

We recommend you pay by credit card to ensure you receive the best rate available

Invoicing Address

Accounts Phone Number (required)

Accounts Email (required)

NOTE: Please do not enter your credit card details. A member of our staff will contact you promptly when you have submitted the form.

Terms and Conditions:
Payment for attendance is due within seven days from the date of invoice. This booking is transferable and a substitute attendee may attend on your behalf at no additional cost if you cannot attend. Cancellation of a booking must be received by CMG in writing by email or by post, no later than 14 days prior to the event or course date. Regrettably no cancelations or refunds can be made after this date. Cancellations will be charged an administration fee of 25% plus VAT.

CMG reserve the right to make any necessary changes to the advertised programme including a change of venue. The views expressed by the speakers/tutors are not necessarily those held by the organisers, nor is the organiser responsible for speakers/tutors opinions or statements. Please note CMG will distribute the delegate list to all speakers prior to the event/course to ensure their presentation is relevant to those attending. However, in keeping with current data protection and privacy legislation, the distributed delegate list will not contain telephone or email contact details. Please advise CMG Events if you would like to have your name removed from this list.

We do not sell your data to a third party - we may use your contact details for the purposes of notifying you of other conferences or training courses that we run. If you do not wish for us to contact you again, please let us know by emailing

To view our Privacy Policy please Click Here

I have read the terms and conditions