Our events programme launched in June 2019 after we held a public consultation inviting feedback on its scope, format, and content in April 2019.

Our events programme should be considered in the context of section 61 of The Data Protection (Bailiwick of Guernsey) Law, 2017 which outlines our duty to raise public awareness of citizens’ rights and to promote awareness of controllers/processors’ legal duties.

It is a key aspect of our Communications Strategy, and we intend to use our events to effect positive cultural change by:

• being accessible to local organisations and citizens of all ages
• improving compliance by building awareness of topical issues in data protection
• encouraging innovation and excellence in data protection practices
• exploring official guidance with the regulated community
gathering feedback from local industry and individuals

Effecting positive cultural change
We will shortly be publishing details of an ambitious initiative (called Project Blue Tit) which will explore working with people to create cultural change – people who attend our events can choose to be a part of this or not. We will release more details about this project as part of each event below.

Season 1 (2019 events)
The programme below constitutes what we’re calling ‘Season 1’ of our events programme: we will refine our approach based on feedback received from attendees and will start ‘Season 2’ in 2020. If an event you wish to attend is sold out, please join its waiting list and/or sign up to our monthly newsletter to receive details of future events.


  • THE SEVEN DATA PROTECTION PRINCIPLES – 10 July 2019 (12:00-13:00)
    AIM: we want people to come away from this session with a firm grasp of the seven data protection principles as detailed in section 6 of our local data protection law.
    CONTENT: we will outline the principles, what they mean for organisations and their compliance, examples of how the principles can be applied will be presented.


  • DATA PROTECTION IN THE WORKPLACE – 4 September 2019 (12:00-13:00)
    AIM: we want people to come away from this session with a sense of how data protection works in practice. This is aimed at staff with little or no specialist data protection knowledge.
    CONTENT: we will explore the ‘coalface’ of data protection, what you need to do from a practical perspective to achieve and demonstrate compliance. We will do this via a worked case study of a hypothetical organisation. We will also touch on breach reporting.
    SOLD OUT: join waiting list 


    AIM: we want people to come away from this session with a sense of what data ethics is and how an ethical approach to personal data usage can effect cultural change in your organisations.
    CONTENT: explore how personal data can be collected and used in a way that does no harm, respects autonomy, benefits others, and is fair. How can we make sure we do not sacrifice good human values in the ever accelerating technology race, making sure we do the ‘right’ thing with personal data?
    SOLD OUT: join waiting list


  • HOW TO RESPOND TO SUBJECT ACCESS REQUESTS – 2 October 2019 (12:00-13:00)  
    AIM: we want people to come away from this session with a greater understanding of how to respond to a ‘subject access request’, and whose responsibility it is to do so.
    CONTENT: we will outline the ‘right of access‘ that all citizens have (whereby they can ask you to provide a copy of all the personal data you have on them) and how your organisation can respond when you receive such a request. We will talk through whose role it is to respond to the request, what you should include in your response, and the practicalities of how you can gather the personal data. We will also outline some circumstances which would dictate whether the information you provide in your response should be redacted or not.
    SOLD OUT: join waiting list 


    AIM: we want people to come away from this session knowing what citizens’ rights are under our local data protection legislation, and how to care for your own personal data.
    CONTENT: outline the 10 citizens’ rights in The Data Protection (Bailiwick of Guernsey) Law, 2017, and how to exercise them. We will also give you guidance on how to care for your own and others’ personal data.
    SOLD OUT: join waiting list 


  • DATA BREACHES: HUMAN ERROR vs. TECHNOLOGY – 27 November 2019 (12:00-13:00)
    AIM: we want people to come away from this session with a greater awareness of the role that human error plays in data breaches and how our interaction with evolving technology can take us by surprise.
    CONTENT: we will outline the trends we are seeing as a regulator in terms of reported data breaches which can occur when people use technology. We will then open this out for discussion with the session’s attendees.
    SOLD OUT: join waiting list 


    AIM: we want people to come away from this session with a deeper understanding of how to apply data protection within a healthcare setting.
    CONTENT: we will give an outline of data protection practice in the context of the specific challenges that may be present in a healthcare setting.
    Due to high demand we have scheduled two identical sessions, please make sure you attend the session you are booked on to:
    12:00 – 13:00 session SOLD OUT: join waiting list
    14:00 – 15:00 session: book your free place 



Activity outside the scope of our events programme

  • Training
    The ODPA does not have a training remit and as such our events should not be considered to constitute a training programme.
  • CPD points
    Please note we will not be awarding points for continuous professional development. Attendees are free to contact their own professional bodies to find out whether our events programme could count towards their CPD.
  • Children
    The events above are aimed at adults. We are developing a separate programme aimed at school-age children, which will be delivered in schools.
  • Fortnightly drop-in sessions
    We started offering fortnightly drop-in sessions to representatives from organisations in March 2019. These are for general enquiries from controllers and processors only.
  • Study visits
    Since March 2019 organisations have been able to apply for a study visit if they have a specific, in-depth query that they would like to explore with us privately. Representatives from organisations can request a study visit by contacting us and we will then contact them with a small number of screening questions.