We are delighted to confirm that Global Head of Data Protection & Privacy, Erin Francis Nicholson will speak at PrivSec & GRC Connect London, next month.
Taking place on March 12 and 13 at Park Plaza, Riverbank, London, PrivSec & GRC Connect London provides a platform for organisations to address the cumulative nature of risk.
PrivSec & GRC Connect London’s comprehensive agenda is led by subject matter experts, business chiefs and industry leaders, giving attendees a deep-dive into challenges and solutions on the rapidly evolving GRC landscape.
Event speaker, Erin Francis Nicholson is DPO and Global Head of Privacy at Thoughtworks. She has 10+ years’ experience in data protection and compliance. In addition to consulting on data protection for a number of organisations, Erin has delivered influential data protection change programmes in local government and the civil service, as well as the tech, energy, and finance sectors. Erin will be at PrivSec & GRC Connect London to discuss opportunities and threats that businesses face when it comes to sharing data in the public sector.
Below, Erin answers questions on her professional journey and introduces the key issues of her PrivSec & GRC Connect London session.
Related Session:
Data Sharing in the Public Sector: The Pitfalls and Opportunities
- Tuesday, 12th March 2024 (Day 1), 11:40am – 12:20pm GMT
- Theatre: Privacy & Security (P&S)
Click here to register for free to PrivSec & GRC Connect London
Could you outline your career pathway so far?
After leaving university, I went straight into a job as an admin assistant in local council social care, and helped with their records management. From there I was poached by the data protection team. This was pre-GDPR, and I was working on things like Subject Access Requests, elements of policy and Freedom of Information Requests.
I had a taste of data protection and really enjoyed it, so from there I did an LLM in Information Law and Practice at Northumbria, and then went into a job at NHS Digital.
Following this, I set up my own consultancy, working with clients such as Scottish Power. I subsequently took up a consultancy role with Thoughtworks, where I’m currently employed. I had worked with Thoughtworks before, on a project in Stockport Council, and so when Thoughtworks needed a Data Protection Officer, they got in touch with me as I had the necessary experience, and that’s where I find myself today.
I’ve been in the industry for around 12 years now, and I’m currently undertaking an MBA specialising in Information Systems Strategy and Governance. When I complete this, I’m thinking of taking on a Computer Science degree just to round off my knowledge and skills base to add to my legal background.
What are the primary privacy, security and ethical challenges that organisations currently face when data sharing in the public sector?
There are three major problems with data sharing in the public sector; the technical issues of sharing data without creating huge onerous data repositories, with different levels of security requirements; public trust in the reasons why an organisation is sharing data; and costs involved in such a project. The impetus to share and the consequences of not sharing are also an important backdrop to these issues.
We now have more technologies at our disposal in order to share data without it leaving the trust boundary of an organisation, meaning that we can share only the data which is needed, reducing or eliminating the need of creating those data repositories, and the costs associated with them.
This also helps with public trust, as people know that their data won’t leave the organisation they have the relationship with unless it is necessary. This data sharing is already happening via phone calls and emails, and doing this instead via secure multi party computation or private set intersection speeds things up and reduces burden on individuals to make complex data sharing decisions.
What major impacts will emerging technologies have on data-sharing ecosystems?
I think things like secure multi party computation, private set intersection, edge computing, data mesh, and federated learning, will oil the cogs of data sharing, making it easier for organisations and less stressful for individuals working there.
It’s more cost effective and secure as there is now no need to create large expensive honey pots of data, which are a target for hackers, and are high effort to maintain. These projects, as we’ve seen time and time again, are also doomed to fail (and fail expensively and in a high-profile manner).
There is a moral impetus to sharing this data, and I think the public understands that, we cannot however, be cavalier with people’s privacy, and so utilising these emerging technologies will ensure that we increase utility of the data and also increase people’s privacy. It’s a win-win.
Don’t miss Erin Francis Nicholson exploring these issues in depth at PrivSec & GRC Connect London in the session:
Data Sharing in the Public Sector: The Pitfalls and Opportunities.
As the public sector continues its digital transformation, the critical issue of data sharing takes centre stage in this thought-provoking panel discussion. How can public sector organisations strike a balance between leveraging the immense opportunities that data sharing presents and mitigating the potential pitfalls associated with privacy, security and ethical concerns?
The conversation will not shy away from acknowledging the threats associated with data sharing, including potential breaches, misuse of information, and public trust concerns. Moreover, the discussion will explore the role of emerging technologies, such as blockchain and federated learning, in creating secure and transparent data-sharing ecosystems.
Panellists will engage in a comprehensive analysis of existing data governance frameworks and propose strategies to fortify data protection measures, ensuring that citizens’ rights and privacy are safeguarded in the process.
Also on the panel…
- Dan Rhodes, Senior Director, Legal and DPO, Granicus
- David Smith, DPO, The DPO Centre
Details
Data Sharing in the Public Sector: The Pitfalls and Opportunities
Theatre: Privacy & Security (P&S)
Time: 11:40am – 12:20pm GMT
Date: Tuesday 12 March 2024 (Day 1)
The session sits within a packed agenda of insight and guidance at PrivSec & GRC Connect London taking place March 12 and 13, 2024.
Discover more at PrivSec & GRC Connect London
GRC, Data Protection, Security and Privacy professionals face ongoing challenges to help mitigate risk, comply with regulations, and help achieve their business objectives - they must…
- Continually adopt new technologies to improve efficiency and effectiveness.
- Build a culture of compliance and risk awareness throughout the organisation.
- Communicate effectively with stakeholders and keep them informed of GRC activities.
PrivSec & GRC Connect London takes you to the heart of the key issues, bringing together the most influential GRC, Data Protection, Privacy and Security professionals, to present, debate, learn and exchange ideas.
Click here to register for free to PrivSec & GRC Connect London
No comments yet