Event | GDPR North East Summit

On Tuesday 28th November, the GDPR Summit was held in the Northeast to discuss the changes to data security that will come in place on May 25th, 2018. GDPR is set to replace the standards set by The Data Protection Act (1998).

Legal implications

Caroline Churchill and Sarah Daun from Womble Bond Dickinson were the first speakers of the morning. They highlighted the key provisions and legislation that came with the GDPR. One of the main topics that were covered was the new accountability principle. This means companies will need to provide evidence to show that they are compliant with GDPR.

A major concern on the legal side was that personal data breaches often go unmentioned. The most recent personal data breach came from Uber who failed to disclose the matter until nearly a year after the fact. With GDPR in place, it will be mandatory that businesses will need to notify people of data breaches within 72 hours.


Next up was Eric Applewood from KPMG speaking on finance and technologies. He presented us with a great analogy to describe modern business approaches to GDPR.

Avoid being an ostrich with your head in the sand. Everyone is affected by GDPR and this is why you should face it head-on or the consequences of your ignorance will catch up with you. To keep it PG, Eric referred to the next animal as a donkey. This refers to people who are completely aware of GDPR, but just decide to do nothing and only comply when something bad happens.

An armadillo is the next creature. You should aim to take its shape as a minimum requirement – protected by a hard exterior. Protecting yourself by complying with GDPR is the best, and quite frankly, the only way to deal with it. Taking the fines is no longer cost-effective because of the amount. The next two are the best animals to be: business can be like a cheetah/lion if they are strong and fast adapters, or you can be a clever fox, and show your compliant with GDPR with evidence to back it up.

IT & Systems

We then heard from Hazel Freeman from Pulsant about IT & Systems. Hazel pointed out data breaches as a major concern for companies. She explained that with the new 72-hour rule, best practice would be to tell the regulator and explain how you plan to rectify the situation. One of the best ways to combat a data breach is being Cyber Essentials certified. Hazel was quick to remind everyone that paper documents must also be GDPR compliant.

GDPR also addresses the right to erasure for individuals who want their data to be removed from a business’ systems – excluding information like criminal histories and bankruptcies, should that information still need to be held.


Tom Draper from Arthur J Gallagher was the final speaker of the morning and touched on the topic of insurances. There are steps you can put in place to make sure that company data and their client information has little to no chance of being breached. Ransomware attacks and invoice fraud are all too common in the digital workplace and it’s best to keep your cyber security up to date to protect yourself and your customers from them.

In the run-up to GDPR being implanted next year, you should be thinking about all the bases you need to cover in your company in the event of a data breach. Risk management is better and easier to handle than damage control. Far better to do your best to prevent things like computer viruses and ransomware attacks than leave yourself open to them due to a lack of security.

All in all, the morning was very informative and solidified the knowledge Atlas had about GDPR. You can find all of the slides from the summit here.

If your IT systems aren’t up-to-date or you don’t feel they are secure enough to handle the GDPR, call us on 0191 250 5222 to speak to one of our technical specialists.

We have attended several other events which you can check out here, including that for raising money for homeless children.

New Research

Our recent, nationwide research shows what can be learnt from working during lockdown. Download the report today.

Sign up to newsletter?*
Privacy Notice: We won’t sign you up to any marketing mailing lists (unless you ask us to*) but we may email you to make sure you have been able to access the content successfully. View our privacy policy.