Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
The GDPR accountability principle and the use of scenario workshops in the digital age
Journal of Data Protection & Privacy,
2
(1),
34-40
(2018)
Abstract
The apparent lack of preparation for the General Data Protection Regulation (GDPR) in many organisations suggests a probable failure of governance. The questions that arise from this are: why is this the case?; and how to address the issue? The aim of this paper is to answer these questions by explaining the nature of the Digital Age and why this failure is likely to occur. Then based upon this understanding, to provide a well-established approach based upon scenario planning and workshops to enable demonstrable delivery of the GDPR’s Accountability Principle and the opportunity to embed data protection by design and by default into organisations.
Keywords: scenario planning; governance; competence; decision making; investments; strategy
The full article is available to subscribers to the journal.
Author's Biography
Richard Preece is Director DA Resilience Limited. In his various roles, he provides outsourced data protection officer services, has designed and delivers GCHQ Certified Training for GDPR Data Protection Awareness and Practitioner courses, via OSP Cyber Academy, and supports the Henley Business School GDPR Integration Programme. He also provides guest talks to one of the Henley masters courses covering leadership and use of data. He supports Oakas Ltd in addressing organisational cyber resilience with critical national infrastructure clients, including considering wider economic and societal impacts. He is a co-opted panel member of the British Standards Institute team drafting a new BS 31111 Cyber Risk and Resilience — Guidance for Boards and Executive Management, published on 16th March, 2018.
