Showing posts from May, 2016

ICO SME Conference

Recently I attended an ICO conference at the NEC in Birmingham - perhaps more out of curiosity than anything else, but also to see how the programme of education is working.

There are long standing issues for SME's in the compliance field - a smaller business probably won't have a legal department and will rely on people in other roles to advise them on data protection and information security.

Sometimes in the course of investigation into data traders some - perhaps unintentional - spammers ask me for guidance or advice on how to avoid some of the pitfalls of data protection law. This conference, however, was a chance to see what general level of awareness there is and where the guidance is focused.

On the whole I was impressed by the approach because I constantly have to struggle to get buy-in at exec level in mid-to-large organisations about why information assurance is so important. Something that is literally a common sensical approach to most is still essentially witchc…