Merrill Corporation proudly sponsored the 6th Annual Company Secretary Forum 2017 on Thursday, November 23, 2017, at QEII Centre in London. Dedicated to company secretaries and senior members of the secretariat team, this year’s plenary sessions included corporate governance, board diversity and composition, directors’ duties and stakeholder engagement, Market Abuse Regulation (MAR), corporate crime and director liability.
One of the most well attended and interactive sessions of the day was in relation to data collection, collation and General Data Protection Regulation (GDPR) implementation. Delegates were challenged to answer a series of questions relating to their own data protection policies and practices within their organisations. The 'articles' of the GDR were available for reference and each table of delegates had to decide:
whether a Data Protection Officer (DPO) was required in every organization
how to take a pragmatic and structured approach to efficiently gather data to identify the who, what, when, where and why of personal data (the 5W’s) and
whether Article 29’s guidelines with regards to the DPO are contradictory to Article 37 given that a DPO may be responsible for a wide number of territories.
Article 37(2) of the GDPR says that a group of undertakings may appoint a single DPO provided they are easily accessible. The Article 29 Working Party's guidelines on DPOs interprets "accessibility" as including that the DPO must speak the same language as the Data Subjects and Supervisory Authorities.
It quickly became apparent during the session that when it comes to the new regulation, there is a lot to consider and in some cases, there was quite a level of confusion amongst delegates about what is required. The Merrill team present at the event also fielded quite a few questions around GDPR and its potential impact. On the day of the event, attendees picked up resources from around the forum, including Merrill's GDPR white paper, which tackles the burdens in due diligence that organisations may face considering the new regulation.
Overall delegates said that they found the forum informative and provided a great opportunity for the exploration of governance and compliance issues and networking with peers. To find out how Merrill can help you with regulatory compliance click here and if it’s support with due diligence that you require, click here.