General Data Protection Regulations (GDPR) – A practical Approach event


Location: The Inn at Dromoland (formerly the Clare Inn) Newmarket on Fergus Co. Clare

Date: Thursday 23rd November 2017


09:30   Registration & Coffee Reception

10:00   Opening Address, Introductions & Event Outline – Dermot O’Neill, ICBE

10:05   Keynote Speaker The changing regulatory landscape under the General Data Protection Regulation (GDPR) and what to expect for your business John Keyes, Assistant Commissioner, Office of the Data Protection Commissioner

10:50   Data Protection Practitioner – GDPR readiness for complex organisationsMarie Murphy, Director of Operations, Fort Privacy Partners: 

11:00   Project Management Professional – GDPR preparation in practice – Finn O’Boyle, PMP Programme Manager Axa Partners

11:30   Coffee & Networking

11:50   Workshops:

A –        Data Protection & Consent – Marie Murphy

B –        DPIAs and Privacy by Design – Finn O’Boyle

C –        GDPR Compliance, a risk based approach – Paul O’Brien MD, CalQRisk

12:30   Panel Q&A

13:00   Close



Assistant Commissioner, Office of the Data Protection Commissioner

John is Head of Investigations at the Office of the Data Protection Commissioner and has over 35 years’ experience working as a Chartered Insurance Practitioner and investigator in the Insurance sector. In his capacity as Assistant Commissioner, John also has responsibility for the Information and Assessment Unit and the Determinations Assessment Unit within the DPC. He represents the DPC on inter-regulatory enforcement advisory bodies and participates in Article 29 Working Party sub-groups at European Level, as well as speaking extensively to stakeholder groups on data protection law, regulation and enforcement. John was called to the Irish Bar in 2015.




Director of Operations, Fort Privacy Partners

Marie is co-founder and operations director of Fort Privacy Partners which offers a full range of operational, legal and technical data protection solutions. Marie is a Certified Data Protection Officer(CDPO) with a background in business and communications. Previously CEO of an internet start-up, she has first-hand experience of the data protection challenges facing business. As a result, her work focuses on providing practical, operational advice and solutions that can be applied to business. Marie also specialises in Privacy by Design and trains on the topic for the Irish Computer Society as part of their European Certified Data Protection Officer Programme. Marie’s philosophy is that data protection is not just about compliance. Done properly, it enables organisations to build trusted relationships with their customers and it ultimately benefits their business by enhancing the business reputation.


 FINN O’Boyle

 PMP Programme Manager, Axa Partners

Finn has been managing large business projects and programs for the past 10 years and been with AXA and formerly Genworth for the past 7 years. Originally an enthusiastic IT programmer, he has worked across consumer goods, public sector, consulting and financial services on different projects focusing mainly on business process design and change management with all functions. He has been leading the AXA Partners CLP GDPR programme since February 2017.




Managing Director, CalQRisk

A co-founder of CalQRisk, Paul has extensive business experience managing multinational companies at operations, general management, and director levels. A marine engineer, he has knowledge of the petrochemical, mechanical engineering and energy industry sectors. He has implemented operational excellence programmes at division level and is an expert in management by objectives. A trained ‘black belt’, he has acted as an assessor of the EFQM award and has led the implementation of a division wide Six Sigma programme. He has driven the integration of complex acquisitions on three continents. Paul is an instinctive risk assessor, with a specialty in alignment of business objectives with the risk context. “Taking a risk-based approach to achieving and maintaining GDPR is expected by the regulator – achieve compliance by managing the risks to the data subject and to the business.”