A Data Protection and Information Security Conference

9:00 – 17:00

31st January 2024

The Bond, Digbeth, Birmingham, UK

brought to you by:

conference agenda

8:30 – 9:00

Arrival, Networking, and Tea & Coffee


9:00 – 9:30

Welcome from the Hosts and Sponsors.

DPAS, Responsum, filerskeepers, EncompaaS & CookieScan


9:30 – 10:10

Keynote: What’s In Store for 2024 and Beyond

Anulka Clarke (Information Commissioner’s Office)


10:10 – 10:50

Data and Cybersecurity in a Modern Technical Enterprise

Philip Wright (Pngme) and Nish Imthiyaz (Vodafone)


10:50 – 11:10



11:10 – 11:50

The Effective DPO

Emma Martins (Ex Guernsey Commissioner), Paul Byrne (CookieScan) and Eugénie Michalopoulos (BlueOptima)


11:50 – 12:30

Understanding Neurodiversity in the Workplace

Andrew Rawlins-Catterall (Neurodiversity in Business), Philip Wright (CISO) and Rowenna Fielding (Miss IG Geek)


12:30 – 13:20

Lunch and Networking

13:20 – 14:20

Incident Response Workshop

Regional Cyber Crime Unit (RCCU)


14:20 – 15:00

Data Sharing Myths from the Data Sharing Dinosaurs

David Parsons (Digital Health and Care Wales) and Barry Moult (BJM IG Privacy Ltd)


15:00 – 15:20



15:20 – 16:00

Using Technology to Empower Your Team

Dean Hogarth (OCU), Geoffrey Ceunen (RESPONSUM), Emily Overton (filerskeepers) and Natalie Bennett (DPAS)


16:00 – 16:40

Embedding Data Ethics Into Your Privacy Programme

Rowenna Fielding (Miss IG Geek) and Ralph O’Brien (Reinbo Consulting)


16:40 – 16:55

Closing Remarks and Prizes



Networking Drinks



Networking Dinner and Drinks

(£40pp for three course meal – to book please confirm here.)

Meet the speakers

Nigel Gooding


Natalie Bennett


Geoffrey Ceunen


Emily Overton


Anulka Clarke

The Information Commissioner’s Office

Ralph O’Brien

Reinbo Consulting

Rowenna Fielding

Miss IG Geek

Barry Moult

BJM IG Privacy Ltd

Philip Wright


David Parsons

Digital Health and Care Wales

Eugénie Michalopoulos

Blue Optima

Nish Imthiyaz


Andrew Rawlins-Catterall

Neurodiversity in Business

Dean Hogarth


Emma Martins



All DPAS staff will be staying at the Clayton Hotel, a convenient bed and breakfast option for anyone attending the conference. We have also reserved rooms at the IBIS – a more budget friendly option.



£129 for single occupancy and £139 for double occupancy per night.


How to book: Attendees can book by calling the hotel and providing the group number (DATA300124)



£84 for single occupancy and £91 for double occupancy per night.

How to book: Attendees can book by emailing the hotel on h1459-sb@accor.com and providing IBIS (1459BOO142)



The venue is a 20 minute walk from the Birmingham City Centre and New Street Station, and a 15 minute walk from the Moor Street Station. There are also plenty of taxis at the station to get to the venue.

Parkopedia has provided the best options for parking near the venue (pictured right).

Alternatively, you can look for information on park and ride services here or a taxi costs between £5 and £10.

Please note that while the venue has an allocated area for luggage, it is recommended that you leave this in your accommodation. If you do need to bring luggage to the event, you are able to do so at your own risk.


We will be arranging a networking dinner in central Birmingham on the night of the conference (31st January) at 7pm. The cost per delegate will be £40.

If you would like to attend, please confirm here.

meet nigel


Nigel, DPAS founder, is a leading expert in the industry. A hugely experienced Data Protection Officer, he has held many senior positions in both the private and public sectors, experience invaluable to the conception and growth of the company.

As you could probably imagine, Nigel keeps very busy – not just in the office, but outside of work hours, too! When he isn’t walking his dog Beau, he’s refereeing rugby games on the weekends, or out exploring the beautiful scenery of the UK in his camper.

Together with Mel, Nigel brought DPAS into existence, and for years, has done incredible work for a multitude of clients and organisations. Nigel has poured his heart and soul into DPAS, and it simply wouldn’t exist without his efforts.


  • Master’s degrees in Data Protection, Information Governance, and Information Rights Law, with a speciality in Subject Access Requests, Children’s and Young Person’s Data Sharing, Freedom of Information, and Environmental Information Regulations Law, plus practitioner level qualifications
  • A national board role with NHS Direct as Chief Operating Officer
  • Has been DPO at South Western Ambulance NHS, Macmillan Cancer Support, Bristol Airport, Teignbridge Council and Watford Council, as well as having worked with a number of local authorities
  • External Examiner, Master of Laws (LLM)
  • A graduate of the Oxford Artificial Intelligence Programme at Saïd Business School, University of Oxford
  • A Fellow of BCS, The Chartered Institute for IT
  • Certified Information Privacy Professional/Europe (CIPP/E) with IAPP
  • Led the development of a Global Data Strategy with one of the world’s largest companies
  • Was Strategic Data Protection Subject Matter Expert advising the Government of Jersey in Health, Social Care, and Children’s Services, including safeguarding and education
  • Wrote the first UK DPO CPD Accredited Training Course

meet nat


Nat is our Head of Consultancy. She leads our internal and external consultants, supporting with project delivery, mentoring, and development. Nat wears many hats at DPAS, getting involved in many aspects of the business. These include training, compliance projects, and also managing her own clients, including a number of international customers, where she acts as an outsourced Data Protection Officer.

Nat also delivers some of our BCS and CPD accredited training courses, bringing her experience in teaching to the DPAS training programme.

Outside of work, Nat is most happy out with her friends, catching up over some good food and a glass of wine (or two). You will also find her enjoying Devon’s coastline with her partner, and beautiful puppy!


  • Data Protection Officer – Travel and Leisure, BOXPARK, Bristol Airport, The Ramblers, SWAST, Exeter University Students Guild, and many more. 
  • BCS Practitioner Certificate in Data Protection
  • BCS Practitioner Certificate in Freedom of Information
  • CMI Level 5 Award in Management and Leadership
  • BCS Foundation Certificate in Information Security Management Principles (CISMP)
  • BCS Certified Trainer

meet Geoffrey


Geoffrey has been working in privacy for over 5 years (before GDPR was cool). As a Master of Law graduate, he started out as Privacy & Data Protection Officer at two separate companies.

After that, he found a role that combined his passion for privacy and people in a more commercial role for the largest privacy consultancy firm of the Benelux. Now, he’s committed to bringing clients’ privacy management to the next level at RESPONSUM.

meet emily


Emily is a top-tier Records Management expert with almost two decades of experience in the industry. Her expertise spans retention schedules, policies, storage of records, data audits, information asset registers, record scanning, and legal admissibility, encompassing international standards and expert witnessing.

As the Chief Enthusiasm Officer at filerskeepers, Emily talks about trends in records retention and spreads joy and wisdom related to anything records management. She really enjoys shedding her light on the crucial need for compliance with global regulations, offering valuable insights into the practical and legal complexities pertaining to records retention, records management, and data deletion.

meet anulka


Anulka, Director of Regulatory Design, has 20 years’ experience of regulating the full range of information rights legislation that the ICO is responsible for. In her current role, she is focussed on regulatory implementation of legislative reform, with particular emphasis at the moment on the implementation of the Data Protection and Digital Information (DPDI) Bill.


meet ralph


Ralph delivers a variety of data protection courses, including some of our BSC certified courses. After two decades at the forefront of the privacy sector, Ralph has built his career around making the intricacies of privacy and security risk management understandable.

In terms of the apprenticeship scheme, Ralph works as a teacher and mentor, passing on his knowledge and experience to the apprentices. Ralph also enjoys passing on his passion for privacy by translating often complicated legal concepts into sustainable business processes.

Ralph uses his vast and ever-growing knowledge of data protection laws and information governance standards to aid businesses in their development and growth, helping them to engage their stakeholders and deliver real value to his clients.


     Sits on the International Organisation for Standardisation (ISO) 27 Working Group 5 for the ISO 27 family of standards (particularly the privacy elements), and the Institute of Operational Privacy by Design

meet Rowenna


Rowenna, since earning her qualification before the GDPR came along and made data protection cool, has built up over a decade of experience helping organisations stitch together law, tech and humanity as best they can.

She has worked with charities, the public sector, and commercial businesses, has written many articles, given plenty of talks, and has been proud to accept a couple of awards for her outstanding services to geekery.

Rowenna firmly believes that a strong commitment to human rights and welfare is what stands between us and the future-tech dystopia of nightmares. She’s happy to be on the human side, opposing any sci-fi threats that may present themselves in years to come.


  • Certificate in Data Protection

meet barry


Barry has years of valuable experience in the field, offering bespoke and off-the-shelf courses focusing on information governance in Health and Social Care, and delivers our health-focused GDPR training, SIRO, and Caldicott Guardian courses.

Barry has many accomplishments in the field; he won the ICO’s Practitioner Award for Excellence in Data Protection Award 2020, the NHS Strategic Information Governance Network IG Professional of the Year 2021 and the IRMS Lifetime Achievement Award 2020.

Barry formed the first national Strategic Information Governance Network Group, supported the development of the former NHS Information Governance Toolkit, and initiated and supported the development of the Information Governance/Data Protection Apprenticeship.


     Former Chair for the Eastern Region IG Forum

meet philip


Philip Wright is a distinguished security professional and Chief Technology Officer, renowned for his expertise in building and leading security teams, driving technological innovations, and ensuring industry compliance. As a dynamic public speaker, he specialises in demystifying complex tech and security concepts for diverse audiences. His leadership is further reflected in his mentoring of professionals and fostering of inclusive, high-performing teams.

Beyond his professional pursuits, Philip is a barbecue enthusiast, part-time farmer, and a dedicated father, demonstrating a strong commitment to work-life balance. He holds essential certifications like CISM and CDPSE, which underpin his continuous learning and leadership in technology and security.

In his role as CTO, Philip applies his extensive expertise in spearheading technology initiatives, highlighting his adaptability and leadership acumen in the tech industry’s evolving dynamics.

meet Dave


Dave Parsons is the WASPI Code Manager within Digital Health & Care Wales. Dave has responsibility for the strategic development and operational implementation of the Wales Accord on the Sharing of Personal Information (WASPI) framework, as well as delivering advice and support to DHCW and All-Wales projects and programmes and to other stakeholders in the health and social care sector in Wales.

Dave has worked extensively within public services for 20 years and has worked more exclusively within the areas of Data Protection and Information Governance for the past 18 years.

meet Eugénie


Eugénie is an internationally recognised lawyer and commercial strategist who specialises in Commercial, Data Protection and Technology Law. For almost a decade, she has worked across corporate, legal, cybersecurity and technology sectors, establishing a high-calibre network and acquiring extensive experience. Eugénie has worked within law firms, at major and minor technology companies and as the Head of Legal globally across the United Kingdom, Europe, the Americas, Asia and Emerging Markets giving any individual or company she represents and advises a significant competitive advantage.

meet Nish


Nish is a global privacy lawyer with experience in data protection across the Telco and Financial Services. As the Global Privacy Counsel for Vodafone, Nish drives the data protection strategy across its global operations, ensuring compliance with diverse and complex regulatory landscape.

Nish is currently focusing on the intersection of privacy and AI, Nish is at the forefront of navigating the challenges presented by AI. He is currently playing a key role in the formulation of Vodafone’s Responsible AI Program.

 Nish regularly participates in policy-influencing initiatives as an active member of several industry think tanks, contributing fresh perspectives and insights to shape the future of data privacy in telecommunications, ensuring that regulations are both progressive and practical.

meet andrew


Andrew is an accomplished data protection and privacy practitioner with an excess of two decades of corporate experience ranging from managing international information governance and retention programmes, international encryption jurisprudence research, to developing and embedding data privacy best practices within medium to large organisations. Most recently he was responsible for successfully advising and writing the legal framework to enable the application of the Financial Conduct Authority’s new enhanced consumer duty in relation to ensuring better customer outcomes for vulnerable customers, whilst balancing the rights and freedoms of the organisation’s members.

He champions ethical data practice and use in a rapidly evolving digital world and recognises the cybersecurity and human based risks that accompany the development of those technologies. As a Data Protection Officer for Neurodiversity in Business, a charity trustee, and IAPP Chapter Chair, Andrew is committed to ensuring equality, equity, and true inclusion & diversity in everything he undertakes.

meet Dean


Dean is the Privacy & Data Protection Director at OCU, having been working in technology and security, both in-house and to external customers for over 15 years (the latter half of which he’s spent working in Information Security and Data Protection). Dean has had the pleasure of fulfilling Data Protection consultancy roles and in-house Data Protection Officer roles within MSP, Retail and now the Rental industry. He is a huge advocate for Information Security and Data Protection working in collaboration, each with different focuses, but with similar missions.

meet emma


Emma has worked in data protection for over 25 years. Starting her career as a data protection officer in the public sector, she moved to work in the regulatory office for Jersey, Channel Islands, in 2002.

Since then, she has been Commissioner for Jersey and, since 2018, for the Bailiwick of Guernsey where she worked with a team responsible for implementation, oversight, and adequacy assessment for the new GDPR-standard legal framework for the Islands.

Her fixed term in that role finished in December 2023. In January 2024, Emma was appointed as Chief Commissioner for the Data and Marketing Commission. She also has a small portfolio of work acting in an advisory role and is a charity trustee.

Throughout her career, Emma has been committed to driving high standards of ethical and legal data handling and encouraging more inclusive and accessible conversations around the role of data in our lives. She is a strong advocate of cultural engagement and has spearheaded a number of community-wide initiatives to support social and economic benefits that come with effective data protection.