Stuart is a highly experienced and knowledgeable GRC consultant at URM who has specialised in data protection law for 25 years. Having previously been a solicitor in private practice including in both England and Scotland (where he qualified), Stuart specialises in GDPR compliance and has worked with a wide range of both public and private sector organisations to help them meet the requirements of the Regulation. His in-house experience has included working as the Data Protection Officer for the Birmingham 2022 Commonwealth Games Organising Committee, where he created the first record of processing activities (ROPA) ever prepared for a Commonwealth Games. In addition to his in-house data protection roles, Stuart has nearly 5 years of DP consultancy experience to call upon.
Talk DP
Season
1
, Episode
10
Top Tips for GDPR Compliance
In this episode of InfoSec Insider – Talk DP, Stuart Skelly, Senior Data Protection Consultant at URM, provides some hints and tips on how to achieve and maintain compliance with the General Data Protection Regulation (GDPR), with a particular focus on the key documentation organisations need to have in place to comply. Stuart leverages over 25 years of experience to discuss:
- The importance of maintaining documented evidence of your GDPR compliance under the ‘accountability’ principle
- Some of the key compliance documentation you need to produce, including records of processing activities (RoPAs) data protection impact assessments (DPIAs), privacy notices and personal data retention policies
- What information you will need to include in these documents
- When these documents are mandatory and whether any organisations are exempt from producing them.
Talk DP
Season
1
, Episode
6
Fines Imposed by the ICO in 2023
In this episode of InfoSec Insider – Talk DP, Stuart Skelly, a Senior GRC Consultant at URM, provides a break down and analysis of the enforcement actions delivered since the beginning of 2023 by the Information Commissioner’s Office (ICO), the UK’s privacy regulator, to highlight emerging trends and lessons that can be learned from how the ICO enforces data protection legislation such as the UK General Data Protection Regulation (GDPR) and the Privacy and Electronic Communications Regulations (PECR). Stuart leverages his 25+ years of specialisation in data protection law to discuss:
- The differences between the enforcement actions that are available to the ICO, i.e., Enforcement Notices, Reprimands, and Monetary Penalties
- The ICO’s enforcement activities in 2023 – the amount of fines compared to reprimands, and the sums of money involved
- The ICO’s enforcement activities in the first half of 2024 and how they compare to the same period in 2023
- Trends that can be observed in the ICO’s enforcement activities and the ICO’s approach to issuing fines vs. reprimands
- How the ICO’s use of monetary penalties compares to its European counterparts.
Talk DP
Season
1
, Episode
2
GDPR Back to Basics
In this episode of InfoSec Insider – Talk DP, Stuart Skelly, a Senior GRC Consultant at URM, takes us ‘back to basics’ with the General Data Protection Regulation (GDPR), breaking down the key data protection concepts and terminology you will need to understand if you want to achieve and maintain compliance with the GDPR.