"The ICO has repeatedly called for organisations to make the data protection principles part of corporate governance. The Scottish Government’s new draft principles on identity management and privacy will help to reinforce this message whilst my office will be working with Scottish organisations to ensure the privacy rights of all Scottish individuals are protected."

Dr Ken Macdonald, Assistant Information Commissioner for Scotland

Data protection is an ongoing issue. With more and more information being stored and transferred digitally, there is strong concern amongst the general public for the privacy of their personal details. The remit of the ICO is developing rapidly, and it will have new powers to check and fine from April 2010. All modern organisations handle and manage information, including personal data, as part of their business, and therefore data protection is just as much of an issue in the private as the public sector. Losses must be identified and learned from: both actual problems and near misses. Sharing examples of breaches between sectors, adopting a "lessons learned approach", will help progress for all concerned.

The public need to be able to trust and have confidence in Scottish public services and other organisations. The Public Service Reform Directorate has recently produced a set of draft Identity Management and Privacy Principles. Following a consultation which ends on 23 November 2009, a report will be published in February 2010, followed by the final Principles for public service delivery organisations in Scotland by early spring 2010. At Data Protection: Respecting Privacy, Building Trust, these Principles will be reviewed and their implementation discussed.

Any project involving personal data must consider privacy issues from inception, with Privacy Impact Assessments. Staff of all levels need to be fully trained in data protection, and understand the value of the information they are handling. Privacy Enhancing Technologies must be used, and Privacy by Design initiatives implemented, with information professionals working alongside organisations to ensure privacy risks are dealt with from the outset.

Technology is advancing incredibly quickly, and information-storing devices are becoming more and more portable. Following high profile data losses and data breaches involving laptops and memory sticks, the security of such mobile devices must be considered. How do we make sure that the next generation of mobile phones and laptops is as secure as possible? What is the safest way to store sensitive information?

All of these issues will be discussed by leading representatives from the public, private and academic sectors at Data Protection: Respecting Privacy, Building Trust.