LawSense School ICT Law 2023

Responding To Reforms, Managing Data Collection, Access, Retention & Data Breaches – Live Online & Recorded

Program

12.00    LawSense Welcome

12.05    Chairperson’s Introduction

Ally Eddy, Information Technology Manager, Santa Sabina College; President, MITIE Inc.

12.10    Examining Potential Reforms and Other Changes and What You Should Be Considering

Privacy Reforms and Impacts on School Policies and Planning

• Exploring proposed reforms to privacy legislation applicable in schools

• Examining potential impacts on school policies and exploring what schools should be considering now
• Exploring how regulator focus is changing and what to expect regarding enforcement of privacy compliance

Insurance Requirements – What Will They Require Next?

• Examining the current risk posture of cyber-insurers regarding schools and reviewing insurer requirements
• Exploring how insurers’ attitude to schools is evolving and exploring further requirements that may be imposed, including regarding admin privileges and other access in schools

Nathan Donovan, Director, Donovan Winkler Lawyers

1.20       Break

1.30       Potential Regulatory Reforms & School Impacts – Artificial Intelligence

• Outlining current and emerging technologies particularly relevant to schools
• Understanding relevant existing law and regulation, including obligations regarding academic integrity
• Exploring how laws and policies regarding AI may evolve and examining considerations for schools

Veronica Scott, Partner, KPMG Law

2.20       Break

2.25       Chairperson’s Remarks

Diana Murase, Head Strategy and Transformation, Scotch College; Vice President, VINE

2.30       Data Retention and Destruction: Balancing Different Risks and Obligations to Help Implement Effective and Legally Defensible Frameworks, Policies and Practices

• Outlining key laws applying to document retention and destruction in schools

• Exploring how obligations can conflict in practice
  • duty of care liability
  • Royal Commission recommendations
  • privacy obligations regarding disposal/destruction of data
  • data retention risks
  • insurance requirements

• Exploring approaches to balancing and resolving tensions between different obligations and risks for your school
• Examining templates provided by Archivists organisations and modifying these to optimise your document retention and destruction practices, risk management and compliance
• Learning from case studies and scenarios

Hayden Delaney, Partner, HopgoodGanim Lawyers

3.30       Break

3.40       Managing Privacy Risks and Data Breaches Involving Third Party Suppliers/Contractors

Optimising Accountability and Management of Supplier/Contractors

• Examining the liability exposure of the school for the actions of third-party suppliers, including use of indemnity and other clauses in supplier contracts
• Implementing best practice in arrangements with suppliers to ensure compliance by the school and to optimise the school’s legal position, including:
  • accountability of suppliers/contractors regarding privacy and data protection
  • response to an incident
• Dealing with circumstances where the supplier will only provide limited information or where there are multiple related entities involved

Best Practice Management of Data Breaches Involving Third Party Suppliers

• Examining mandatory reporting of requirements for data breaches – when and how you must report and remediation. What are your obligations versus that of a third-party supplier?
• Managing communications avoiding increased exposure to legal liability from your communications regarding the incident
• Learnings from recent incident case studies

Jason Symons, Partner, Mills Oakley Lawyers

4.40       Closing remarks from The Chair

4.45       Close Event