October 24th 2018 | Dynamic Earth, Edinburgh


Maureen H Falconer

Regional Manager, Scotland, Information Commissioner’s Office

Maureen Falconer joined the ICO in 2007, and is currently Regional Manager for the ICO’s Scotland Office. Maureen works with a variety of organisations, providing awareness-raising events, advice and guidance in all things data protection. Maureen sits on various development/steering groups, providing advice and guidance at the early stages of various public sector initiatives.

As well as the day-to-day management of the office, Maureen’s external remit includes the NHS, Local Government, Education and Social Work.

Prior to joining the ICO, Maureen worked in the Scottish Parliament as parliamentary researcher for Dennis Canavan MSP until his retirement in 2007. Coming from an academic background, Maureen lectured and researched in public administration with specific interests in education and health.

David Freeland

Senior Policy Officer, Information Commissioner’s Office

David joined the ICO in 2013 as a Senior Policy Officer in the ICO’s Scotland team. He engages primarily with information governance professionals across Scotland to increase awareness of data protection law, encouraging a privacy-by-design approach to both policy development and working practices. This work includes responding to specific enquiries from stakeholders, developing ICO responses to new legislation in Scotland, organising and delivering workshops and presentations, and representing the ICO in sector-based forums.

Vicki Ambrose

Information and Records Management Officer, Creative Scotland

Hello, I’m Vickie Ambrose, Information and Records Management Officer with Creative Scotland. I wear two hats with this role, Data Protection Officer and Records Management Officer. I enjoy my role and I’m passionate about data protection.

I moved to Scotland in December 2008 and, in doing so, made a long-standing dream come true.

I came to Scotland not knowing anyone, I had no job and not much money – it was a risk - however I quickly found work with the NHS and solved two out of my three needs. I was very much embraced into the Borders community where I lived and also with the NHS and have made firm ties and friends that I am privileged to know. I then moved to Victim Support Scotland which fulfilled my three needs and assisted in improving my governance skills. Next stop, Creative Scotland. I have worked for them for almost eight years and have successfully completed CIPFA Corporate Governance and Data Protection Practitioner courses. I have also developed, co-ordinated and implemented Creative Scotland’s Records Management Plan which has gained approval from the Keeper of the Records of Scotland.

Working in data protection is a continuous learning curve - a roller-coaster ride that I don’t want to get off. My journey has begun and working as a Data Protection Officer is my career path which I’m happily travelling on.

William O'Brien

Senior Manager Technology Sales, Veritas Technologies

Will has worked for some of the industry’s leading IT Vendors over the past 25 years, and currently leads the pre-sales solution SE’s team for Veritas Public Sector and Strategic Accounts.

In this role Will and his team are assisting their clients in transforming their existing data environments to meet the ongoing challenges of data management.

Keith Nicholson

Chairman, Cyber Security Scotland

Dr Nicholson has worked in the cyber security field since 1992; initially as CEO of a first-mover ecommerce business and later as an Interim Director, a Non-Executive Director and Consultant. He acts as an independent cyber security and technology advisor with a range of clients that have included FTSE 250 companies; SMEs and several public bodies including NHS Scotland and the Scottish Government.

Keith was a contributing author to the Scottish Government Cyber Resilience Strategy and also co-authored a WannaCry impact assessment report for NHS Scotland. He is a member of the public-private sector National Cyber Resilience Leaders Board and Joint Chair of its Public Sector Steering Group. He recently founded Cyber Security Scotland; a non-profit independent advisory body offering specialist security and digital technology guidance.

Stuart Skelly

Sector Consultancy Manager (Professional Services Team), IT Governance Ltd

Stuart is one of IT Governance’s most experienced GDPR consultants.  A Scottish solicitor for more than 20 years before joining IT Governance in 2017, Stuart worked in private practice for some large law firms in Scotland and England, and in in-house roles for multinationals including Europcar, Lafarge and NCH.  Stuart brings to the role of sector consultancy manager the legal practitioner’s forensic focus on detail as well as the in-house lawyer’s commercial ability to see the legislation ‘in the round’ – understanding the Regulation’s practical effects on businesses.  And a little humour – in the rare instances where the GDPR affords it!

Alex Cash

Global Privacy Engineer, OneTrust

Alex Cash is a Certified Information Privacy Professional (CIPP/E , CIPM) and a Global Privacy Engineer at OneTrust –  the market leader in enterprise privacy management and marketing compliance software. In his role, Cash advises many of the world's leading organizations on General Data Protection Regulation (GDPR) and ePrivacy (Cookie Law) solution implementations with extensive experience building and scaling enterprise-level privacy programs. He holds a Masters degree in Electronic Engineering and has previous experience building enterprise antivirus software.

Dr Rena Gertz

Data Protection Officer, University of Edinburgh

Dr Rena Gertz completed her law degree in Germany before moving to Scotland for a Masters Degree and PhD in law, followed by a research fellowship at Edinburgh University. Leaving academia, she worked in local government for 7 years as DP and FOI Compliance Officer, while still maintaining her relationship with Edinburgh University, lecturing on several Masters Degree programmes. In May 2017 she returned fully to Edinburgh University by taking up the role of Data Protection Officer. 

Donald Henderson

Information Governance Manager/DPO, Perth & Kinross Council

Started in IT development the private sector before moving to the Council doing IT networking before moving to information security, DP and FOI.

Undertook the registration for my employer under the DPA 1984 and then helped implement the DPA 1998 in the Council. Led the Council’s implementation of FOI from 2003 onwards. Have been responsible for DP in the Council since 2004 and led the work to implement the GDPR. Appointed as DPO for the Council earlier this year.

Helen Findlay

Head of Information Assurance and Risk, Scottish Government

Eamonn Keane

Head of Cyber Security & Innovation, Scottish Business Resilience Centre

Detective Inspector Eamonn Keane has worked with the Irish and Scottish Police for 35 years principally in the investigation of terrorism, serious crime, criminal investigation, public protection and most recently national Cybercrime investigations and forensic delivery.

His current portfolio is with the Scottish Business Resilience Centre as Head of Cyber Security & Innovation championing the ethos of cybercrime prevention through business engagement, resilience, support, education and intelligence sharing for the Scottish and UK business community.

Chelsea Jarvie

Security and Information Risk Manager, Social Security Directorate, Scottish Government

Chelsea Jarvie is Security and Information Risk Manager, Social Security at the Scottish Government. Holding a First Class Honours degree in Ethical Hacking and Countermeasures from Abertay University, Dundee, she is integral to the development of the digital and technological solutions that are being developed for the safe and secure transition of 11 benefits to Scotland. Chelsea ensures information risks are understood across the organisation, bridging the gap between IT and the business.

Chelsea is passionate about promoting diversity in technology and was named as a "Woman of the Future" by Equate Scotland in their "Leading Women of Scotland" publication. She was also chosen as Code First Girls: One to Watch 2017 and was a finalist in the Scottish Cyber Awards 2016 for "Outstanding Woman in Cyber".

Ann Jones



Head of Information Governance and Data Protection Officer, Heriot-Watt University

Ann Jones is the Data Protection Officer for the Heriot-Watt University Group, comprising the University and its subsidiary companies. With an established reputation for teaching and research informed by the needs of business and industry, the University has just under 30,000 students studying on five campuses in Edinburgh, Scottish Borders, Orkney, Dubai and Malaysia, by distance learning or with learning partners in 40 countries worldwide.

She heads an information governance team leading on data protection, freedom of information (FOI), records management and information security policies, standards and procedures. 

Starting her professional career with a master’s degree in Archive Administration, Ann has extensive experience of experience of lifecycle information risk management and led the University’s implementation of FOI and GDPR.  A Certified Information Privacy Professional, Europe (CIPP/E), she is an active member of relevant professional bodies and networks.

Fiona Stuart

Data Protection Officer, Fife Council

Fiona Stuart is the Data Protection Officer for Fife Council and has been working as a data protection practitioner in local government for 10 years.

Fiona is a solicitor, specialising in Data Protection and Freedom of Information Law and has gained the Data Protection Practitioners qualification.

On a day to day basis Fiona provides advice on whether information can be shared with other organisations; drafts and reviews Data Protection Impact Assessments, Data Sharing Agreements and Data Processing Agreements; and carries out reviews of Subject Access Requests.

Fiona is a member of the SOLAR DP/FOI/Human Rights Working Group and has contributed to a number of national data sharing initiatives. She also regularly delivers Data Protection Training to staff within Fife Council.