By Jess Pembroke, Director of Information Law Services at Naomi Korn Associates.

The CILIP Data Protection Conference, on 21 May 2025, is an exciting new addition to the CILIP calendar. Presented in collaboration with Naomi Korn Associates, this conference is designed for all those responsible for managing information and personal data. Here Conference Chair Jess Pembroke looks at what to expect from the latest addition to CILIP’s training portfolio. Book now.

The CILIP Data Protection Conference offers an essential opportunity to stay up to date with GDPR, data privacy, compliance, and regulation while exploring broader topics in data governance, AI, cybersecurity, and children’s privacy.

"Data protection, including information and cyber security, is crucial because the consequences of getting it wrong can be severe..."

The conference has been launched in response to the increasing demand for expert guidance and professional development in the rapidly evolving landscape of data protection, AI, privacy, and governance and with the introduction of the Data Use and Access Bill, which is set to revise data protection legislation: staying informed is more critical than ever.

Library, information professionals and knowledge managers are often at the forefront of managing personal and identifiable information in their organisations. Keeping pace with these developments enables professionals to support innovative ways of managing, securing, and sharing data. It also positions them as advocates and leaders at the intersection of information management, technology and ethics.

Impact across the profession

Data protection, including information and cyber security, is crucial because the consequences of getting it wrong can be severe – not just for the organisations involved but also for the individuals whose data is compromised. A data breach can derail an organisation’s aims by damaging its reputation, eroding public trust, and causing significant financial and operational setbacks. Conversely, getting it right ensures legal compliance, adherence to professional standards, a recognition of ethical professionals and builds trust with users, customers, staff and suppliers.

For organisations, breaches, can lead to the loss of access to vital resources – including digital materials and services that users rely on daily – sometimes causing long-term disruption to operations and harming relationships with stakeholders, such as the public and partners who depend on the availability of secure, reliable services. This can have a ripple effect on the organisation’s ability to achieve its wider objectives.

Beyond organisational impacts, data breaches can deeply affect staff morale. When a breach occurs, library and information professionals, as well as wider teams, often face intense scrutiny and a surge in workload as they deal with the fallout. The loss or disruption of critical information services exacerbates the pressure, creating a stressful environment that can lead to frustration, burnout, or a decline in professional confidence.

However, the most devastating impact of data breaches can be felt by the data subjects themselves. For example, breaches that expose sensitive personal information – such as home addresses, medical records, or financial data – can put individuals at risk. These failures can have significant consequences for those involved, which can impact their daily lives. Data breaches impact on their privacy, and their trust in the services and organisations they rely on. In an increasingly digital society, the responsible management and protection of data is essential for our collective well-being.

Getting data protection right not only prevents such risks but also positions organisations as trustworthy custodians of information. It ensures uninterrupted access to resources, protects the rights of individuals, and reinforces public confidence in the organisation’s ability to safeguard sensitive data. For library and information professionals, strong data security practices support the wider aims of their organisations by upholding transparency, accountability, and ethical standards in managing information.

Adherence to responsibilities under the data protection legislation reinforces an organisation’s ability to achieve its goals. Effective data governance ensures that resources and services remain accessible, builds trust with users, and supports transparency and accountability. For information professionals, strong data ¬security practices highlight their leadership in safeguarding information, protecting the rights of users, and upholding the principles of access, equity and protecting intellectual freedom. This in turn contributes to an organisation’s wider aims, whether it’s providing public access to knowledge, supporting innovation, or delivering exceptional services.

Data protection is everyone’s issue. Senior leaders must grasp the strategic importance of data protection to mitigate risks and ensure compliance. Compliance specialists need to be adept at handling requests for copies of personal information and sharing when necessary. IT professionals need to be supported when tasked with implementing business critical, cutting-edge AI and other technologies which can elevate an organisation’s efficiency, whilst also complying with data security and privacy requirements.

The CILIP Data Protection Conference is an excellent opportunity to remain ahead of the curve in important developments in privacy law – supporting librarians, information professionals and knowledge managers with the CPD they require to feedback and support their colleagues and users with confidence.

The conference will feature several key presentations with more to be announced. Confirmed speakers include:

Dr Kit Good, Data Protection Manager at The Alan Turing Institute, who will ¬explore how AI technologies are reshaping data protection, focusing on governance frameworks and ethical considerations.

Sara Stock, Head of Data Protection and Information Management at the Driver and Vehicle Standards Agency (DVSA), will discuss the unique challenges of managing data protection in the public sector, including regulatory compliance and resources.

Sue White, Information Governance Manager at Naomi Korn Associates, will provide an update on recent changes in data protection legislation including changes from the Data (Use and Access) Bill, focusing on practical implications for organisations in the education and charitable sectors. This session will include information on important changes including an amendment which would make it easier for charities to contact supporters with unsolicited direct marketing messages after a supporter makes a financial donation. This is known as soft opt-in, an exemption to the rule that you need consent to send such messages (read a blog at https://tinyurl.com/NKsoftoptin).

Alongside these sessions, there will be shorter lightning talks and a panel discussion at the end for Q&A.

Delegates can expect to come away with enhanced professional knowledge and skills including an updated understanding of legislation and guidelines; a better understanding of how AI works and its impact on society and strategies for balancing information availability with security and privacy requirements.

Keep an eye out for updates on exciting speakers and topics to be covered, and register at cilip.org.uk/DataConf25.

First published in Information Professional, February 2025. Read more articles from the Information Professional archive online or by downloading the app on Google Play or Apple iTunes.