Bradley Tosso is the Assistant Information Commissioner at the Gibraltar Regulatory Authority (“GRA”). Mr Tosso has 14 years experience in the field of compliance and regulation, working in different jurisdictions and in both the public and private sector. Combing qualifications in business, computing and law, Mr Tosso’s credentials include a Masters in European Union Law, a Masters in Information Rights Law and a Bachelor of Science in Computing and Management.
In his role Mr Tosso directly assists Gibraltar’s Information Commissioner in his regulation, supervision and enforcement of data protection and other information rights laws in Gibraltar. Mr Tosso believes in engagement and guidance as integral parts of a modern and effective supervisory regime.
Responding effectively to data subject access requests (DSARs) can be challenging. Complex requests, especially from current or former employees, often require handling a wide range of data (often sensitive) across the enterprise.
Whether it’s wading through the review process of thousands of emails, baring the cost of external counsel, or working with IT to ensure you have all the personal data you need from various (tricky to collect / legacy / remote) data sources, employee DSARs can soon become an extremely challenging exercise to fulfil.
Join our expert panel to discuss key considerations when responding to employee DSARs and how technology can help fulfil complex requests.
Host: Steve Wright, Partner, Privacy Culture
Noemi Alonso Calvo, Senior Director, Privacy Counsel, bluebirdBio, GmbH
Bradley Tosso, Assistant Information Commissioner, Gibraltar Regulatory Authority
Filipe Lousa, ECPC-B, Director of Privacy and Compliance, Globalization Partners