Eames Consulting partners with Gallagher to deliver data privacy roundtable
by Liam Kidd
We were delighted to partner with Gallagher to deliver a data privacy roundtable on Wednesday 26th November. I had the pleasure of hosting the event alongside Angela Isom, global chief privacy and responsible AI officer at Gallagher, at the insurer’s London head office. We were joined by 15 senior data privacy leaders, and members of Eames Consulting’s corporate functions team, for an evening of meaningful conversation and debate. Here are my key observations from the roundtable.
AI used mainly for initial contract reviews and data privacy assessments
We discussed the practical uses of AI in privacy teams and the levels of success they’ve achieved with the technology. Our attendees mainly use internal Copilot and ChatGPT for contract and data privacy assessments. ChatGPT has also proved useful for dealing with any data subject access requests (DSARs) and more complex employee requests coming through. When it comes to governance, privacy functions are mainly turning to OneTrust, a responsible AI governance and compliance platform, to produce risk assessments.
Training in AI has a long way to go – not just for organisations looking to understand their people’s development needs, but for providers of AI courses. One of our attendees pointed out that bot training had proved particularly ineffective for their organisation, showing that there’s plenty of work for AI trainers still to do before they can fulfil businesses’ upskilling needs. In-person training with another human being is so important for increasing your people’s confidence in AI and addressing any specific or complex challenges they might be experiencing.
The impact of legislation changes still uncertain
The DPDP Act, passed in India in 2023, and the DUA Act 2025, have provided the biggest legislative changes in this area over the last two years. As to how they will change things, that’s still very much a wait and see. There was a feeling among our attendees that they’ve both so far had minimal impact. Final guidance for the DPDP Act is coming out next year and the DUA Act could result in increased commissioner fines, but it’s not yet on our attendees’ radars in any meaningful way.
Join us for our next roundtable
These events are so important in allowing leaders a ‘safe space’ under Chatham House Rule to talk about the challenges, pressures and risk with one and other. The discussion could easily have gone on for another two or three hours, even beyond the post-forum networking drinks, and a big thank you to everyone who joined us. Our next roundtable will take place around the end of Q1 2026. If you’re a chief privacy officer or a group data protection officer and you’d like to join us, please get in touch with me to find out more.
Fresh Content
Explore our latest market insights, career advice, and more.
