GDPR Essentials 1-Day Course
This is a 1-day training course to support the development of individual understanding of the GDPR (General Data Protection Regulation).
For the delegate to be able to understand Data Protection Law and the EU GDPR an outline the obligations that the regulations impose on organisations and individuals, and the rights of Data Subjects.
Course Learning Objectives:
The course will cover:
- Identify the 6 Principles of GDPR and outline their meaning;
- You will learn about the 6 Principles of GDPR, their meaning, and identify the implications of each for your organisation;
- State why and how GDPR is coming into UK Law;
- You will be able to identify the purpose of the GDPR and, why and how it is being brought into force in the UK;
- Identify the Material and Territorial Scope of GDPR and the principle Definitions used;
- You will be able to state the material and territorial scopes of the GDPR and what is, and is not covered under it as well as interpret a range of definitions;
- State the principle roles, responsibilities, obligations on and implications for organisations of GDPR;
- You will be able to outline the processes the organisation must have in place, when a Data Protection Officer is required to be defined, state what is Lawful Processing of data and what is meant by ‘consent’ under Article 13 and 14. You will be able to identify what is personal and special category data, and what you should do regarding data around criminal convictions and offences. You will be able to identify and state the requirements and obligations on Data Controllers and Data Processors, the requirements, obligations and restrictions on transferring personal data to a third country or international organisation. You will be able to identify, the purpose of and how to conduct a Data Protection Impact Assessment, how to respond to a Data Subject Access Request, process data generally and, identify and handle a data breach;
- Identify and outline the Rights of Data Subjects under GDPR;
- You will be able to state the rights of data subjects, outline the process by which a data subject can exercise those rights and under what circumstances a data subject’s request can be refused;
- Outline the purpose of and what is included in a Privacy Framework;
- You will be able to state the components of the privacy compliance framework, the role of Governance in data security, the role of the PIMS (Personal Information Management System) and the ISMS (Information Security Management System), identify a range of policies and procedures needed to achieve and maintain compliance with the GDPR, and what is meant by Privacy by Design;
- Identify the supervisory authority and outline their role and responsibility for Data Protection;
- You will be able to identify the national Supervisory Authority (SA), their role in the GDPR, the options open to the SA in ensuring compliance with the GDPR. You will be able to outline the requirements on the organisation for notifying the SA in the event of a data breach and when a breach or may not need to be notified;
- Identify the role of GDPR in Law Enforcement and National Security.
- You will be able to outline the role of GDPR in Law Enforcement and National Security and its limitations;
You will also review two case studies to identify the issues and suggest options for handling these.
This course aimed at:
This is a course designed to raise a wider awareness of the obligations under GDPR and Data Protection law, and is suited to those working within the Privacy Framework and need to understand the Data Protection and GDPR environment but not with responsibility for designing or implementing it.
Prerequisites to attending this course and delivery method:
There are no prior requirements to attending this course. The course is delivered face-to-face as a group. It will be interactive involving group and individual exercises, visual aids, case studies and group discussion.
19th & 20th February
7th March – Fully Booked
The course runs from 09.30-16.30