Data protection and GDPR compliance
Data protection is important. Advances in technology and the volume and complexity of personal data processed by organisations and individuals is increasing at a rapid rate. Personal data is valuable to both businesses and individuals with consumers becoming increasingly aware of their rights.
The General Data Protection Regulation (GDPR) replaces the previous Data Protection Act 1998 and will be further enhanced in the UK by a new Data Protection Act. Failure to meet the requirements of the GDPR can lead to significant fines and other serious consequences such as criminal liability and damage to reputation.
This course is designed to take you through the key changes brought about by the GDPR and give practical guidance. It is important you are aware of the requirements of the GDPR and how it affects you in your day to day activities.
Topics covered include
- key changes from the previous Data Protection Act
- fair, lawful and transparent processing
- data quality, accuracy and retention periods
- data subjects' rights
- breaches, enforcement and other consequences
- data security
- international transfers
What you will learn
After completing the course, you will understand:
- the key data protection principles
- how data protection affects you at work
- the implications for both yourself and your business of a data protection breach.
On successful completion of this course you will be able to:
- recognise the differences between personal data and sensitive personal data (now to be called "special categories of personal data")
- distinguish between the responsibilities of Data Controllers and Data Processors
- describe how data can be processed fairly and legally
- understand what the principle of accountability requires your organisation to do
- understand the different "legal bases" of processing, and the changes to consent
- describe how data must be adequate, relevant, minimised, accurate and up to date
- assist in reducing the risk of unauthorised or unlawful processing and loss or damage of data
- describe the constraints related to the transfer of data outside the EEA
- deal safely with access requests from Data Subjects
- describe the powers of the Data Protection Officer (DPO)
- describe the procedure should a data breach occur
Who is this course for?
All organisations that process data must comply with GDPR legislation. This course is for all managers who may come into contact with personal data, held either electronically or in manual records.
We will be preparing a shorter more practical guide for employees as well.