This course is for Data Protection and Security staff, auditors, or anyone who needs to gain an understanding of the principles of the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act.
There are no prerequisites for this course.
The EU GDPR will come into effect in May 2018 and will impose tighter regulation on organisations that process, monitor, and store data belonging to EU citizens to ensure the safety of their data against cyber-attacks and breaches. The UK after Brexit will have its own independent legislation and the course will ensure that delegates understand the differences between the two.
Upon completion of the course, delegates will understand the principles of data protection, and will be able to assess their own organisation’s compliance with both the GDPR and, where applicable, the UK Data Protection Act.
- Why has the EU launched the GDPR?
- Essential General Data Protection Regulation background and terminology.
- The six data protection principles.
- The special categories of personal data.
- The rights of data subjects, including data access requests.
- The obligations of controllers and processors.
- Data protection by design.
- Securing personal data.
- How to report data breaches.
- Penalties for non-compliance.
- How to perform a data protection impact assessment (DPIA).
- The role of the data protection officer (DPO).
- Transferring personal data outside the EU.
- The powers of supervisory authorities.
- The UK Data Protection Act and where it differs from the GDPR.
- GDPR and cloud computing.