General Data Protection Regulation (GDPR)

Course Duration is 1 Day

£845.00 Plus VAT

Business Benefit

With the new law General Data Protection coming into effect in May 2018, businesses must ensure that they are compliant.

How to Book

If you are interested in booking this course, then please select an available date and then click book now to complete the booking.

Who Should Attend

With the new law General Data Protection coming into effect in May 2018, businesses must ensure that they are compliant.

Learning Outcomes – by the end of this course you will be able to…

Understand the key point of GDPR
Explain the key roles and duties under the GDPR law

Course Content

Overview of GDPR, it’s background, terminology and what it means.
What’s new and the difference between the existing Data Protection Act.
Key implementation and compliance areas.
Data subjects, responding to and dealing with individuals exercising their data protection rights including time limits.
Subject Access Requests and how to respond.
Marketing departments and handling data appropriately.
CV’s, sensitive data, outsourcing payroll, pensions and other hr services.
Employment contracts according to GDPR.
Human Resources departments and handling data appropriately.
Key steps to implementing GDPR including:
Privacy by design, consent, consent withdrawal
Data Protection Impact Assessments (DPIA’s), what to include, when to perform and the situation. Risk Assessment of third party contracts. Binding corporate rules in accordance with GDPR.
Protecting your business and adequate security tools, DLP, Isolation, Encryption, Pseudonymisation and Minimisation.
Training, competence and staff awareness requirements. Education assistance, protecting your weakest link and confidentiality of sensitive data.
The role of a DPO (Data Protection Officer), Data Processors and Data Controllers. GDPR Representatives.
Incident Response, breach reporting and business continuity options and requirements. Notification to data subjects and compensation relating to their rights to the risk and freedom of information.
Updating policies, procedures and documenting processes now and ongoing. Internal GDPR document and Data Retention Policies.
Effective data security management. Limited access to corporate data and CRM systems.
International data transfers and third-party agreements. Effective contracts, codes of conduct, certification methods and the US Privacy Shield.