Full-Day Course | £289 +VAT
This course is a step-by-step guide to the new EU
General Data Protection Regulation, which will soon replace existing Data
Protection law in the UK. It will help you understand what you should be doing
now and in the coming months to prepare for these important
February Courses in London, Bristol and Manchester | Further dates in Birmingham, Edinburgh, Reading, Southampton and Sheffield.
Data protection law in the UK is
about to undergo the most significant changes since the introduction of the Data
Protection Act in 1998. The new EU General Data Protection Regulation (GDPR)
will come into force in early 2018 but it will require significant preparatory
work that you should begin now.
This comprehensive one-day course will show you how to comply with the
Regulation and what will change from the existing legislation. It will explain
the new rules regarding the legal basis for processing, consent, privacy
notices, control of personal data, mandatory breach reporting, complaints and
penalties. A more detailed breakdown of what you will learn can be seen
The new Regulation will impose many legal obligations on organisations that
control or process data and will afford new rights to those whose personal data
is being held. The financial penalties for non-compliance will be very
substantial so it is absolutely vital that your organisation is fully prepared
as early as possible.
Who should attend?
This course would be suitable for company secretaries,directors, compliance
officers, HR staff, legal advisors, IT Administrators and anyone with a
responsibility for managing data or advising on data protection issues. A
detailed knowledge of the current law is not essential to attend this
09:30 – 17:00
- A Seminar Pack containing the information presented on the
- An Action Plan setting out the key points to consider that
you can take away and complete for your organisation
- A Certificate of Attendance
What Will You Learn?
- How does the GDPR define data controllers, data processors and data
- What are the new data protection principles?
- What does the Regulation say about transferring data internationally?
- If your organisation operates in more than one country, to which Supervisory
Authority should you typically report?
- Why do you need to know and state your legal basis for processing data?
- How must ‘consent’ be obtained under the new rules?
- What is meant by ‘profiling’ and how is it restricted?
- What will need to be included in a Privacy Notice?
- How can you demonstrate that you are processing data fairly?
- When and how should pseudonymisation be used?
- What are the new rules regarding the personal data of children?
- What is data portability?
- What rights do people have to see, change or restrict the use of information
held about them?
- What are the new rights to prevent direct marketing or automatic
- What is the right to be forgotten and how is it enforced?
- On what grounds may these rights be refused?
- What are the new notification rules in the event of a data breach?
- When must you undertake a Privacy Impact Assessment?
- Does GDPR make the appointment of a Data Protection Officer compulsory?
- How can an individual make a complaint about the use of their data and what
remedies are available?
- How must an organisation respond to complaints?
- What are the new financial penalties that can be imposed in the event of a
breach or complaint?
- What steps and milestones need to be included in your action plan so that
you are ready when the new Regulation comes into force?