Intermediate Certificate in Data Protection

Join us to complete your Intermediate Certificate in Data Protection in three days in October! Made for participants who already have a good understanding of the basics covered in our Data Protection Essentials course, this is your opportunity to delve deeper into specific areas of the discipline. The courses explore the topics in nuanced detail with specific exercises, examples and case studies provided.

Courses at this level will help you embed procedures, disseminate learning to colleagues, and steer the strategic direction of your organisation. When completing the overall Intermediate Certificate, you will receive an additional certificate along with a further digital badge to showcase your achievement.

Session1: Wednesday 15 October, 9:30am-1pm, Information Sharing, Data Processors and Contracts

Session 2: Wednesday 15 October, 1:30pm-5pm, Privacy by Design: Data Protection Impact Assessments (DPIAs)

Note: No session Thursday 16 October, 9:30am-1pm

Session 3: Thursday 16 October, 1:30pm-5pm, Information Security and Data Breach Management

Session 4: Friday 17 October, 9:30am-1pm, Data Protection Rights and Data Subject Access Requests (DSARs)

Session 5: Friday 17 October,1:30pm-5pm, AI and Information Law: Privacy and Ethical Considerations

Information Sharing, Data Processors and Contracts

This course will help participants understand the requirements of Data Sharing Agreements and Data Processing Addendums. It will also explore the relationship between a Data Processor and a Data Controller. The course uses examples to take participants through the necessary steps and legal considerations.

Learning Objectives:

• Identify the relationship between Data Processor and Controller and a Data Subject.
• Recognise data processor and data controller responsibilities and why these are different.
• Describe why lawful basis is important in information sharing considerations.
• Identify how the data protection principles link with data sharing and be aware of compliance considerations.
• Describe the different considerations and requirements when preparing to share data.
• Recognise the practical steps to take when sharing data.
• Identify why it is important to consider retention requirements when sharing data.
• Describe the Data Sharing Code of Practice.
• Identify the required contents of Information Sharing Agreements.
• Describe the required contents of a Data Processing Addendum/Contract.
• Recognise the types of security and wider issues when conducting due diligence on data processors.
• Understand the importance of data protection considerations in procurement processes.

Privacy by Design: Data Protection Impact Assessments (DPIAs)

This practical course will help participants understand the requirements of Privacy by Design and Data Protection Impact Assessments (DPIA)s. The course uses mock examples of a DPIA to walk through the necessary steps and legal considerations.

Learning Objectives:

• Describe what is meant by Data Protection by Design.
• Recap on the different lawful basis and key definitions.
• Learn how to complete a Data Protection Impact Assessment (DPIA).
• Identify the required content of a DPIA.
• Understand the consultation requirements with Data Subjects and/or the ICO.
• Distinguish between the different relationships between Data Processor and Data Controllers.
• Recognise security considerations when introducing new systems or processes.

Information Security and Data Breach Management

Participants will gain an understanding of the UK’s key data protection legislation (the UK General Data Protection Regulations (UK GDPR) and the Data Protection Act 2018) and how these relate to the wider discipline of information/cyber security. The course focuses on key areas of compliance, such as technical security controls, response strategies to data breaches and reporting to the ICO.

Learning Objectives:

• Understand the UK GDPR Security Principle.
• Recognise the Confidentiality, Availability, and Integrity (CIA) triad.
• Identify different types of technical, physical, and operational security measures.
• Describe key technical terms.
• Describe the aims of disaster recovery and business continuity.
• Recognise what constitutes a data breach.
• Know how to assessment the incident.
• Describe when to report to the ICO and the timescales for data breaches.
• Consider how to handle breaches by data processors.
• Discuss different methods for awareness raising within organisations.
• Understand the requirements of compliant record keeping.

Data Protection Rights and Data Subject Access Requests (DSARs)

This course will help participants understand their responsibilities when individuals exercise their rights under data protection law. This course explores the management of Data Subject Access Requests (DSARs) with scenarios that guide participants through the essential steps involved in handling requests compliantly.

Learning Objectives:

• Gain a broad understanding of the data rights provided by the UK General Data Protection Regulation, and how organisations might ensure compliance.
• Confidently identify different types of requests.
• Identity the types of data subject rights (including right of access DSAR, and right to be forgotten).
• Calculate the timescales for responding to a request.
• Recognise the exemptions/exceptions and the cases when they might apply.
• Identify additional requirements for children’s data.
• Describe the what processes should be followed for internal reviews.
• Describe the right of appeal for data subjects and role of the ICO.
• Consider best practices for reporting and management.

AI and Information Law: Privacy and Ethical Considerations

This half-day course introduces participants to the challenges that artificial intelligence (AI) poses to personal data. It analyses key issues the nature of AI presents to complying with the UK data protection law regime (the Data Protection Act 2018 and UK GDPR), covering data protection principles, such as lawfulness, fairness, transparency and security, and respecting people’s rights. It draws from current developments in the UK and globally, giving participants the skills and knowledge to address the contemporary challenges that come with using new technologies. The course also examines intellectual property ownership as a specific ethical issue relating to AI.

Learning Objectives:

• Identify the meaning of AI and the clash between data protection law and training AI models
• Explain the concepts of privacy and ethics in the context of AI.
• Recognise the challenges that AI development brings to processing personal data according to UK data protection law.
• Demonstrate accountability with the UK GDPR when using or developing AI tools.
• Manage of the possible effects decisions made by AI can have on people and those people’s related rights.
• Implement tools for better internal governance and practice to ensure responsible and ethical AI use.
• Identify and raise awareness of the intellectual property challenges AI bring.

What’s included?

• Updated factsheets and handouts prior to the sessions.
• Plenty of opportunities to ask questions during the sessions.
• Links to authoritative resources during the sessions.
• A copy of the PPT slides after the session attended.
• A certificate relevant to the course taken.
• CPD Points via CPD UK for each accredited course (3 per half day course, 1 across the total Intermediate Certificate).
• A digital badge to highlight their participation in the course online.

Disclaimer

The contents of the course are based on the assessment of Naomi Korn Associates Ltd at the time the course is run. It should not to be considered legal advice. If such legal advice is required, the opinion of a suitably legally qualified professional should always be sought.

Cancellation policy

Please see Naomi Korn Associates' Public Training Programme Cancellation Policy here.

If you wish to cancel your booking please get in touch with us directly via info@naomikorn.com.

Please see the Naomi Korn Associates privacy policy.

For more on who we are and what we do, visit: www.naomikorn.com