In the modern business environment, amid growing concerns about privacy, and with advances such as the digital transformation and artificial intelligence, the importance of operating a robust data protection compliance programme has evolved from being a regulatory overhead to a major value differentiator and a driver of consumer trust.
As the need to safeguard personal data continues to grow, so too does the requirement for organisations to ensure that their employees understand the fundamental concepts of UK data protection laws. By providing comprehensive training to all employees who have access to personal data as part of their daily role, organisations empower their staff to handle personal data with care and confidence. Ultimately, well-trained staff are essential for maintaining regulatory compliance, building consumer trust, and mitigating against any potentially costly consequences associated with personal data breaches.
This one-day course is designed to teach individuals and teams responsible for handling personal data the basics of UK data protection. It examines the requirements set out in the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA18), the Privacy and Electronic Communications Regulations 2003 (PECR) and follows the latest ICO guidance.
The course covers:
Introduction:
- Importance of privacy for individuals and organisations in modern society
- The emergence of artificial intelligence (AI) and the increased risks that this brings
An overview of UK data protection laws:
- UK General Data Protection Regulation (GDPR)
- Data Protection Act 2018 (DPA18)
- Privacy and Electronic Communications Regulations 2003 (PECR)
Using personal data in the workplace:
- How the principles work
- The six principles and accountability
- Linking the principles with lawful processing
- Collecting and processing personal data lawfully
- Data Subjects Rights
- Transparency obligations, including privacy notices
- Subject Access Requests (SARs)
- Automated decision-making, profiling and considerations of AI
Accountability:
- What is accountability (also known as the accountability principle)
- Processes and procedures to ensure accountability:
- Physical and information security
- Data protection by design and default
- Full documentation throughout, including records of processing activities (ROPA)
Data Protection Officers (DPOs):
- Overview of the role and tasks
- Links to accountability
International Transfers:
- Transferring data to third countries
- Brief overview of differences between UK GDPR and EU GDPR
The Information Commissioner's Office (ICO):
- The role of the ICO, including guidance
- Codes of practice:
- CCTV and Surveillance Cameras
- Employment Code
- Enforcement
