The course covers legal guidance and practical topics in order to equip delegates with the understanding to confidently respond to a subject access request. Created to guide individuals with an existing knowledge towards a competent understanding, and to equip those new to the sector with the necessary tools in order to complete requests in line with relevant laws and guidance.
We will look at:
- How things have changed throughout the years, in terms of the incredible advancements in technology and its gathering of your data.
- Article 15 of the GDPR and how it allows you and your data subjects the right of access to the personal data held about you/them.
- The GDPR guidance on protection of the data held.
- A detailed look at the GDPR and its purpose, including the legislation and principles.
- The consequences of not complying with the guidance.
- What constitutes personal data, the requirements when searching for the data to complete a SAR, and how to identify the data subject is entitled to the requested.
- How to determine if you are processing special category data and how to handle it correctly if you are.
- What exemptions are, and when they could be applied.
- How you can demonstrate compliance when using an exemption, and when you can justifiably refuse a SAR received.
- The preparations you should make when completing a SAR.
- The role of the controllers and processors, and what is good practice and policy to undertake.
- The timeframe for completing a SAR, and under what circumstances you can apply an extension.
- Dealing with a SAR in regard to children.
- Understanding the request you have received, how to provide the data requested, and where to gather that data from within your systems.
- How to deal with a SAR from a third party, how to provide data once it has been collated, and what if any reasonable adjustments can be made.
- How you process other people's data that may be contained within the file.
- What to do if you receive repeated requests from a data subject.
- One-day interactive course with an experienced trainer.
- Access to relevant resources, such as policies, to take back to your organisation.
- Opportunity to network with other data protection professionals.
The course takes 1 days to complete and will be held virtually.
You will need access to Microsoft Teams throughout the course as all sessions will be held via Teams.
The course will start at 9:00 am and finish at 4:00 pm (approx.).
Our course is great for
This course requires no prior understanding of subject access requests and provides a full overview of the relevant legislation and its practical application.
This qualification is likely to be of particular benefit to those working in the following areas:
- Data protection and privacy
- Information governance, risk and compliance
- Managers with data protection responsibilities
- Human resources
- SAR handling staff