This one day course will provide an understanding of data protection obligations and tasks to assist you, as a Data Champion, to fulfil your role.
Our Data Champion course is perfect for line managers or those with the role of the Data Champion or Data Guardian and who want to understand the practicalities of the data protection law. It is an interactive course and will aid delegates in understanding how to complete some of the tasks dictated by the law such as DPIAs and completing a RoPA.
Delegates are encouraged to ask questions throughout, and case studies are used to aid with learning. Delegates can share real world experiences with other attendees and discuss issues and ideas to help them within their role moving forwards.
Delegates get a free DPAS set of templates and tools to take back to their organisation to assist them in their role.
The course will cover the following topics:
- Looking at the GDPR, DPA Act 2018, PECR and ePrivacy regulation, and what we need to know.
- Definitions and terms used, from data subjects through to special category data, including a discussion about each and the roles and responsibilities they play in the data protection journey.
- The GDPR principles, including what the contents of a privacy notice should be.
- What the rights of a data subject are.
Subject Access Requests (SAR)
- The rights the data subject has in submitting one.
- What constitutes personal data.
- The search requirements for carrying out a SAR on behalf of the data subject.
- How to handle personal and special category data.
- The factors you should consider, and the relevant articles for advising data subjects of their rights.
- What preparations you need to make.
- What is good practice and policy.
- How long you have to comply with a SAR received.
Record of Processing Activities (ROPA)
- What is it?
- Who is responsible?
- What should be included?
- Benefits to you and your organisations.
Data Protection Impact Assessment (DPIA)
- What is it?
- Any risks associated to the data subject?
- How it fits in with the GDPR.
- The risk cycle and model.
- When to carry out a DPIA.
- Review of the DPAS DPIA template.
- A look at some high-profile data breaches, and the tactics used to access the data you hold.
- What constitutes a data breach and when you need to notify the ICO.
- The requirements for reporting a data breach, including when, and whether, the data subject needs to be notified.
- Policies, procedures, and training you should have in place to ensure staff are aware of the ICO's expectations, including data protection by design, and the security measures you should put in place.
We can design a bespoke course for your data champions with any additional requirements you may have.
- 1 day interactive virtual course
- Experienced trainer
- Access to relevant resources, such as policies, to take back to your organisation.
The course will take 1 day to complete, and will be held virtually.
You will need access to Microsoft Teams throughout the course as all sessions will be held via Teams.
The course will start at 9:00am and finish at 4:00pm