0

0800 435 772

Dealing with Subject Access Requests

New Full-day course  |  6 CPD hours

£ 329 +VAT per person

Enquire PrintShare
£329 +VAT
per person
  • 7 February 2019 Book

    London

    Venue: Hamilton House
    Time: 9:30am - 5:00pm
    Presenter:  Peter Blenkinsopp
  • 2 April 2019 Book

    London

    Venue: 46 New Broad Street
    Time: 9:30am - 5:00pm
    Presenter:  Peter Blenkinsopp
  • 4 April 2019 Book

    Manchester

    Venue: The Meeting Place
    Time: 9:30am - 5:00pm
    Presenter:  Peter Blenkinsopp

This course can be presented in-house at your premises. You can find out more about our in-house training here.

If you would like to make an enquiry simply fill in the quick contact form below and a member of our in­house team will be in touch shortly.

Fields marked with an * are mandatory

Enquire Share

Home > Classroom training > Dealing with Subject Access Requests

www.uktraining.com info@uktraining.com 0800 435 772

Dealing with Subject Access Requests

Full-day course

Course prices:

Classroom: £329 +VAT per person

Course overview

Since the introduction of GDPR there has been a significant increase in the number of Subject Access Requests (SARs) submitted to Data Controllers by individuals (data subjects). Getting your response to a SAR wrong can have very damaging consequences: 62% of formal complaints to the Information Commissioner are in respect of mishandled SARs. It is crucial that everyone handling the requests knows exactly how to deal with them - regardless of whether they are quick-and-easy, mischievous or serious requests.

This highly practical and interactive one-day course will take you step-by-step through the process of assessing, organising, managing and recording your response to SARs in the most effective way possible.

Attending this course will help you to implement a streamlined SAR response strategy that fully meets your obligations under GDPR, takes the stress out of potentially difficult situations and helps you avoid ICO penalties or legal action from data subjects. The course is illustrated throughout with real-world scenarios and our expert presenter will happily address any queries pertinent to your organisation.

What will be covered?

  • The rights of individuals to access personal information
  • The obligations and responsibilities of the data controller
  • The policies, procedures and documentation you should have in place
  • The rules on how and when you must respond to a request
  • Tips and advice on managing the data collection process in the most efficient way possible
  • Getting cooperation from other staff and data processors
  • How to manage the effect of the SAR on other affected parties
  • Managing the liaison with the person making the request
  • Possible further consequences and actions that may follow a SAR

Who should attend?

This course is essential training for anyone performing the role of a Data Protection Officer or Data Protection Coordinator. It will benefit anyone with a responsibility for information or privacy as well as IT, Finance, HR, Payroll and Office Managers who need to know how to respond to SARs.

What questions will be answered?

  • What rights do individuals have to access information held about them and how far do those rights extend?
  • Why must you have a SAR policy and what should be included?
  • What should your Privacy Notice say about SARs?
  • What are the different forms in which a SAR may be submitted?
  • How can you ensure all your staff know what it is and what to do with it?
  • How much time are you allowed to respond and how can you pause or extend that response time?
  • Is it mandatory to always give a formal response?
  • Should you contact the applicant before proceeding with the response?
  • Why is ID validation important and how do you obtain it?
  • What are the administrative tasks involved in responding to a SAR and how should these be assigned?
  • How can you categorise requests and thus allocate resources effectively?
  • What constitutes Personal Data for the purpose of a SAR and how is this different from the everyday definition?
  • How can you decide whether information is ‘relatable’ to the data subject and why is this important?
  • What impact does the request have on sub-contracted data processors?
  • Which records, if any, are not covered by data protection law?
  • How do you set the terms for searching the data in the most efficient way?
  • What is the best way to collate the information for preparing the response?
  • What must you take into account regarding consultation with third parties?
  • Under what circumstances is it essential that you redact or withhold certain information?
  • Why do you need to carry out a balancing test on the data before it is released and how is this done correctly?
  • What reasons are there for not sharing information or for completely rejecting a SAR?
  • Who signs off on the final decision on which information should be shared?
  • What form should the final communication and full disclosure take?
  • How should each step be recorded internally?
  • How should you respond to a further complaint resulting from the disclosure or or non-disclosure?
  • What are your obligations to the ICO when receiving, managing and responding to a SAR?
  • What are the probable sanctions for failure to comply?
  • What will happen if the ICO decide to investigate?
  • How can you fine-tune the internal SAR-handling process for continuing improvement and efficiency?

Extra benefits

  • course pack containing the information presented on the day
  • Sample documents including a SAR policy, procedure, request form, response letters and register.
  • A SAR checklist to help you manage the process.
  • certificate of attendance
  • Complimentary refreshments and lunch provided

Course presenters

  • Peter Blenkinsopp

    Peter is a highly qualified privacy professional with a background in law, technology and business.  He has helped many organisations across the globe to successfully deliver business change within heavily regulated environments.  He runs his own consultancy practice specialising in helping companies achieve data privacy compliance. He holds an LL.B and LL.M along with professional certifications from the International Association of Privacy Professionals (IAPP).

Course dates

  • London - Hamilton House

    7 February 2019 | 9:30am-5:00pm | Peter Blenkinsopp

  • London - 46 New Broad Street

    2 April 2019 | 9:30am-5:00pm | Peter Blenkinsopp

  • Manchester - The Meeting Place

    4 April 2019 | 9:30am-5:00pm | Peter Blenkinsopp
Other courses you may be interested in

GDPR: Privacy and Data Protection in the UK

Classroom / In-house Updated

This course is a practical and comprehensive guide to complying with the requirements of UK data protection law. It will illustrate the measures and steps you need to take to satisfy the ICO, avoid complaints and still effectively run your organisation. 

£329 +VAT

Find out more

The Role of the Data Protection Officer under GDPR

Classroom / In-house New

This full-day course will explain everything you need to know about the DPO requirements and how they apply to your organisation. The course will also clearly explain where the DPO should fit in the organisational structure, what you need to consider when appointing and the duties of the DPO as set out in the GDPR.

£329 +VAT

Find out more

The Essentials of Employment Law

Classroom / In-house Updated

This course offers all those who have a responsibility for managing people or dealing with personnel issues the opportunity to gain a working understanding of their legal responsibilities under UK employment legislation. The course is continually updated and illustrated with case law.

£329 +VAT

Find out more

The Role of a Company Director

Classroom / In-house

The role of a company director is an important one and it carries many duties and responsibilities that are imposed by corporate governance rules and legislation. Keeping up to date with all of these requirements while still trying to carry out your day-to-day work can be a considerable challenge.

£329 +VAT

Find out more

The Role of a Company Secretary

Classroom / In-house

This practical and comprehensive one-day course will clearly explain the duties and responsibilities of a company secretary - equipping you with the essential knowledge to succeed in this challenging role.

£329 +VAT

Find out more

Satisfied customers