• Step 1 – Understanding why data protection is important
• Step 2 – Recognising what personal data is... and what it isn’t
• Step 3 – Deciding how personal data can legally be used... and how it can’t
• Step 4 – Looking after and keeping personal data secure
• Step 5 – Taking responsibility and being accountable
• Step 6 – Anticipating data subjects asserting their rights
• Step 7 – Complying with the Regulator’s requirements

This course will benefit any member of staff who needs to have a general but practical awareness of data protection law and is responsible for managing or handling personal data.

• What is meant by data processing?
• How do you know exactly what personal data is?
• What is a data subject?
• Which elements of personal data are subject to special rules and extra protection?
• Who is the data controller?
• Who are data processors and how should you work with them?
• What are the data protection principles?
• What do you need to be aware of when collecting information about people?
• What exactly does the law say you can do, and not do, with that information?
• How long can you keep information about people and when should you delete it?
• What legal basis do you have for processing the personal data you collect?
• Do you always need consent to process personal data?
• What does the law say about the standard of security required if you hold personal information about people?
• What constitutes a personal data breach?
• What steps can you take to avoid data breaches occurring?
• What do you need to do when a data breach occurs?
• Who is accountable for the way you process information and what records do you need to keep?
• What rights do people have to access or stop you using their personal information?
• What should you do when faced with a Subject Access Request or removal request?

• A course pack containing the information presented on the day
• A certificate of attendance