0800 435 772

GDPR Staff Awareness

2-hour course  |  2 CPD hours

£229 +VAT per person

This course can be presented in-house at your premises. You can find out more about our in-house training here.

If you would like to make an enquiry simply fill in the quick contact form below and a member of our in­house team will be in touch shortly.

Fields marked with an * are mandatory

Home > > GDPR Staff Awareness

GDPR Staff Awareness

2-hour course

Course overview

The day-to-day handling of personal data will mostly be done by non-specialist employees and your company will suffer the consequences if mistakes are made.

It is a requirement under Article 39 of GDPR that staff are regularly trained on their responsibilities. This online awareness course is essential for ensuring employees understand the key data protection principles and the common areas where they may fall foul of the law. It is a simple step-by-step guide, presented in an easy to follow, interactive and enjoyable style.

The course is developed and presented by data protection experts who have many years experience of dealing with these issues in organisations of all sizes.

Course content

  • Step 1 – Understanding why data protection is important
  • Step 2 – Recognising what personal data is... and what it isn’t
  • Step 3 – Deciding how personal data can legally be used... and how it can’t
  • Step 4 – Looking after and keeping personal data secure
  • Step 5 – Taking responsibility and being accountable
  • Step 6 – Anticipating data subjects asserting their rights
  • Step 7 – Complying with the Regulator’s requirements

Who should attend?

This course will benefit any member of staff who needs to have a general but practical awareness of data protection law and is responsible for managing or handling personal data.

What will you learn?

  • What is meant by data processing?
  • How do you know exactly what personal data is?
  • What is a data subject?
  • Which elements of personal data are subject to special rules and extra protection?
  • Who is the data controller?
  • Who are data processors and how should you work with them?
  • What are the data protection principles?
  • What do you need to be aware of when collecting information about people?
  • What exactly does the law say you can do, and not do, with that information?
  • How long can you keep information about people and when should you delete it?
  • What legal basis do you have for processing the personal data you collect?
  • Do you always need consent to process personal data?
  • What does the law say about the standard of security required if you hold personal information about people?
  • What constitutes a personal data breach?
  • What steps can you take to avoid data breaches occurring?
  • What do you need to do when a data breach occurs?
  • Who is accountable for the way you process information and what records do you need to keep?
  • What rights do people have to access or stop you using their personal information?
  • What should you do when faced with a Subject Access Request or removal request?

Extra benefits

  • A course pack containing the information presented on the day
  • A certificate of attendance

Course presenters

  • Keith Dewey

    Keith is a well-established information security and data protection practitioner, with extensive experience in training, public speaking and consulting.

    He has held CISO and DPO roles at large UK companies, and worked across a range of industries including financial services, utilities and real estate. Keith is also a Certified EU GDPR Practitioner, has a Certificate in Information Security Management Principles (CISMP) and passed the Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC) exams.

    View testimonials