0800 435 772

Preparing for the General Data Protection Regulation - GDPR

Full-day course

£ 289 +VAT per person

£ 289 +VAT
per person

This course can be presented in-house at your premises. You can find out more about our in-house training here.

If you would like to make an enquiry simply fill in the quick contact form below and a member of our in­house team will be in touch shortly.

Fields marked with an * are mandatory

Home > Courses > Preparing for the General Data Protection Regulation - GDPR

Preparing for the General Data Protection Regulation - GDPR

Full-day course

Course prices:

Classroom: £289 +VAT per person

Course overview

Data protection law in the UK is about to undergo the most significant changes since the Data Protection Act in 1998. The new EU General Data Protection Regulation (GDPR) came into effect in May 2016 and you have until May 2018 to become fully compliant. 

This course is a step-by-step guide to GDPR and will help you understand what you should be doing now and in the coming months to prepare for the important changes. The course will show you how to comply with the Regulation and what will change from the existing legislation. It will explain the new rules regarding the legal basis for processing, consent, privacy notices, control of personal data, mandatory breach reporting, complaints and penalties. The financial penalties for non-compliance will be very substantial so it is absolutely vital that your organisation is fully prepared as early as possible.

What will you learn?

  • How does the GDPR define data controllers, data processors and data subjects?
  • What are the new data protection principles?
  • What does the Regulation say about transferring data internationally?
  • If your organisation operates in more than one country, to which Supervisory Authority should you typically report?
  • Why do you need to know and state your legal basis for processing data?
  • How must ‘consent’ be obtained under the new rules?
  • What is meant by ‘profiling’ and how is it restricted?
  • What will need to be included in a Privacy Notice?
  • How can you demonstrate that you are processing data fairly?
  • When and how should pseudonymisation be used?
  • What are the new rules regarding the personal data of children?
  • What is data portability?
  • What rights do people have to see, change or restrict the use of information held about them?
  • What are the new rights to prevent direct marketing or automatic decision-making?
  • What is the right to be forgotten and how is it enforced?
  • On what grounds may these rights be refused?
  • What are the new notification rules in the event of a data breach?
  • When must you undertake a Privacy Impact Assessment?
  • Does GDPR make the appointment of a Data Protection Officer compulsory?
  • How can an individual make a complaint about the use of their data and what remedies are available?
  • How must an organisation respond to complaints?
  • What are the new financial penalties that can be imposed in the event of a breach or complaint?
  • What steps and milestones need to be included in your action plan so that you are ready when the new Regulation becomes fully enforceable?

Who should attend?

This course will benefit any staff working in HR, IT, compliance, operations and finance, as well as legal advisors, marketing professionals, company secretaries, directors and anyone with a responsibility for managing data or advising on data protection issues.

A detailed knowledge of the current law is not essential to attend this course.

Extra benefits

  • A course pack containing the information presented on the day
  • An action plan setting out the key points to consider that you can take away and complete for your organisation
  • A certificate of attendance

Course presenters

  • Linda Bazant

    Linda Bazant is a Barrister, specialising in corporate and media law, with special emphasis on compliance and corporate governance. She advises major blue-chip companies on the implementation of legal process and procedures. Linda is currently focused on advising businesses of the new GDPR and has spoken extensively on the subject. She also provides GDPR audits, training and delivers regular webinars.

    Linda is also a co-founder of Business Connections Live TV, an internet business channel, creative business communications agency and training company.

  • Peter Blenkinsopp

    Peter is a highly qualified privacy professional with a background in law, technology and business.  He has helped many organisations across the globe to successfully deliver business change within heavily regulated environments.  He runs his own consultancy practice specialising in helping companies achieve data privacy compliance. He holds an LL.B and LL.M along with professional certifications from the International Association of Privacy Professionals (IAPP).

  • David Campbell

    David is a practising Solicitor who has worked within and provided training to the legal department of public and private sector organisations for more than 20 years. He is a regulatory compliance specialist and in recent years has worked primarily in the field of data protection.  He currently offers practical advice and training to a variety of organisations in relation to the GDPR and how to comply with it.

  • Keith Dewey

    Keith is a well-established information security and data protection practitioner, with extensive experience in training, public speaking and consulting.

    He has held CISO and DPO roles at large UK companies, and worked across a range of industries including financial services, utilities and real estate. Keith is also a Certified EU GDPR Practitioner, has a Certificate in Information Security Management Principles (CISMP) and passed the Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC) exams.

  • Harry Ewins

    Harry is an experienced business leader, with extensive experience in advising on and assessing quality standards. He runs his own consultancy practice that delivers training and consulting on the GDPR, particularly with educational bodies, having been a School Governor for a Special School and on the Executive Teams in Independent Schools for over 12 years. He is a Certified Management Consultant (CMC) and a member of the Institute of Consulting.

  • Kristy Gouldsmith

    Kristy is a former barrister and has an LLB, and LLM and her Postgraduate Certificate in Education.  She taught degree level law, including data protection law, for five years and now works as a GDPR consultant, auditor and trainer.  Kristy is very experienced in working with organisations to help them achieve GDPR compliance.

  • Emma Green

    Emma is a distinguished trainer with over 20 years experience in delivering training and supporting a wide range of industries in both the private and public sector. She performs GDPR and data protection training for organisations and is able to communicate complex, technical subject matter into clear, concise language to all levels of the organisation. Emma also performs GDPR audits to help organisations become compliant. 

  • Mark James

    Mark is a highly qualified data compliance professional with many years experience of helping organisations of all sizes both in the UK and internationally. He runs his own consultancy and is an independent Data Protection Officer for a number of organisations, specialising in the achievement of GDPR compliant status.

  • Tim Musson

    Tim has many years experience as a university lecturer in computing. Since leaving the University in 2010 he has been working in data protection. Recently he has provided training and support for many organisations preparing for the GDPR. He delivers training on the GDPR to Scottish solicitors on behalf of the Law Society of Scotland, where he is convenor of the Privacy law Committee and a member of the Technology Committee.

Course dates