0

0800 435 772

GDPR: Privacy and Data Protection in the UK

Updated Full-day course

£ 329 +VAT per person

£329 +VAT
per person

This course can be presented in-house at your premises. You can find out more about our in-house training here.

If you would like to make an enquiry simply fill in the quick contact form below and a member of our in­house team will be in touch shortly.

Fields marked with an * are mandatory

Home > Courses > GDPR: Privacy and Data Protection in the UK

GDPR: Privacy and Data Protection in the UK

Full-day course

Course prices:

Classroom: £329 +VAT per person

Course overview

The introduction of the General Data Protection Regulation (GDPR) has seen a fundamental shift in attitudes towards privacy and data protection in the UK. In conjunction with the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations the data protection regime is now tougher than ever before. It is essential that you and your organisation are able to adapt to this newly challenging environment.

This one-day course is a practical and comprehensive guide to complying with the requirements of UK data protection law. It will help you understand the definitions that are so crucial to getting your compliance right. It will also illustrate the measures and steps you need to take to satisfy the ICO, avoid complaints and still effectively run your organisation. It will help you to understand the reality of your risk and thus make informed decisions, avoid over-complicating processes and creating unnecessary difficulties.

The course is presented by data protection experts who have a clear understanding of the legal landscape and will be happy to address any concerns your organisation may have. It is carefully designed to not only be hugely informative but also interactive and enjoyable for attendees.

Who should attend?

This course will benefit any staff working in HR, IT, compliance, operations and finance, as well as legal advisors, marketing professionals, company secretaries, directors and anyone with a responsibility for managing data or advising on data protection issues.

What will you learn?

  • Why is privacy and data protection important? What is its purpose?
  • What is the relationship between the GDPR, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations and other legislation?
  • To whom does data protection law apply? Who is protected and who must comply?
  • What constitutes processing of personal data? How can you tell which information you collect falls within the definition of personal data?
  • Which categories of personal data require special treatment?
  • What is the difference between a data controller and a data processor?
  • What information must be included on a Privacy Notice and why must you have one?
  • How long is it appropriate for you to retain personal data?
  • Why is the principle of ‘accountability’ so important to GDPR?
  • Which policies, procedures, records and registers can help you to demonstrate accountability?
  • What is the difference between Privacy by Design and Privacy by Default?
  • What are the six legal bases for processing personal data? How does the basis you choose affect the rights of data subjects?
  • Do you need to include data processing activities in all your contracts?
  • What are the new rules on consent and when is it appropriate to ask for it?
  • How and why may you process personal data without relying on consent?
  • How does PECR restrict your use of email, text and telephone calls for marketing purposes?
  • How do you distinguish between individual and corporate subscribers and what are the different constraints on marketing to them?
  • What rights do data subjects have and how can they be exercised?
  • What is the right to be forgotten? What should you do if someone asks you to erase all data you hold about them?
  • What is meant by automated decision making and profiling?
  • What are the implications of the new right to claim compensation? How can you protect your business from compensation claims?
  • On what grounds may you refuse to comply with the request of a data subject?
  • When must you undertake a Data Protection Impact Assessment and how should it be done?
  • What constitutes a personal data breach and to whom must it be reported? What should be recorded on a data breach register?
  • Who must appoint a mandatory Data Protection Officer? What are tasks involved and skills required?
  • Who can and cannot be appointed as a DPO?
  • If you transfer data internationally, what safeguards must you put in place?
  • What are your obligations to the Information Commissioner?
  • What powers does the ICO have to enforce data protection law and investigate potential data breaches?
  • What are the new fines and penalties the ICO has at its disposal?
  • What is the new charging scheme for registration with the ICO?

Extra benefits

  • A course pack containing the information presented on the day
  • A toolkit of checklists to help you implement your policies and procedures.
  • A certificate of attendance

Course presenters

  • Peter Blenkinsopp

    Peter is a highly qualified privacy professional with a background in law, technology and business.  He has helped many organisations across the globe to successfully deliver business change within heavily regulated environments.  He runs his own consultancy practice specialising in helping companies achieve data privacy compliance. He holds an LL.B and LL.M along with professional certifications from the International Association of Privacy Professionals (IAPP).

  • David Campbell

    David is a practising Solicitor who has worked within and provided training to the legal department of public and private sector organisations for more than 20 years. He is a regulatory compliance specialist and in recent years has worked primarily in the field of data protection.  He currently offers practical advice and training to a variety of organisations in relation to the GDPR and how to comply with it.

  • Keith Dewey

    Keith is a well-established information security and data protection practitioner, with extensive experience in training, public speaking and consulting.

    He has held CISO and DPO roles at large UK companies, and worked across a range of industries including financial services, utilities and real estate. Keith is also a Certified EU GDPR Practitioner, has a Certificate in Information Security Management Principles (CISMP) and passed the Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC) exams.

  • Harry Ewins

    Harry is an experienced business leader, with extensive experience in advising on and assessing quality standards. He runs his own consultancy practice that delivers training and consulting on the GDPR, particularly with educational bodies, having been a School Governor for a Special School and on the Executive Teams in Independent Schools for over 12 years. He is a Certified Management Consultant (CMC) and a member of the Institute of Consulting.

  • Emma Green

    Emma is a distinguished trainer with over 20 years experience in delivering training and supporting a wide range of industries in both the private and public sector. She performs GDPR and data protection training for organisations and is able to communicate complex, technical subject matter into clear, concise language to all levels of the organisation. Emma also performs GDPR audits to help organisations become compliant. 

  • Mark James

    Mark is a highly qualified data compliance professional with many years experience of helping organisations of all sizes both in the UK and internationally. He runs his own consultancy and is an independent Data Protection Officer for a number of organisations, specialising in the achievement of GDPR compliant status.

  • Tim Musson

    Tim has many years experience as a university lecturer in computing. Since leaving the University in 2010 he has been working in data protection. Recently he has provided training and support for many organisations preparing for the GDPR. He delivers training on the GDPR to Scottish solicitors on behalf of the Law Society of Scotland, where he is convenor of the Privacy law Committee and a member of the Technology Committee.

Course dates