‘Preparing for the General Data Protection Regulation’ will enable you to understand the new GDPR and start implementing it in your school. The GDPR will replace the Data Protection Act in May 2018 and will affect every school as you process data on vulnerable individuals who are deserving of special protection. This course is aimed at people who have no prior knowledge of data protection law.
How will I benefit?
Upon completion of this course, you will:
- Know what Ofsted will be looking for
- Understand the principles of the GDPR
- Know the legal rights of data subjects
- Be able to deal with subject access requests
- Be able to handle incident breaches
- Understand the legal bases for processing
- Draft Fair Processing Notices
- Be able to start updating policies and procedures
- Understand who can be your legal data protection officer
What will I learn?
This course will help you to understand the GDPR and give you the knowledge to start implementing it in your school. As complying with the GDPR is a legal requirement and the fines can range from 4% of your annual turnover or €20 million, it is very important to start preparing now.
Objective: to develop an understanding of the new GDPR and how it relates to your school.
- Background to the GDPR (DPA)
- Essential EU GDPR background and terminology: Data Controller, Data Processor, Data Subject, Personal Data, Special Personal Data
- Principles of the GDPR: Fairness and lawfulness, Purpose limitation, Proportionality, Accuracy, Storage limitation, Integrity and confidentiality, Privacy by Design & Accountability (Responsibility of controllers and processors, Data protection by design and by default, Documentation and cooperation with regulators & Data protection impact assessment).
- Data subjects and their rights: Rectification, Erasure and the right to be forgotten (RTFBF), Restriction and objection, Automated decision making, including profiling & Data portability.
- Dealing with subject access requests
- Legal basis for processing: Consent, Contract, Legal Obligation, Vital Interest, Public Interest & Legitimate Interest
- Incident response and breach reporting: Process and procedures, Infringements and fines & Data subject compensation
- Updating policies and procedures: Fair processing notices
- Data Protection Officers: Qualification & Role
- International data transfer rules: Privacy Shield, Model contracts & Binding Corporate Rules (BCRs)
Who can benefit from this course?
- Senior management
- Head of HR
- Head of IT
- Management level with a responsibility for data
- Really, anyone who processes personal data
This course is available for just £80 per person ex VAT. Payments to be made in advance. Our next course dates are:
Please contact us for future dates.