An introduction to the Data Protection Act and the risks to you!
Cosensa
Summary
We accept all major credit and debit cards.
- Certificate of completion - Free
- Tutor is available to students
Location & dates
Falcon Road
BELFAST
County Antrim
BT126SJ
United Kingdom
EDINBURGH
Midlothian
EH39DE
United Kingdom
GLASGOW
Lanarkshire
G24DT
United Kingdom
LEEDS
West Yorkshire
LS14HR
United Kingdom
Overview
The Data Protection Act 1998 (DPA) places a requirement on all organisations; large or small, public or private, to process personal data or sensitive personal data in a manner that complies with the eight Data Protection Principles enshrined in the Act. The Information Commissioner (ICO); the office charged with managing the Act's outworking and with policing the practices, procedures and compliance standards of those responsible for the processing of personal or sensitive personal on a day-to-day basis, has exercised their rights to fine or place enforceable practice notices on those who breach these Principles.
The highest fine that can be laid down is £500,000; the highest fine that has been levied is £375,000 for process failures. In these days of financial austerity no organisation can withstand a fine of that magnitude, even the more usual fine of £30,000 would cause serious harm to an organisation's viability.
Many in the data industry today would point the finger of blame at failings in organisational data governance, or the failure of Directors and Management to consider a data breach as a 'business critical' risk. For more detailed information on current action by the ICO, there you will see a list of fines and enforcements imposed upon private businesses, Councils, and Government Bodies who have been heavily penalised for poor DPA practice or a failure to police their organisation's DPA Policy or procedures effectively. The very existence of this list should cause Directors, Managers and Data Specialists alike to seek guidance and professional assistance.
Description
Contents
This one day DPA programme has been specifically designed to allow participants to:
- Understand their requirements under the DPA;
- Be able to assess their current compliance standards against best DPA processing practice, policies, procedures and protocols;
- Develop effective auditable DPA processing practices that include:
- a. Subject Access Request handling;
- b. Third Party Request handling;
- c. Information sharing agreements;
- d. Compliant review and complaint handling procedures; and,
- e. Higher Level review and decision-making.
- Understand the need to align DPA Policies and processes with supporting Data Retention and Disposal, Records
- Management, Information Security, Communications, Remote Working, and IT Policies
- CCTV and the DPA and the Regulation of Investigatory Powers Act.
Programme contents will include the following:
- An introduction to the DPA
- ICO registration and compliance
- An understanding of the 8 DPA Principles
- The difference between personal data and sensitive personal data and the increased compliance standards
- Key roles and responsibilities
- The basics of processing: What is; What it requires; The necessary process, procedural and protocol compliance requirements
- Understanding data states; processing, transportation, transmission, remote storage
- Dealing with: Subject Access Requests; Third Party Access Requests; Sharing of Information; Complaints and Reviews
- The geographical limits of the Act
- The relationship of the Act with the Freedom of Information Act and Environmental Information Regulations
- A gaze into the near future of DPA compliance and the changes that are in the pipeline.
Course benefits
- Peace of Mind
- Enhanced governance and resilience
- Policy and procedural compliance
- Cost savings due to effective processing and reduction in DPA related complaints
- Effective and robust audit trails that aid informed decision making
- Robust aligned and trackable policies
- Enhanced employee knowledge
- Role responsibility and competency
Additional Programmes Available
- Compliance Skills for Data Protection Professionals
- How to undertake an effective DPA audit
- The Role of the Data Controller: Your Rights, Your Responsibilities!
- The Role of the Data Manager
- Developing an Effective and Compliant DPA Policy
- Imbedding compliant DPA Organisational Culture Change
Trainers background
The trainer for this course works internationally, predominantly in the US, Canada and the Middle East and has been successfully delivering Data Protection and Freedom of Information based training programmes internationally for the last ten years. He has specific expertise in developing operational process diagrams based around information security and in conducting penetration testing on data storage and disposal.
Who is this course for?
- Owners of small to medium or larger enterprises who are involved in business export
- Those who handle business closures or receivership
- Directors, Managers and those who are responsible for any part of the processing of personal or sensitive personal data.
- Those who directly respond to Subject Access Requests
- Those who manage DPA related complaints and review processes
- Those responsible for CCTV activities and respond to requests for recordings
- Marketing and customer facing staff who process or gather third party data.
Course benefits
Questions and answers
Certificates
Certificate of completion
Digital certificate - Included
Reviews
Currently there are no reviews for this course. Be the first to leave a review.
Legal information
This course is advertised on reed.co.uk by the Course Provider, whose terms and conditions apply. Purchases are made directly from the Course Provider, and as such, content and materials are supplied by the Course Provider directly. Reed is acting as agent and not reseller in relation to this course. Reed's only responsibility is to facilitate your payment for the course. It is your responsibility to review and agree to the Course Provider's terms and conditions and satisfy yourself as to the suitability of the course you intend to purchase. Reed will not have any responsibility for the content of the course and/or associated materials.