Training

Morning: Data protection - The essentials

Learning goals: Master the core concepts and learn to “speak GDPR”.

Topics:

• Introduction to GDPR: context, aims and practical applications
• Core concepts: personal data, processing, controller and processor, data subject rights, etc.
• Data, a new direction? How to respond to the UK government’s proposed reform.

Afternoon: GDPR compliance – The building blocks

Learning goals: Understand how to structure and roll out your compliance.

Topics:

• How to map your data and audit compliance
• Prepare your data inventory (record of processing activities)
• The DPO. Do I need one? Who should I appoint?
• Impact analysis: when and how.
• Compliance processes: data subject rights, data breach, retention periods.

Morning: Consent and transparency workshop – Inform, communicate, build trust

Learning goals: Learn how to draft privacy notices, capture consent, update your website and negotiate your GDPR contracts.

Topics:

• Privacy notices: what to put in them and how to display them.
• Marketing compliance: when and how to get consent for my newsletter? How to communicate with leads and customers?
• HR: what information do I need do I need to give to my employees and job applicants?
• GDPR contracts and suppliers: the “data processing agreement” (DPA)
• Data transfers: can I transfer personal data between the EU, the UK and the rest of the world?

Afternoon : Data security – Anticipate risk and protect your business

Learning goals: Understand the technical risks for your organisation, learn to react to a security breach.

Topics:

• The cyber-threat landscape, what are my weak spots?
• Cybersecurity best practices.
• Personal data breach, how to respond?
• Audit and control your suppliers

Summary and Q&A

Review of the topics covered on days one and two. Q&A session with our experts.