Duration

5 hour over 1 month

Starts

01 Aug 2019

Mode of Study

  • Distance Learning
  • Training for Business

Fees

£30

Interests

  • Business & Management

Why take this course?

This online course covers the key purposes of the General Data Protection Regulation (GDPR) providing learners with an overview of the legislation, what they must do to comply with it and the penalties for non-compliance. These penalties can be substantial and the GDPR states smaller offences could result in fines of up to €10 million or two per cent of a firm’s global turnover (whichever is greater). For more serious offences this can lead to fines of €20 million or four percent of turnover.

The General Data Protection Regulation (GDPR) law empowers people to gain full control of their personal data and creates a standardised level of data protection throughout the EU, with a view to influence and maintain responsible data practices on a global scale. This strengthening of data protection rules within the EU covers personal data such as names, addresses, phone numbers, email and IP addresses, etc. The GDPR has also added requirements for documenting IT procedures, performing risk assessments, notifying consumers and authorities if there is a breach, improved rules minimising the collection of personal data and its deletion when no longer necessary. It also increases control over the transfer of personal data outside the EU.

The course is aimed at decision makers and managers within an organisation who are responsible for planning, implementing and managing the handling of data and associated processes.

The online materials include quizzes and exercises to help reinforce learning. There is also an online assessment to test students’ understanding of the topic on completion of the course.

What you will experience

Units one and two in this e-learning course cover the key purposes of the legislation providing learners with an overview of the General Data Protection Regulation (GDPR), what they must do to comply with the legislation and the penalties for non-compliance. It is aimed at the decision makers and managers within an organisation who are responsible for planning, implementing and managing the handling of data and associated processes.

Units three and four include a definition of ‘personal data’ and cover the new rights for individuals introduced by the GDPR and how the GDPR strengthens some of the rights that existed under the old Data Protection Act (DPA).

The online materials include quizzes and exercises to help reinforce learning. There is also an online assessment to test students’ understanding of the topic on completion of the course.

Unit 1 – Introduction to the GDPR

  • Understanding what the General Data Protection Regulation (GDPR) is and why it was implemented
  • What Data Processors and Data Controllers are
  • The reasons for establishing and documenting a lawful basis for processing personal data
  • The importance of Data Processing Agreements
  • The purpose of Privacy Impact Assessments (PIAs)
  • The role of a Data Protection Officer (DPO)

Unit 2 – Complying with the GDPR

  • What needs to be done to comply with the GDPR
  • The importance of reviewing personal data collection processes
  • Handling requests for data and understanding what data portability is
  • Recognising when a data breach has occurred and following the correct data breach notification procedures
  • The penalties for non-compliance with the GDPR
  • The importance of privacy by design and default

Unit 3 – The Rights of Individuals – Part 1

  • The definition of ‘personal data’
  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure

Unit 4 – The Rights of Individuals – Part 2

  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling