What do you know about the Data Protection Act 1998? It can be seen as an annoying hindrance but it is essential to ensuring the privacy of your customers, clients and employees is properly protected. And the obligations are greater under the new Regulation - the GDPR which will come into force on 25 May 2018. Getting compliance wrong after this date could lead to significant fines: up to €20,000,000 or 4% global turnover, whichever is higher.
This introductory level course will provide you with practical advice starting with DP Basics; highlighting the significant changes coming and providing guidance on how to prepare for the new and enhanced obligations under the GDPR which put your customers, clients and employees in control of their personal data.
We will also talk about what to do in the event of a personal data breach.
What You Will Learn
This course will cover the following:
- Overview of the DPA 1998 and what you should be doing already
- Definitions - what is personal data?
- How to process personal data fairly and lawfully
- How to keep personal data secure and the TalkTalk ICO fine
- Subject access requests and recent judicial interpretation
- GDPR and the changes from May 2018
- Legal processing and consent
- Fair processing and privacy notices
- Recording Data Processing
- Data Protection Officers
- Data Protection Impact Assessments and Data Protection by Design
- How to deal with a personal data breach
- Breach v's Incident
- To notify or not to notify
- The powers of the ICO
- Compensation and Vidal Hall v Google
- Marketing and how to comply with DPA and PECRs
- The RSPCA and BHF ICO fines
- Mail and Email
- Soft Opt-in