Our training and workshops are delivered by lawyers and data protection and privacy specialists who have proven experience in court and in helping organisations understand, plan and deliver on their GDPR challenges
This 3-day course provides a comprehensive practical overview of the Data Protection Officer – not only the first significant statutory company officer to be created in centuries, but by far the most onerous of all.
Through a practical course for non-lawyers, this course is delivered only by qualified data protection lawyers with court litigation experience.
In the course you’ll learn what it means in law to be a DPO. You’ll learn the methodology of how to approach the office as the law changes underneath your feet. You’ll discover a number of the analytical techniques required to perform the job, including how quantitatively to measure your own and your enterprise’s GDPR compliance and to quantify its mirror image, GDPR financial risk. And you’ll practice your new learning with practical class exercises, creation of processing records, analysis of consequences including context-specific subject right implementations. and production of processing-specific Notices and statutory High-Risk Testing. Finally, you’ll see examples of the legal cases that law firms representing your data subjects might draft against your chosen solutions.
There are special sections devoted to Brexit (all scenarios), and how to handle the Merger and Acquisition risks associated with the office of DPO.
At the end of this course you demonstrably will have acquired theoretical and practical knowledge of how to create solutions to the privacy issues that affect virtually every business.
This course is ideal for:
- Students
- Professionals;
- Those who wish to understand, aspire to, or prepare for entry to the DPO office;
- Existing DPOs (or lawyers performing Continuing Professional Development) wishing to update themselves on law and associated techniques
- Staff who work with DPOs
- Board Directors who are considering Mergers and Acquisitions and/or tasked with DPO oversight
- Senior executives (including the Board of Directors/Commissioners, Audit Committee and the Risk Management Committee)
Delegates will also be provided with:
- GDPR workshop material
- Supplementary documentation
- Links to the GDPR and other relevant material
Duration | 24 hours of instructor-led study |
Prerequisites | Reading as above plus some knowledge of privacy.
Delegates preferably should already be involved as a DPO/data protection manager/data protection analyst; actively involved on GDPR/remediation projects; or preparing for a DPO appointment; or data protection lawyer; or Board director with oversight of DPO. |
Learning Objectives |
|
Curriculum | Part 1 – GDPR Theory Refresher
Part 2 – DPO Theory
Part 3 – DPO Compliance Methodology in Practice
Part 4 –Practicing DPO Compliance Skills
|
Classroom | White-board, notebooks, overhead/data projector and access to the internet for some exercises |
In-class Requirements | Desktops available to delegates with internet access |
Webinar Delivery Option | Yes |
License | Via GDPR360 |
Pre-reading | Yes (communicated after booking) |
Suggested reading | Delegates will be provided links to the GDPR and other relevant material. It is expected that the delegates will have reviewed the GDPR text. |
Updates | Ad hoc depending on Brexit, EDPB Decisions / Opinions / Guidance, Commission or Supervisor Adequacy Decisions, international treaties, political climate, changes to law and case judgements as may be relevant to the course material (formal changes capped at 4 times per year) |
Exam | Yes |
Name | DPO Masterclass |
Cost | £80 (ex-VAT) |
Exam details | 40 multiple-choice questions, 50% pass mark required, 1-hour, closed book, on-line/on-site exam |
Exam body | GDPR360 |
Practice Exams | Yes, one practice provided during the course (others available for purchase) |
This 2-day workshop is designed to fast-track delegates through the GDPR via a comprehensive syllabus that includes 18 modules with Q&A sessions and group exercises to consolidate knowledge and share a practical approach to delivering on your legal obligations under the GDPR. The focus is on practical application of the material covered.
Delegates will be taken through practical exercises to reinforce course material and have access to an online compliance platform on which many of the exercises will be undertaken.
For UK delivery1 there are two important aspects that are considered – adoption of much of the GDPR by the DPA (2018) and the implications of Brexit.
Workshop material is fully cross-referenced online with the GDPR down to clause level with clickable links taking delegates directly to the relevant recital or article.
1 For ASEAN delivery we include a section in Module 3 (Territoriality) on comparative data protection [Singapore, Malaysia, Indonesia, and Australia].
This course is relevant to:
- Senior executives (including the Board of Directors/Commissioners, Audit Committee, and the Risk Management Committee)
- Business leaders
- Governance, risk and compliance practitioners
- Data Privacy and security professionals (CISOs, CIROs)
- CIOs
- Portfolio and programme managers and auditors
- Anyone with responsibility for personal data processing in the organisation
Delegates will also be provided with:
- GDPR workshop material
- Supplementary documentation
- Examples of:
- Enterprise-level GDPR plans
- Privacy impact assessment
- Breach response processes
- DPIA guidance
- Policies localised for the GDPR
- Predefined data subject rights processes templates
Duration | 16 hours of instructor-led study |
Prerequisites |
|
Learning Objectives |
|
Curriculum | Module 1 – Introduction to GDPR and Privacy
Module 2 – Question of domicile, residence, citizenship or location? Module 3 – Territoriality and a touch of Brexit Module 4 – Personal Data and Special Categories Module 5 – Principles and accountability Module 6 – Non-consent legal bases for processing personal data Module 7 – Consent Module 8 – DPO (Data Protection Officer) Module 9 – Controllers, Joint Controllers and Processors Module 10 – Records of processing Module 11 – Privacy notices Module 12 – Data Protection Impact Assessments (DPIA) Module 13 – Data subject rights and how to respond Module 14 – Data breach notification Module 15 – Security Module 16 – Transfers Module 17 – Data protection by design and default Module 18 – Penalties |
Classroom | White-board, notebooks, overhead/data projector, and access to the internet for some exercises |
In-class Requirements | Desktops available to delegates with internet access |
Webinar Delivery Option | Yes |
License | Via GDPR360 |
Pre-reading | Yes (communicated after booking) |
Suggested reading | Delegates will be provided links to the GDPR and other relevant material. It is expected that the delegates will have reviewed the GDPR text. |
Updates | Approximately every 6 months (or as necessary depending on political climate, changes to law and case judgements as may be relevant to the course material (capped at 4 times per year)) |
Exam | Yes |
Name | GDPR Fast-track |
Cost | £80 (ex-VAT) |
Exam details | 40 multiple-choice questions, 60% pass mark required, 1-hour, closed book, on-line/on-site exam |
Exam body | GDPR360 |
Practice Exams | Yes, one practice provided during the course (others available for purchase) |
This 3-day course delivered by a data protection lawyer provides a comprehensive practical overview of the General Data Protection Regulation [(EU) 2016/679]. As a practitioner course, you’ll study the regulation itself, including GDPR basics and risk management.
You’ll also study GDPR’s relationship to current data protection and privacy legislation in Europe and elsewhere and learn the multi-jurisdictional consequences for the collection, retention, and processing of Personal Data.
Rather than learning ‘by rote’, you’ll learn how to interpret and apply the GDPR to practical situations. So this is a ‘deep dive’. For example you’ll appreciate from a recent case why choosing the correct legal basis for personal data processing is fundamental to avoid a ‘cascade’ of many other breaches; the logical and practical connections of ‘monitoring’ and ‘profiling’, and why this typically is misunderstood by lawyers and business alike; why recruiting DPOs like other employment candidates necessarily assumes substantial risk; and the pros and cons of the international transfer regimes.
Recent additions to the course include practical examples of fines and the reasoning behind them; the differing effects of Brexit on GDPR compliance, depending on whether you are a UK an EU, or a third-country enterprise; why the GDPR cannot be affected by whatever trade deals entered into by the UK, or not; why many national enactments of opt-outs (including the UK’s post-Brexit) will fail; and how the risks of data trade war with the USA have played out in Court.
Finally you’ll discover what the integrated Personal Data environment would look like in your organisation. You’ll then be able to develop, integrate and manage the changes required by GDPR in your organisation’s governance, business and data processing.
This course is ideal for:
- Chief risk officers responsible for process and governance
- Lawyers wishing to understand the whole context of GDPR
- Auditors, risk and compliance practitioners
- Data privacy, security and compliance consultants
Delegates will also be provided with:
- GDPR workshop material
- Supplementary documentation
- Links to the GDPR and other relevant material
Duration | 24 hours of instructor-led study |
Prerequisites |
|
Learning Objectives |
|
Curriculum |
|
Classroom | White-board, notebooks, overhead/data projector and access to the internet for some exercises |
In-class Requirements | Desktops available to delegates with internet access |
Webinar Delivery Option | Yes |
License | Via GDPR360 |
Pre-reading | Yes (communicated after booking) |
Suggested reading | Delegates will be provided links to the GDPR and other relevant material. It is expected that the delegates will have reviewed the GDPR text. |
Updates | Ad hoc depending on Brexit, EDPB Decisions / Opinions / Guidance, Commission or Supervisor Adequacy Decisions, international treaties, political climate, changes to law and case judgements as may be relevant to the course material (formal changes capped at 4 times per year) |
Exam | Yes |
Name | GDPR Masterclass |
Cost | £80 (ex-VAT) |
Exam details |
|
Exam body | GDPR360 |
Practice Exams | Yes, one practice provided during the course (others available for purchase) |