Data Protection Certification Course

Completing this course will help you to:

• Understand the importance of data protection legislation and compliance in the UK
• Interpret key terminology of the UK GDPR and Data Protection Act 2018 (DPA) in a practical context
• Understand the key obligations of the UK GDPR and DPA
• Create policies and procedures necessary for data protection compliance and accountability
• Carry out a data protection audit and gap analysis
• Develop an action plan to address a data protection gap analysis
• Respond appropriately to data protection issues arising in an organisation
• Carry out the duties of a data protection officer effectively

Alongside use of our Law Society of Scotland marque and your certification, successful completion of this course will award you with The Data Protection (GDPR) Practitioner Certificate.

This is an internationally recognised qualification, endorsed by TQUK, which is regulated by Ofqual. It equips current and aspiring data protection officers and data protection managers with knowledge and skills to undertake data protection compliance activities throughout an organisation. It is a valuable course for anybody with data protection compliance responsibilities.

The course is suitable for members, or non-members, working in all areas of the profession from high street to big firm, and in-house, with a responsibility for data protection. The course assumes no prior knowledge but you will come away with a expert understanding of data protection issues. 

This course is for you if: 

• You are already acting as a data protection officer (DPO)
• You will be acting as DPO in the future
• You wish to gain employment as a DPO
• You have data protection responsibilities
• You wish to develop data protection as a practice area
• You have an interest in data protection issues and want to demonstrate practical skills and learning in this area.

1. Sign up for the certified course in Data Protection
2. Attend five live online training days facilitated by Computer Law Training (29 hours verifiable CPD)
3. Complete the online test (1 hr verified CPD)
4. Certification in Data Protection awarded with use of our marque alongside obtaining a certificate (Data Protection (GDPR) Practitioner Certificate) awarded by TQUK.

Day one will give a history and overview to all things data protection and will serve as an in-depth introduction to the rest of the course. 

History and Background:

• Brief historical development
• Importance of data protection

UK GDPR Overview:

• Scope (material and territorial)
• Essential Definitions
• Data Protection Principles
• Transparency
• Data Subject Rights
• Information Security Requirements
• Breach Reporting / Recording
• Data Protection by design & default
• Data Protection Impact Assessments
• Data Processors
• Restricted (International) Transfers
• Relationship with EU GDPR

What is Personal Data?

• ICO guidance
• Durant and other cases
• Special Category (‘sensitive’) data

The Data Protection Principles

Purposes of Processing & Legal Bases:

• Specified, Explicit, Legitimate Purposes
• Lawfulness Requirement
• 6 Legal Bases
• Deciding on a Legal Basis

Day two will take more of a deep dive into consent, transparency requirements, data subject rights and data sharing, including (joint) controllers and processors.

Consent in Detail:

• Definition
• Operation of Consent
• Problems with consent

Special Categories of Personal Data:

• What are Special Categories
• Why they are important
• Criminal Conviction and Offence Data
• Conditions for Processing

Transparency Requirements:

•  Information Required and ’Modalities’
•  ‘Layered’ Approach
•  Exemptions

Data Subject Rights:

• Availability
• Management Issues
• Responding
• Procedures

Data Sharing, Processors and Controllers:

• Processors and Contracts
• Joint Controllers and Agreements
• One-off Sharing
• Legal Basis

Day three will focus on information security and data breach reporting obligations, safeguards relating to international transfers of personal data and a collection of topics relating to accountability. 

Information Security Obligations:

• Risk analysis
• ‘Appropriate’ Security
• Some Common Security Risks
• Breach Reporting and Recording obligations

Restricted (International) Transfers:

• Requirements
• Adequacy, the EU and the US
• Transfers with Appropriate Safeguards: IDTA and Impact Assessment
• Binding Corporate Rules
• Derogations for Specific Situations
• Schrems Judgement and its Implications
• Cloud Services

The Accountability Principle:

• The "Accountability Portfolio"

Data Protection by Design & by Default:

• Data Protection Impact Assessments (DPIAs)
• Criteria for a DPIA
• Carrying out a DPIA

Privacy Enhancing Technologies

Records of Processing Activities

Data Protection Officers

Starting off with a focus on data protection issues in direct marketing, day four then outlines the Data Protection Act 2018 with a particular emphasis on making sense of this particularly complex piece of legislation. 

Direct Marketing Issues

• Privacy and Electronic Communication Regulations (PECR)
• Email Marketing
• Telephone Marketing
• Text Marketing
• Postal Marketing

The Data Protection Act 2018:

• Relationship with the UK GDPR
• Structure & Scope
• Main Points
• Exemptions
• How to use the DPA

On the final day of the course, we will pull everything together, considering the ICO and its activities, accountability and governance of data protection. We will also look at the data protection issues around the rapidly evolving Artificial Intelligence sector.

Regulator:

• The ICO and its Role
• Registration
• Enforcement

The ICO’s Accountability Framework

• Trackers
• Data Protection Audit and Gap Analysis

Management and Governance of Data Protection

Artificial Intelligence

• Data Protection Issues in the Development of Artificial Intelligence

• Data Protection Issues in the Use of Artificial Intelligence
• Developments in Legislation

Data Use and Access Bill

Any Other Issues Arising

Held after the course, candidates will be given a multiple-choice test and will have 1 hour to answer 40 questions.