Date: 5th March 2024 - 19th March 2024
Location:
Online
30 hours verifiable CPD
Develop a strong understanding of data protection legislation and compliance while earning recognition as a Law Society of Scotland Certified Specialist and obtaining a certificate (Data Protection (GDPR) Practitioner Certificate) awarded by TQUK.
The course assumes little or no previous knowledge of data protection and will cover, in a practical context, the UK GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003. The main points of this legislation will be explained with an emphasis on practical aspects of compliance.
The course will take place over five days and will comprise of lectures, discussion and practical exercises. At the end of the course, you will be expected to complete a multiple choice test which, once passed, will allow you to receive your LSS certification and your TQUK certificate.
This course is priced at £1520 + VAT
Please note there are just 20 spaces on each course.
If you’re not a member, please contact our CPD team to book: CPD@lawscot.org.uk
By completing this course, you will:
- Understand the importance of data protection legislation and compliance in the UK
- Interpret key terminology of the UK GDPR and Data Protection Act 2018 (DPA) in a practical context
- Understand the key obligations of the UK GDPR and DPA
- Create policies and procedures necessary for data protection compliance and accountability
- Carry out a data protection audit and gap analysis
- Develop an action plan to address a data protection gap analysis
- Respond appropriately to data protection issues arising in an organisation
- Carry out the duties of a data protection officer effectively
Alongside use of our Law Society of Scotland marque and your certification, successful completion of this course will award you with The Data Protection (GDPR) Practitioner Certificate.
This is an internationally recognised qualification, endorsed by TQUK, which is regulated by Ofqual. It equips current and aspiring data protection officers and data protection managers with knowledge and skills to undertake data protection compliance activities throughout an organisation. It is a valuable course for anybody with data protection compliance responsibilities.
The course is suitable for members, or non-members, working in all areas of the profession from high street to big firm, and in-house, with a responsibility for data protection. The course assumes no prior knowledge but you will come away with a expert understanding of data protection issues.
This course is for you if:
- You are already acting as a data protection officer (DPO)
- You will be acting as DPO in the future
- You wish to gain employment as a DPO
- You have data protection responisibilities
- You have an interest in data protection issues and want to demonstrate practical skills and learning in this area.
- Sign up for the certified course in Data Protection
- Attend five live online training days facilitated by Computer Law Training Ltd (29 hours verifiable CPD)
- Complete the online test (1 hr verified CPD)
- Certification in Data Protection awarded with use of our marque alongside obtaining a certificate (Data Protection (GDPR) Practitioner Certificate) awarded by TQUK.
After many years’ experience as a lecturer in diverse areas of computing in the Scottish university sector and completing a programme of study for Master of Laws degree (LLM) in IT and Telecoms Law, Tim founded Computer Law Training Ltd. He has been supporting businesses, charities and institutions in areas of information security and data protection (GDPR) as well as providing Data Protection training and CPD for lawyers, accountants and similar professions.
Tim was Convener of the Law Society of Scotland’s Privacy Law Committee for 7 years, which deals with issues around data protection and other aspects of privacy, responding to consultations on new legislation proposed by the Scottish Parliament, the UK Parliament, the European Parliament and other bodies. He was also a member of the Law Society of Scotland’s Technology Law and Practice Committee for 4 years. He is also a Certified Information Privacy Professional/Europe (CIPP/E) and is certified by APMG International to deliver the ‘Certified GDPR Practitioner‘ course.
| Date | Location | Webinar |
|---|---|---|
| Tuesday 5 March, 9.30am - 4.30pm | Online | History, GDPR & Personal Data Overview |
| Thursday 7 March, 9.30am - 4.30pm | Online | Legal Bases, Consent & Transparency |
| Tuesday 12 March, 9.30am - 4.30pm | Online | Data Subject Rights, Sharing & Obligations |
| Thursday 14 March, 9.30am - 4.30pm | Online | International Focus & The 2018 Act |
| Tuesday 19 March, 9.30am - 4.30pm | Online | Marketing, Governance & The ICO |
Day one will give a history and overview to all things data protection and will serve as an in-depth introduction to the rest of the course.
History and Background:
- Brief historical development
- Importance of data protection
UK GDPR Overview:
- Scope (material and territorial)
- Essential Definitions
- Data Protection Principles
- Transparency
- Data Subject Rights
- Information Security Requirements
- Breach Reporting / Recording
- Data Protection by design & default
- Data Protection Impact Assessments
- Data Processors
- Restricted (International) Transfers
- Relationship with EU GDPR
What is Personal Data?
- ICO guidance
- Durant
Day two will take more of a deep dive into legal bases, consent and transparency.
Purposes of Processing & Legal Bases:
- Specified, Explicit, Legitimate Purposes
- Lawfulness Requirement
- 6 Legal Bases
- Deciding on a Legal Basis
Consent in Detail:
- Definition
- Operation of Consent
- Problems with consent
Special Categories of Personal Data:
- What are Special Categories
- Why they are important
- Conditions for Processing
Transparency Requirements:
- Information Required and Modality
- ‘Layered’ Approach
- Exemptions
Day three will focus on the availability, management and procedures involved in data subject rights, and will also take a further look at data sharing and information security obligations.
Data Subject Rights:
- Availability
- Management Issues
- Responding
- Procedures
Data Sharing, Processors and Controllers:
- Processors and Contracts
- Joint Controllers and Agreements
- One-off Sharing
- Legal Basis
Information Security Obligations:
- Risk analysis
- ‘Appropriate’ Security
- Some Common Security Risks
- Breach Reporting and Recording obligations
Starting off with a more international focus, day four will recap the 2018 Data Protection Act and will end by taking a look at the accountability principle.
Restricted (International) Transfers:
- Adequacy and the EU
- Transfers with Appropriate Safeguards: SCCs
- Binding Corporate Rules
- Derogations for Specific Situations
- Schrems Judgement and its Implications
Data Protection by Design & by Default:
- Data Protection Impact Assessments (DPIAs)
- Criteria for a DPIA
- Carrying out a DPIA
The Data Protection Act 2018:
- Relationship with the UK GDPR
- Structure & Scope
- Main Points
- Exemptions
- Offence
The Accountability Principle:
- The "Accountability Portfolio"?
On the final day of the course, we will look at other issues such as staff training and children's data, direct marketing, governance and a overview of the role of the Information Commissioner's Office.
Other Issues:
- Children’s Data
- Some Issues Around Artificial Intelligence
- Codes of Conduct
- Certification
- Staff Training
Data Protection and Direct Marketing:
- PECR.
- UK GDPR
- ICO Guidance
Data Protection Governance:
- Data Protection Officers (DPOs)
- Who needs a DPO?
- Who can be a DPO?
- What does a DPO do?
- Responsibilities
- The Personal Data Audit & Record of Processing
- Data Protection Audit and Gap Analysis
Regulator:
- The ICO and its Role
- Registration
- Enforcement
- The European Data Protection Board (EDPB)
Held at the end of the course, candidates will be given a multiple choice test and will have 1 hour to answer 40 questions.
"I attended the course as a non-lawyer but someone with responsibility for data protection. The course was well structured, very thorough and clearly presented. I left the course with a far greater understanding of the Data Protection legislation and its implications in practice."
"I have learned a lot during this course. I particularly appreciated how Tim took the time beginning with the basic elements before delving into the complexities of Data Protection law. I particularly appreciated that he welcomed participation from those taking the course, and would stop to explain anything that was not clear after the first explanation. I would recommend this to any NQ solicitors with an interest in Data Protection law, hoping to solidify their knowledge."
"The Data Protection Certified Course was well structured and helpful to my role. I would highly recommend the course to others looking to develop an understanding of data protection law or build on existing knowledge."
"The Data Protection course was very engaging and thorough - I learned a lot and enjoyed each session."
"Great course, well organised, with a hugely knowledgeable trainer, supported by engaging materials"
"Very knowledgeable and insightful trainer and well structured training. Would recommend to anyone looking to gain knowledge in this area or as a refresher course."
"The course was excellent. The content was thorough and brought to life the practicalities in dealing with Data Protection matters. It made me realise that I actually know a lot more than I originally thought and so the course has helped to increase my confidence in dealing with Data Protection matters, which will assist greatly with my role."
