Data Protection Officer
BOOK A COURSE
- 10.00 -
- Welcome and Registration
- 10.10 -
- The role of the Data Protection Officer
- 10.45 -
- Other key roles and responsibilities
- 11.15 -
- The Legal Landscape (DPA 18, GDPR) The Rights of Individuals – including Subject Access Requests
- 13.00 -
- Freedom of Information Act 2000 (FOIA) Environmental Information Regulations 2004 (EIR)
- 13.30 -
- The Essentials of Data Protection Impact Assessments (DPIAs)
- 14.15 -
- How to respond to a data breach
- 15.00 -
- Data Protection in Contracts and Procurement
- 15.30 -
- Summary of the Day and Close
Data Protection Officer
Why do you need Data Protection Officer (DPO) Training
You are a public authority or body and have appointed a new DPO or your current DPO is due refresher training
You are not a public authority or body, but you recognise that the nature of your processing activities requires the appointment of a DPO or a single point of contact to act as Data Protection lead
You have appointed a new lead Data Protection person and want them to have more knowledge and understanding of data protection law and practices.
You want to understand the duties and responsibilities of your organisation and the Privacy standards that you need to achieve.
Effective DPO training will
inform and advise you about your organisation’s obligations to comply with the GDPR and other data protection legislation
help you monitor compliance with the GDPR and other data protection laws
support your understanding of which data protection polices you need to have in place
give you confidence to raise awareness of data protection issues, train staff and conducting internal audits
give you knowledge to advise on, and to monitor, data protection impact assessments
support you to understand how the regulatory and supervisory authority work and what they require you to do
allow you to be the first point of contact for supervisory authorities and for individuals whose data is processed (employees, customers, patients, parents etc)
enable you to take into account the risks associated with the processing you are undertaking, for example how to assess the nature, scope, context and purposes of the processing
encourage you to provide risk-based advice to your organisation, for example where special category data is being processed, or where the potential impact on individuals could be damaging.
Under the GDPR, you must appoint a DPO if:
- you are a public authority or body (except for courts acting in their judicial capacity);
- your core activities require large scale, regular and systematic monitoring of individuals (for example, online behaviour tracking); or
- your core activities consist of large-scale processing of special categories of data or data relating to criminal convictions and offences.
This applies to both controllers and processors.
You can still appoint a DPO if you wish, on a full time or ad-hoc basis even if you aren’t required to.
Regardless of whether the GDPR obliges you to appoint a DPO, you must ensure that your organisation has sufficient staff and resources to discharge your obligations under the GDPR. However, a DPO can help you operate within the law by advising and helping to monitor compliance. In this way, a DPO can be seen to play a key role in your organisation’s data protection governance structure and to help improve accountability.
If you decide that you don’t need to appoint a DPO, either voluntarily or because you don’t meet the above criteria, it’s a good idea to record this decision to help demonstrate compliance with the accountability principle.
Aims of the course
At the conclusion of the course you will have the knowledge through expert tuition and learning from case studies to be able to support your organisation by monitoring compliance with the GDPR and other data protection laws and know how to take steps to improve compliance where appropriate.
You will feel more confident to report Data protection issues to the highest management level of your organisation, i.e. board level.