This one day DPA programme has been specifically designed to allow participants to:
- Understand their requirements under the DPA;
- Be able to assess their current compliance standards against best DPA processing practice, policies, procedures and protocols;
- Develop effective auditable DPA processing practices that include:
- a. Subject Access Request handling;
- b. Third Party Request handling;
- c. Information sharing agreements;
- d. Compliant review and complaint handling procedures; and,
- e. Higher Level review and decision-making.
- Understand the need to align DPA Policies and processes with supporting Data Retention and Disposal, Records
- Management, Information Security, Communications, Remote Working, and IT Policies.
- CCTV and the DPA and the Regulation of Investigatory Powers Act.
Programme contents will include the following:
- An introduction to the DPA
- ICO registration and compliance
- An understanding of the 8 DPA Principles
- Key roles and responsibilities
- The basics of processing: What is; What it requires; The necessary process, procedural and protocol compliance requirements
- Understanding data states; processing, transportation, transmission, remote storage
- Dealing with: Subject Access Requests; Third Party Access Requests; Sharing of Information; Complaints and Reviews
- The geographical limits of the Act
- The relationship of the Act with the Freedom of Information Act and Environmental Information Regulations
All delegates who successfully complete this course will be provided with a certificate of attendance.
The trainer for this course works internationally, predominantly in the US, Canada and the Middle East and has been successfully delivering Data Protection and Freedom of Information based training programmes internationally for the last ten years. He has specific expertise in developing operational process diagrams based around information security and in conducting penetration testing on data storage and disposal.