Any organisations that do business in the European Union or the European Economic Area (EEA) must comply with the GDPR. This course shows you everything you need to be doing to become GDPR compliant.
You’ll learn exactly what GDPR is, the role of the Data Protection Officer and 10 Practical steps to implement GDPR.
If you are a Business Owner, or you will be your company’s Data Protection Officer, this course is for you.
Suitable for all levels
Created by Experts
One year access
Watch on any device
2 hour course
4 CPD Points
What's in your GDPR Toolkit
Delivered online this GDPR Implementation toolkit contains a practical, easy-to-follow, 10-step guide to becoming GDPR compliant. It starts with a GDPR self-assessment questionnaire to give you your current compliance score, and contains all the mandatory policies and procedures you need.
10 Step Guide
An easy-to-follow 10-step guide to implement GDPR
Answer the questions to understand the status quo
Document your existing Data Processing Activities
Identify your existing gaps to GDPR compliance
Define each risk as Low, Medium, or High
Use the template to allocate tasks to owners
Templates for you to create your Policies
Sample templates for you to use internally
Forms for types of Subject Access Requests
Forms for dealing with Data Breaches
Data Protection Impact Assessment sheet
After completion, get your GDPR Compliance Score
Templated Policies and Procedures included in your GDPR Toolkit
Personal Data Protection Policy
The purpose of this policy is to set out the arrangements that apply to the management of data protection and to affirm your commitment to protect the privacy rights of individuals in accordance with GDPR.
Employee Personal Data Protection Policy
This Policy should set out the principles you will follow in relation to personal data you hold about your employees.
Data Retention Policy
A data retention policy is an organisation’s established protocol for retaining information for operational or regulatory compliance needs.
Data Subject Consent Form
This document is used to obtain from the data subjects the consent for processing personal data for a specific purpose.
Parental Consent Form
This policy should be used to obtain consent from the parent / legal guardian / representative of a minor to process personal data for a specific purpose.
Supplier Data Processing Agreement
This template that can be used to establish the limits and conditions under which a supplier (processor) can process personal data on behalf of company (controller).
The EU General Data Protection Regulation (GDPR) includes rules on giving privacy information to data subjects in Articles 12, 13 and 14. This example Privacy Notice can be adapted to your organisation.
Employee Privacy Notice
As an employer you will be required to provide employees by way of a privacy notice. This example Employee Privacy Notice can be adapted to your organisation.
Data Retention Schedule
This Schedule defines the retention period of each type of data, according to the rules set in your Data Retention Policy.
Data Subject Consent Withdrawal Form
This is a form used by the data subjects to withdraw their consent for processing personal data.
Parental Consent Withdrawal Form
This policy should is to enable the parent / legal guardian / representative of a minor to withdraw the consent from processing personal data for a specific purpose.
Breach Reporting Procedure
An example form that your organisation can adapt to your needs, if required. It will help employees report suspected breaches and ensure you have a record of the breach from the start.
Module 1 - Introduction to the Course
This module gives employees an overview of the course, why it’s important and what they can expect to learn on the course.
Module 2 - Introduction to GDPR
A GDPR Overview
What is GDPR
Key concepts of the GDPR
Fine, Penalties and Compenation
Module 3 - 6 GDPR Principles
The 6 GDPR principles explained
- Lawfulness, Fairness and Transparency
- Purpose Limitation
- Data Minimisation
- Storage Limitation
- Integrity and Confidentiality
Module 4 - Data Subjects' Rights
This module explains the rights of Data Subjects – individuals
- Overview of Individual Rights
- Right to be Informed
- Right to Rectification
- Right to Erasure
- Right to Restrict Processing
- Right to Data Portability
- Right to Object
- Right in Relation to Automated Decision Making and Profiling
Module 5 - How does GDPR Impact me in the Workplace
How does the GDPR impact on the role of employees in the workplace
The Role of the Data Protection Officer
10 Employee Data Security Best Practices that should be adopted now
Module 6 - Course Summary and Assessment
A summary of the course after which employees will proceed to the end of course assessment.
Please get in touch to discuss your requirements