5-Day GDPR Qualification Delivered Over 3 Weeks – live, online.

The Data Protection Practitioner Certificate is a valuable GDPR qualification for anyone with a Data Protection remit, such as Data Protection Officers, Data Protection Managers or Compliance Managers. The full name of the Data Protection Practitioner Certificate is the Data Protection (GDPR) Practitioner Certificate, which makes the point that it is a data protection qualification with a focus on the GDPR. It is a globally recognised qualification, endorsed by TQUK, which Ofqual, a UK Government department, regulates. This GDPR qualification provides the knowledge and skills needed to carry out data protection compliance duties across an organisation. So it is a valuable course for anybody with a data protection compliance remit.

gdpr qualification

We have found that delivering the course over a single week is often difficult for delegates. So we are now offering the course over 5 days in 3 consecutive weeks: usually Tuesday, Thursday, Tuesday, Thursday, Tuesday.  This enables learners to schedule their work around the course.  It also gives you time to review, learn and question the course content.

The course is taught live, online, using Zoom.  This also helps learners to schedule their time during the course. Please check our course availability page for dates and prices. You will find that this is the best value serious GDPR qualification available. Please get in touch if you have any questions.

Course Content:

The exact content of this data protection qualification may change depending on changes to the law, the ICO’s guidance and new case law. However, the outline below gives indicative content.

Day 1

Data Protection – history and background

  • Brief history of data protection
  • Importance of data protection

UK GDPR Overview

  • Scope (material and territorial)
  • Key Definitions
  • Data Protection Principles
  • Transparency
  • Data Subject Rights
  • Breach Reporting / Recording
  • Data Protection by design & default
  • Data Protection Impact Assessments
  • Data Processors
  • Restricted (International) Transfers
  • Relationship with EU GDPR

What is Personal Data?

  • ICO Guidance
  • Durant and other cases

Principles & Legal Bases

  • Data protection principles
  • Lawfulness Requirement and 6 Legal Bases
  • Choosing a Legal Basis
Day 2

Consent in Detail

  • Definition
  • Handling consent
  • Problems with consent
  • When should you use consent?

‘Sensitive’ Personal Data

  • What are Special Categories?
  • Why they are important
  • Criminal conviction and offence data
  • Conditions for Processing

Transparency Requirements

  • Information Required and ‘Modalities’
  • Writing a privacy notice – ‘Layered’ Approach
  • Exemptions

Data Subject Rights

  • Availability of rights
  • Management Issues
  • How to respond
  • Requirements and Procedures
Day 3

Data Sharing, Processors and Controllers

  • Processors and Contracts
  • Joint Controllers and Agreements
  • One-off Sharing
  • Legal Basis
  • Risks and due diligence
  • Internal Sharing
  • When can you share?

Information Security Obligations

  • Risk analysis
  • ‘Appropriate’ Security
  • Some Common Security Risks
  • Breach Reporting and Recording obligations
    • When do you have to report?

Restricted (International) Transfers

  • What is a Restricted Transfer?
    • When do we need to worry?
  • Adequacy and the EU
  • Transfers with Appropriate Safeguards: SCCs
    • International Data Transfer Agreement
    • Transfer Impact Assessment
  • Binding Corporate Rules
  • Derogations for Specific Situations
  • Trans-Atlantic arrangements
Day 4

Data Protection by Design & by Default

  • Data Protection by Design Obligations
  • Data Protection Impact Assessments (DPIAs)
    • When do you have to do it?
    • How do you do it?

The Data Protection Act 2018

  • Relationship with the UK GDPR
  • Main Points
  • Exemptions
  • Offences

HR Issues

  • Retention of Applicant and Employee Data
  • Health and other sensitive data
  • Staff Monitoring
  • Confidentiality of Employee Data

Data Protection and Direct Marketing

  • PECR.
  • UK GDPR
  • ICO Guidance
Day 5

Other Issues

  • Children’s Data
  • Some Issues Around Artificial Intelligence
  • Codes of Conduct and Certification
  • Staff Training

The Accountability Principle

  • The “Accountability Portfolio”
  • Documentation Requirements

Data Protection Governance

  • Data Protection Officers (DPOs)
    • When do you need a DPO?
    • Who can be a DPO?
    • What does a DPO do?
  • Responsibilities
  • The Personal Data Audit & Record of Processing Activities
  • Data Protection Audit and Gap Analysis

Regulator and Enforcement

  • The ICO and its Role
  • Registration
  • Enforcement
  • The European Data Protection Board (EDPB)

Attendees will:

  • Understand the importance of data protection law and compliance in the UK
  • Explain key terms of the UK GDPR and Data Protection Act 2018 (DPA) in a practical context
  • Understand the key obligations of both the UK GDPR and the DPA and how they relate to each other
  • Create policies and procedures needed for data protection compliance and accountability
  • Carry out a data protection audit and gap analysis
  • Develop an action plan to address a data protection gap analysis
  • Respond appropriately when data protection issues arise in an organisation
  • Carry out the duties of a data protection officer
  • Understand the data protection requirements when doing direct marketing
  • Be aware of current developments in data protection both in the UK and globally

This GDPR qualification consists of lectures, discussion and practical exercises, together with an exam made up of MCQ. The course content has been assessed as RQF Level Equivalent = 5 and is endorsed by TQUK Ltd.

*TQUK is regulated by the UK Office of Qualifications and Examinations Regulation (Ofqual).

Why our GDPR qualification is different:

  • Covers all aspects of UK GDPR in detail, together with relevant aspects of the DPA 2018 and the PECR 2003;
  • Teaches essential DPO skills such as Data Protection Impact Assessments, Gap Analysis and writing a Privacy Notice
  • Detailed learning materials designed to help learners during the course and afterwards as reference material;
  • Modern and practical assessment methods – multiple choice questions to test your knowledge, with instant feedback.
data protection qualifications uk

Additional Information
  • 5 days of interactive training with an experienced GDPR/DPA specialist who encourages questions at any point
  • Certificate* showing a data protection practitioner qualification issued by TQUK
  • Digital copies of slides and notes
  • Digital copies of other supporting documents

To check course dates or to book a place please visit our course availability page or alternatively if you prefer to ask about the course please get in touch.

I’m always pleased to arrange a call to discuss details of this GDPR qualification or any of our other data protection courses.

* subject to passing examination at the end of the course

Some comments made by attendees at the Data Protection Practitioner Certificate:

Paul McGowan, Solicitor, Sole Practitioner, Glasgow and East Renfrewshire:

“Tim Musson met the challenges of teaching through Zoom sessions with warmth and enthusiasm. If anything – to my surprise – the Zoom element probably increased the focus of my attention. It helped crystallise the subject matter and enhanced the effectiveness of the seminars. Tim’s knowledge of his subject is comprehensive. His approach to teaching is personal, reassuring and highly engaging, which is an infectious and appealing combination. Highly recommended.”

Andrew, DPO, RGDP:

“In comparison to any other previous Data Protection courses I have attended, Tim’s 5-day Certificated Practitioners Course trumps them all. His live interaction, sense of humour and real-life examples along, with his incredible enthusiasm in the subject made the training an absolute pleasure.”

Laker Lewis, Compliance Manager (DP & Risk), Floww:

This was an extraordinary course! Tim was absolutely fantastic- knowledgeable, friendly and fun! 5 stars! Thank you very much Tim.

In-House Legal Counsel for a law firm:

Insightful trainer and detailed, helpful resources made a very extensive and complicated subject much easier to digest.

In-House Legal Counsel for a law firm
C. McKendrick – Legal Manager:

Great course, hugely interesting and informative, delivered by a passionate data protection advocate.

David, solicitor:

The course was delivered brilliantly by Tim. It was informative, interesting and supplemented with helpful notes that made a complicated subject far easier to make sense of.

Vicky Pollock, Legal Services Manager, Inverclyde Council:

The course was excellent. The content was thorough and brought to life the practicalities of dealing with Data Protection matters. It made me realise, I actually know a lot more than I originally thought and so the course has helped to increase my confidence in dealing with Data Protection matters which will assist greatly with my role.

Chris Nicol, Business Information Manager, Capital City Partnership:

A very thorough and well presented course that covers the subject in great detail. Tim definitely knows the topic and explains the concepts in an easy to follow manner through clear slides and group input.

Director Clinical Operations, Pharmaceutical Industry:

I passed the Data Protection (GDPR) Practitioner’s course, thanks to Tim’s strong knowledge, support and willingness to always answer my questions. Thanks Tim.