5-Day Data Protection Qualification Delivered Over 3 Weeks – live, online.

The Data Protection Practitioner Certificate is a valuable data protection qualification for Data Protection Officers, Data Protection Managers, Compliance Managers or anyone with a responsibility for Data Protection. The Data Protection Practitioner Certificate, officially called the Data Protection (GDPR) Practitioner Certificate, is an internationally recognised qualification, endorsed by TQUK, which is regulated by Ofqual, a UK Government department. It equips current and aspiring data protection officers and data protection managers with the knowledge and skills to undertake data protection compliance activities throughout an organisation. So it is a valuable course for anybody with data protection compliance responsibilities.

data protection practitioner certificate

We have found that delivering the course over a single week is often difficult for delegates so we are now offering the course over 5 days in 3 consecutive weeks: usually Tuesday, Thursday, Tuesday, Thursday, Tuesday.  We’ve found that this enables attendees to fit their work commitments around the course.  It also gives you time to review, learn and question the course material.

The course is delivered live, online, using Zoom.  This also helps delegates to schedule their time during the course. Please check our course availability page for dates and prices.

Course Content:

The exact content of this data protection qualification may change depending on changes to legislation, the ICO’s guidance and new case law. The outline below gives indicative content.

Day 1

Data Protection – history and background

  • Brief historical development
  • Importance of data protection

UK GDPR Overview

  • Scope (material and territorial)
  • Essential Definitions
  • Data Protection Principles
  • Transparency
  • Data Subject Rights
  • Breach Reporting / Recording
  • Data Protection by design & default
  • Data Protection Impact Assessments
  • Data Processors
  • Restricted (International) Transfers
  • Relationship with EU GDPR

What is Personal Data?

  • ICO Guidance
  • Durant and other cases

Principles & Legal Bases

  • Data protection principles
  • Lawfulness Requirement and 6 Legal Bases
  • Deciding on a Legal Basis
Day 2

Consent in Detail

  • Definition
  • Operation of consent
  • Problems with consent

‘Sensitive’ Personal Data

  • What are Special Categories?
  • Why they are important
  • Criminal conviction and offence data
  • Conditions for Processing

Transparency Requirements

  • Information Required and ‘Modalities’
  • Writing a privacy notice – ‘Layered’ Approach
  • Exemptions

Data Subject Rights

  • Availability of rights
  • Management Issues
  • How to respond
  • Requirements and Procedures
Day 3

Data Sharing, Processors and Controllers

  • Processors and Contracts
  • Joint Controllers and Agreements
  • One-off Sharing
  • Legal Basis
  • Risks and due diligence
  • Internal Sharing

Information Security Obligations

  • Risk analysis
  • ‘Appropriate’ Security
  • Some Common Security Risks
  • Breach Reporting and Recording obligations

Restricted (International) Transfers

  • Adequacy and the EU
  • Transfers with Appropriate Safeguards: SCCs
    • International Data Transfer Agreement
    • Transfer Impact Assessment
  • Binding Corporate Rules
  • Derogations for Specific Situations
  • Trans-Atlantic arrangements
Day 4

Data Protection by Design & by Default

  • Data Protection by Design Obligations
  • Data Protection Impact Assessments (DPIAs)
    • When do you have to do it?
    • How do you do it?

The Data Protection Act 2018

  • Relationship with the UK GDPR
  • Main Points
  • Exemptions
  • Offences

HR Issues

  • Retention of Applicant and Employee Data
  • Health and other sensitive data
  • Employee Monitoring
  • Confidentiality of Employee Data

Data Protection and Direct Marketing

  • PECR.
  • ICO Guidance
Day 5

Other Issues

  • Children’s Data
  • Some Issues Around Artificial Intelligence
  • Codes of Conduct and Certification
  • Staff Training

The Accountability Principle

  • The “Accountability Portfolio”
  • Documentation Requirements

Data Protection Governance

  • Data Protection Officers (DPOs)
    • Who needs a DPO?
    • Who can be a DPO?
    • What does a DPO do?
  • Responsibilities
  • The Personal Data Audit & Record of Processing Activities
  • Data Protection Audit and Gap Analysis

Regulator and Enforcement

  • The ICO and its Role
  • Registration
  • Enforcement
  • The European Data Protection Board (EDPB)

Attendees will:

  • Understand the importance of data protection legislation and compliance in the UK
  • Interpret key terminology of the UK GDPR and Data Protection Act 2018 (DPA) in a practical context
  • Understand the key obligations of the UK GDPR and DPA
  • Create policies and procedures necessary for data protection compliance and accountability
  • Carry out a data protection audit and gap analysis
  • Develop an action plan to address a data protection gap analysis
  • Respond appropriately to data protection issues arising in an organisation
  • Carry out the duties of a data protection officer
  • Understand the data protection requirements relating to direct marketing
  • Be aware of current developments in data protection

The course will comprise of lectures, discussion and practical exercises, together with an exam consisting of MCQ. The course content has been assessed as RQF Level Equivalent = 5 and is endorsed by TQUK Ltd.

*TQUK is regulated by the UK Office of Qualifications and Examinations Regulation (Ofqual).

Why this data protection qualification is different:

  • Examines all aspects of UK GDPR in detail, together with relevant aspects of the DPA 2018 and the PECR 2003;
  • Teaches essential DPO skills including: Data Protection Impact Assessments, Gap Analysis and writing a Privacy Notice
  • Comprehensive learning materials designed to help delegates during the course and afterwards as reference material;
  • Modern and practical assessment methods – multiple choice questions to test your knowledge.
data protection qualifications uk

Additional Information
  • 5 days of interactive training with a GDPR/DPA specialist
  • Certificate* showing a data protection practitioner qualification issued by TQUK
  • Digital copies of slides and notes
  • Digital copies of other supporting documentation

To check available dates, book a place or make an enquiry, please visit our course availability page.

* subject to successfully passing examination at the end of the course

Some comments made by attendees at the Data Protection Practitioner Certificate:

“Tim Musson met the challenges of teaching through Zoom sessions with warmth and enthusiasm. If anything – to my surprise – the Zoom element probably increased the focus of my attention, helped crystallise the subject matter and enhanced the effectiveness of the seminars. Tim’s knowledge of his subject is comprehensive. His approach to teaching is personal, reassuring and highly engaging, which is an infectious and appealing combination. Highly recommended.”

Paul McGowan, Solicitor, Sole Practitioner, Glasgow and East Renfrewshire.

“In comparison to any other previous Data Protection courses I have attended, Tim’s 5-day Certificated Practitioners Course trumps them all. His live interaction, sense of humour and real-life examples along, with his incredible enthusiasm in the subject made the training an absolute pleasure.”

Andrew, DPO, RGDP

This was an extraordinary course! Tim was absolutely fantastic- knowledgeable, friendly and fun! 5 stars! Thank you very much Tim.

Laker Lewis, Compliance Manager (DP & Risk), Floww

Insightful trainer and detailed, helpful resources made a very extensive and complicated subject much easier to digest.

In-House Legal Counsel for a law firm

Great course, hugely interesting and informative, delivered by a passionate data protection advocate.

C. McKendrick – Legal Manager

The course was delivered brilliant by Tim. It was informative, interesting and supplemented with helpful notes that made a complicated subject far easier to make sense of.

David, solicitor.

The course was excellent. The content was thorough and brought to life the practicalities of dealing with Data Protection matters. It made me realise, I actually know a lot more than I originally thought and so the course has helped to increase my confidence in dealing with Data Protection matters which will assist greatly with my role.

Vicky Pollock, Legal Services Manager, Inverclyde Council

A very thorough and well presented course that covers the subject in great detail. Tim definitely knows the topic and explains the concepts in an easy to follow manner through clear slides and group input.

Chris Nicol, Business Information Manager, Capital City Partnership

I passed the Data Protection (GDPR) Practitioner’s course, thanks to Tim’s strong knowledge, support and willingness to always answer my questions. Thanks Tim.

Director Clinical Operations, Pharmaceutical Industry