European Union GDPR Practitioner training

On 25th May 2018, the EU GDPR came into effect. Organisations must now ensure that they comply with the legislation, or face the potential of punitive fines of up to 4% of global annual turnover

If you’re the one responsible for compliance with GDPR in your organisation, you need to have a good understanding both of the legislation and also how to apply it. Our GDPR Practitioner course is designed for you.

This is an in-depth four day course, run by people who are not only specialists in the field, but also experts at delivering training that’s engaging and clear. Over 90% of our attendees rate our training as “Better” or “Much better” than previous courses attended.

Book now on our certified GDPR Practitioner course and get the skills you need.

GDPR Practitioner course

Who for: Anyone who needs a real, in-depth understanding of both the content and the application of the GDPR.

Do I need to attend the Foundation course first? No. This course covers the material that’s in the Foundation course, but with significantly greater depth and breadth, so there’s no need to attend both.

Duration: 4 days

How many people? This is a publicly scheduled course, which may have up to 10attendees. Book as many places as you require.

What’s the cost? £1500 + VAT per person

What do I get? Each attendee receives both an electronic and a printed and bound set of slides; a printed and bound copy of the text of the GDPR, along with a PDF version containing appropriate hyperlinks between the Articles and the Recitals; a Practitioner certificate (upon successful completion of the examination) and a set of printed flash cards detailing key topics such as the principles of the GDPR, legal bases for processing data and a reminder of the rights of the data subject.

Where are the courses? We run these courses in London and Birmingham, in comfortable, modern venues. We supply breakfast, lunch and unlimited tea and coffee. Take a look at the images at the foot of this page for an idea of the quality of the venue.

Is there an exam? Yes. At the conclusion of the last day, we will also provide and administer a GDPR Practitioner exam and we will issue a certificate for those who achieve the pass mark of 65%. Attendees not wishing to sit the exam will receive a certificate of attendance only.

Details This four-day course takes delegates through the content and application of the GDPR in detail, and includes topics such as:

  • The core of the GDPR
    • Key terms within the GDPR
    • The core principles of the GDPR
    • Lawful basis
    • Consent (and child’s consent) under GDPR
    • Demonstrating compliance with GDPR principles
    • Processing special category data
  • The controller and the processor
    • Determining if you’re a controller or a processor
    • The responsibilities of controllers and processors
    • Maintaining records of processing activities
  • The GDPR and risk
    • What is risk
    • How to assess risk
    • Risk management and ISO 27005 / ISO 31000
    • Creating risk assessments
    • Risk acceptance criteria
    • Options for treating risk
  • Breaches
    • Breach reporting requirements for controllers
    • Breach reporting requirements for processors
    • What needs to be in a breach report
    • Mitigating breaches
  • Managing data security
    • Security within the GDPR – Principle 6 and elsewhere
    • Organisational, technical and physical security
    • Security standards
    • ISO27001 and ISMS’s
    • Data protection by design and by default
  • Data Subjects
    • The rights of data subjects
    • Creating Privacy Statements and gaining consent
    • Managing and responding to Subject Access Requests
  • Children and the GDPR
    • Child-specific areas of the GDPR and the Data Protection Bill
    • Consent and child data subjects
    • Communication with children under GDPR
    • Child competence and holders of parental responsibility
  • Direct marketing under GDPR
    • What can and can’t you do
    • Telling data subjects that you have their data
    • What to do if you obtain someone’s details from another organisation
  • Data protection Officers
    • The role of the DPO
    • Who should be a DPO?
    • The responsibilities of a DPO
  • Creating Data Protection Impact assessments
    • When do you need to conduct a DPIA?
    • What should be included in Data Protection Impact Assessments
  • Recording your data
    • Creating an information asset register
    • Mapping data flows
    • Software options to record information about your data
  • Transferring data abroad
    • Transferring data under an Adequacy Decision
    • Appropriate safeguards and Binding Corporate Rules
    • The USA – Safe Harbor and Privacy Shield
  • Remedies, liabilities and penalties
    • Supervisory Authorities and your obligations to them
    • Administrative fines and liability to compensation

Throughout the course, there will be exercises and discussion to ensure a real hands-on understanding of how to apply the GDPR in your organisation.

The trainer was excellent and delivered the content in a way that really held your attention

Lucy Lowin, Runnymede BC

The consultant was always in touch with his audience, ensuring that all questions were answered and understanding was complete.

Paula Bunting, Pickfords

Quality of the training was of a very high level and communication throughout the training was clear and concise.

Anon, Iglu

The trainer was brilliant, patient, knowledgeable and made it really interesting and every question was answered.

Annie Walwyn-Jones, Native Land

This is the best IT-related course I have completed. Unlike previous courses, this one focussed on fully understanding databases and their construction. Getting the basics right, rather than simply glossing over essential concepts and focussing on software provided the tools to take this forward in a positive way.

Anon, Imperial College London