This course is aimed at managers and owners of businesses/organisations of any size and at any stage of the lifecycle. It covers the main elements needed to prepare for the introduction of the General Data Protection Regulations (GDPR) that come into force on 25 May 2018.
The Aim of the course is to help Small and Medium sized businesses, micro-businesses and organisations to make preparation for compliance with GDPR.
Preparing for GDPR is a pretty big job, whatever the size of your business or organisation.
The good news is that setting up the records and a system to manage them is a one-off exercise.
Yes, you will need to monitor and manage the personal information but will be doing so from an organised starting point.
The aim of this Part 2 is to help You need to understand what personal information you hold in your business/organisation and what happens to it.
This is what GDPR requires you to do, so that you can be sure the processing of personal data complies and can be shown to comply.
There are three main things that any business needs to put in place for GDPR:/
- detailed records about what personal information you have and why – in GDPR speak, an Information Audit
- that there is a lawful reason (basis) for having and processing that personal information and that it is processed correctly.
- how personal information comes into the business/organisation and what happens to it- in GDPR speak, a Data Map
Part 3 of this course is all about putting in place the systems, processes and records that your business needs to manage Data Protection, including Data Breaches.
You probably have much of it in place already, as a lot of what is required now was already needed under the Data Protection Act.
What is needed, is more comprehensive record keeping, improved accountability and the evidence to prove compliance and decision-making under GDPR.
The aim of this Part 3 is to go through:
Who’s in charge of Data Protection
What policies and procedures you need to have in place
What will you do when there’s a breach