Data Protection is high on the agenda of all Police Forces, with employees at all levels offering the first line of defence against failure and a subsequent breach. Ensuring staff and management understand Data Protection whilst being able to carry out good data protection practice in their day to day activities, is a key part of a good security culture.
The UK, as a current member state of the EU, adopted the EU General Data Protection Regulation (GDPR) from May 2018. This has now resulted in a replacement of the UK Data Protection Act (DPA) (1998), with a new UK DPA (2018). Given the significant amount of personal and special category of personal information stored and processed by police forces and the obligation placed upon them by DPA (2018) Part 3, which is significantly different to Part 2, all Police Forces must ensure that key staff tasked with implementing, managing and assessing compliance to the new legislation have current knowledge and effective skills.
You can add NIS Directive training - just ask.
Call 0121 559 6699 or email email@example.com to book.
This 2 day course is designed for staff that are accountable for working with personal data as part of their role and need a more developed understanding of best practices without being a Data Protection Officer. This might include, but is not limited to; HR staff, staff processing Subject Access Requests, or staff who have been assigned Data Protection implementation and compliance responsibility within their respective force.
The course seeks to put GDPR and the DPA (2018) into context using real life examples and delegate role-based scenarios. Areas include:
Understanding the history of the DPA, key definitions and the data protection principles;
Understanding the role and powers of the Information Commissioner;
Understanding how the changes introduced by the EU GDPR and UK DPA 2018 affects current Data Protection practices;
Understanding the relationship between Data Protection and Management of Police Information (MoPI)
Understanding the Principles related to processing of personal data and how that translates into working practices;
Understanding the Rights of Data Subjects (i.e. Access, Rectification, Erasure and Portability) including how to process Subject Access Requests (SARs) and applying the basis for exemptions;
Understanding when and how to produce a Data Protection Impact Assessment (DPIA);
Understanding Privacy Notices and Data Sharing Agreements;
Understanding the role of the Data Protection Officer (DPO) and aspects around the Governance of the role;
Key considerations to be adopted arising from Part 3 of DPA 2018 Law Enforcement Processing and key differences to EU GDPR Articles;
Managing and reporting a Data Protection Breach, including setting up of near miss reporting as part of a preventative culture.
The relationship between The Privacy and Electronic Communications Regulations (PECR), the Data Protection Act and the GDPR.
At the end of this course, delegates will have a good understanding of the new legislation, the role and power of the ICO, how working practices need to be adapted, the obligations required under Part 3 and will be able to confidently bring this and more to their organisational Data Protection procedures.
For more details or to book delegates onto our Police DPA & GDPR training for Non DPOs, please email us for information.