Introduction to GDPR: General Data Protection Regulation

This course is for anyone handling customer data, whether you work with customers in person, over the phone, or through digital or paper correspondence. You don’t need any previous experience.

What topics will you cover?

Week 1 - Law and history

• The purpose and history of data regulation in relation to the new legislation
• The principles of General Data Protection Regulation (GDPR)
• Key concepts, including (but not limited to) the natural person, personal data, controllers and processors, and legitimate interests

Week 2 - The Natural Person

• Legal bases for processing, including consent, legitimate interests and contracts
• The rights of the individual, including (but not limited to) erasure, access and automated decision-making
• Identifying how the implementation of GDPR could help to prevent particular breaches of data

Week 3 - The organisation and the data lifecycle

• Implications of GDPR for workers, their places of work and their customers
• Mitigating risks associated with the handling and processing of data
• Third party contracts and transfers
• Roles and responsibilities regarding Data Protection in the workplace

Nathan is a Senior Research Associate at UCL with special interest in information security, governance and ethics for shared data to support healthcare and industry.

Ross is a data protection, information security and risk management professional. He helps PA's clients to understand and implement the General Data Protection Regulation (GDPR).