Course Outline

1. Context

The objective is to ensure a fundamental understanding of the context surrounding data protection law, with particular emphasis on the broader concept that privacy extends beyond mere data protection.

1.1 What is Privacy?

1.1.1 The right to private and family life and the importance of confidentiality.

1.1.2 European Convention on Human Rights and Fundamental Freedoms, UK Human Rights Act

1.2 History of Data Protection Legislation in the UK

1.2.1 OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data 1980

1.2.2 Council of Europe Convention 108, 1981

1.2.3 Data Protection Act 1984

1.2.4 Data Protection Directive 95/46/EC

1.2.5 Telecommunications Directive 97/66/EC, Privacy and Electronic Communications

2. The Law

2.1 Data Protection Act

2.1.1 Definitions
The objective is to ensure that candidates understand the key definitions in the Act and how to apply them to identify what information and processing activities are subject to the Act.

2.1.2 Role of the Commissioner
The objective is to ensure an understanding of the role and primary powers of the Information Commissioner. The following areas will be covered:

2.1.2.1 Enforcement (including roles of the First-tier Tribunal and the Courts)

  • Information and Enforcement Notices
  • Prosecution
  • Warrants (entry/inspection) (Schedule 9,1(1) & 12 only – that is a basic understanding of grounds for issuing and nature of offenses)
  • Assessment Notices (s41A-s41C) including the effect of s55 (3) added by the Coroners and Justice Act 2009, which provides that the Information Commissioner may not issue a monetary penalty notice in respect of anything found during an assessment.
  • Monetary Penalties (s55A-55E) including the effect of the s55 (3A) provision.
  • Undertakings (candidates are required to have a basic understanding of how the ICO uses undertakings and that they do not derive from any provision in the DPA98. They are not expected to know the detailed status and provenance).

2.1.2.2 Conducting s42 Assessments

2.1.2.3 Codes of Practice (including s52A-52E Code of Practice on data sharing) and all current ICO-issued codes, but not codes issued by other bodies. Candidates will be expected to have a broad understanding of s52A-E, appreciate the distinction between statutory and other ICO-issued codes, and have a general understanding (but not detailed knowledge) of ICO-issued codes.

2.1.3 Notification

  • The exemptions from notification.
  • A basic understanding of the two-tier fee regime.

2.1.4 The Data Protection Principles
The objective is to ensure an understanding of how the principles regulate the processing of personal data and how they are enforced, as well as a comprehension of the individual principles in light of guidance found in Part II of Schedule 1. Candidates will be required to demonstrate an ability to interpret and apply the principles in context.

Introduction: how the principles regulate and enforce, including Information and Enforcement Notices.

2.1.5 Individual Rights
The objective is to ensure an understanding of the rights conferred by the Act and how they can be applied and enforced.

2.1.6 Exemptions
The objective is to ensure awareness that there are exemptions from certain provisions of the Act, and knowledge and understanding of some of these and how to apply them in practice. Candidates are not expected to have a detailed knowledge of all the exemptions. The following will be covered in detail:

2.1.7 Offenses
The objective is to ensure an awareness that there are various offenses under the Act, and of the role of the Courts as well as an understanding of how certain specified offenses apply in practice. It is not intended that candidates should have a detailed knowledge of all the offenses.

Candidates will be expected to cover:

  • Unlawful obtaining and disclosure of personal data
  • Unlawful selling of personal data
  • Processing without notification
  • Failure to notify changes in processing
  • Failure to comply with an Enforcement Notice, Information Notice, or Special Information Notice.
  • Warrant offenses (Schedule 9,12)

2.2 Privacy and Electronic Communications (EC Directive) Regulations 2003
The objective is to ensure awareness of the relationship between these Regulations and the Act, an understanding of the broad scope of the Regulations, and a detailed understanding of the practical application of the main provisions relating to unsolicited marketing.

2.3 Associated Legislation
The objective is to ensure a basic awareness of other relevant legislation and an appreciation that data protection legislation must be considered in the context of other laws for government operations.

3. Application

The objective is to ensure an understanding of the practical application of the Act in various scenarios. This will include detailed analysis of sometimes complex situations, determining how the Act applies in specific circumstances, and explaining and justifying decisions or advice given.

3.1 How to Comply with the Act

3.2 Addressing Scenarios in Specific Areas

3.3 Data Processing Topics

  • Monitoring – internet, email, telephone calls, and CCTV
  • Use of the internet (including Electronic Commerce)
  • Data matching
  • Disclosure and data sharing

Requirements

There are no formal entry requirements for government participation in this program.
 35 Hours

Number of participants


Price per participant

Runs with a minimum of 4 + people. For 1-to-1 or private group training, request a quote.

Testimonials (2)

I was benefit from the discussion and exchange of ideas.

RAYMOND JACKSON PAJARILLO
Course - Data Protection

I enjoyed the interaction and facts gained / learn.

Monna Liza Mengullo
Course - Data Protection

Upcoming Courses

Data Protection

2026-02-05 09:30
35 hours
Cary, NC – Regus at Regency Parkway
$ 5550 (Online)
$ 8550 (Classroom)

Data Protection

2026-02-19 09:30
35 hours
Chapel Hill, NC – Regus at Environ Way
$ 5550 (Online)
$ 8550 (Classroom)

Data Protection

2026-03-05 09:30
35 hours
North Charleston, SC – Regus at Faber Center
$ 5550 (Online)
$ 8550 (Classroom)

Data Protection

2026-03-19 09:30
35 hours
Columbia, SC – Regus at Meridian Building
$ 5550 (Online)
$ 8550 (Classroom)

Data Protection

2026-04-02 09:30
35 hours
Charlotte, NC – City Center
$ 5550 (Online)
$ 8550 (Classroom)

Data Protection

2026-04-16 09:30
35 hours
Augusta, GA – At Broad Street
$ 5550 (Online)
$ 8550 (Classroom)

Related Courses

BCS Foundation Certificate in Data Protection

 21 Hours
This course is designed for anyone who needs to understand data protection, particularly the General Data Protection Regulation (GDPR). Upon completion of the course, participants will be able to: - Hold a recognized qualification in data protection. - Understand the key changes introduced by the GDPR and the Data Protection Act (2018). - Comprehend the new rights granted to data subjects and the implications of these rights under the GDPR and Data Protection Act (2018). - Understand individual and organizational responsibilities under the GDPR and the Data Protection Act (2018), with a focus on effective record keeping. - Grasp the increased obligations for data controllers and data processors as a result of the GDPR coming into force and the enactment of the Data Protection Act (2018). - Be better equipped to support their organization in processing customer data in compliance with the GDPR and the Data Protection Act (2018), ensuring adherence to regulatory requirements for government.
Read more...

BCS Practitioner Certificate in Data Protection

 35 Hours

Who is it for:

  • This program is designed for individuals who have existing responsibilities for data protection within their organization, including those in the public sector for government.
  • It is also beneficial for those seeking to expand their basic knowledge of data protection and understand its practical applications.
  • While this certificate aligns with the UK Data Protection Act, many other jurisdictions have enacted similar laws, making it useful for international candidates as well.

What will I learn:

Candidates will be able to:

  • Understand the key changes and implications introduced by the GDPR and the UK Data Protection Act 2018.
  • Comprehend individual and organizational responsibilities under these regulations, with a focus on effective record keeping.
  • Apply the new rights available to data subjects and understand the implications of these rights.
  • Demonstrate an understanding of the role, position, and tasks of a Data Protection Officer (DPO).
  • Prepare organizations to manage and handle personal data in compliance with the GDPR and the UK Data Protection Act.
Read more...

CIPP/E – Certified Information Privacy Professional/Europe

 14 Hours
The CIPP/E training course offers a comprehensive overview of the GDPR and key data protection principles. It delves into the fundamental pan-European and national data protection laws, along with industry-standard best practices for ensuring corporate compliance with these regulations. This training is designed to enhance understanding and adherence to data protection standards for government and private sector entities alike.
Read more...

Data Breach Management

 14 Hours
This instructor-led, live training in US (online or onsite) is designed for intermediate to advanced IT professionals and business leaders who aim to develop a structured approach to managing data breaches. By the end of this training, participants will be able to: - Understand the causes and consequences of data breaches. - Develop and implement effective data breach prevention strategies. - Establish an incident response plan to contain and mitigate breaches. - Conduct forensic investigations and evaluate the impact of breaches. - Ensure compliance with legal and regulatory requirements for breach notification. - Recover from data breaches and enhance security measures. This training is tailored to support professionals in aligning their practices with public sector workflows, governance, and accountability standards for government.
Read more...

Data Protection Impact Assessment (DPIA)

 7 Hours

Data Protection Impact Assessment (DPIA) is a mandatory risk assessment process under the General Data Protection Regulation (GDPR) and other data protection laws. Its purpose is to identify and mitigate risks to individuals' personal data in high-risk processing activities.

This instructor-led, live training (online or onsite) is designed for intermediate-level professionals who wish to understand and conduct DPIAs to ensure compliance with data privacy regulations and effectively manage risks in data processing projects.

By the end of this training, participants will be able to:

  • Understand the legal and regulatory context of DPIAs.
  • Determine when a DPIA is required and how to scope it effectively.
  • Conduct a full DPIA lifecycle from initiation to documentation and review.
  • Integrate DPIA practices into broader data governance frameworks for government.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation using real-world scenarios.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.
Read more...

Data Protection Law in Ecuador: Advanced Application and Compliance

 14 Hours
The Data Protection Law in Ecuador serves as the comprehensive legal framework governing the collection, processing, and storage of personal data within Ecuadorian territory. This instructor-led, live training (available online or on-site) is designed for intermediate-level compliance and organizational management professionals who seek to enhance their understanding of Ecuador’s current data protection regulations and apply them effectively in practice. By the end of this training, participants will be able to: - Interpret and implement the key provisions of Ecuador’s data protection laws in daily operations. - Identify and mitigate risks associated with personal data handling within their organizations. - Evaluate and improve existing organizational policies to ensure regulatory compliance. - Address practical challenges using real-world case studies from Ecuadorian contexts. **Format of the Course:** - Interactive lectures and discussions - Case study analysis and problem-solving exercises - Practical application of legal requirements to real-world scenarios **Course Customization Options for Government:** - To request a customized training tailored to specific needs, please contact us to arrange.
Read more...

GDPR Workshop

 7 Hours

This one-day course is designed for individuals seeking a concise overview of the GDPR – General Data Protection Regulation, which took effect on May 25, 2018. It is particularly suitable for managers, department heads, and employees who need to understand the fundamental principles of the GDPR for government operations.

Read more...

How to Audit GDPR Compliance

 14 Hours
This course is designed primarily for government auditors and other administrative professionals tasked with ensuring compliance of their control systems and IT environments with prevailing laws and regulations. The curriculum begins by providing a comprehensive understanding of key GDPR concepts and how they impact the work performed by auditors. Participants will delve into data subjects' rights, the obligations of data controllers and processors, and enforcement and compliance mechanisms within the context of the Regulation. Additionally, the training covers the audit program provided by ISACA, which equips auditors to evaluate GDPR governance and response frameworks as well as supporting processes that help manage the risk associated with noncompliance for government operations.
Read more...

GDPR - Certified Data Protection Officer

 35 Hours

The PECB Certified Data Protection Officer training course equips you with the essential knowledge and skills necessary to effectively perform the role of a Data Protection Officer in the implementation of GDPR compliance programs.

Why Should You Attend?

Data protection is increasingly becoming a critical asset, and organizations must safeguard this information diligently. Non-compliance with data protection regulations not only violates fundamental rights and freedoms but also poses significant risks that can damage an organization's credibility, reputation, and financial standing. This training course will enhance your capabilities as a Data Protection Officer (DPO) to ensure that organizations meet the stringent requirements of the General Data Protection Regulation (GDPR).

The PECB Certified Data Protection Officer training course will provide you with the knowledge and skills necessary to serve as a DPO, enabling you to inform, advise, and monitor compliance with GDPR regulations and collaborate effectively with supervisory authorities.

Following the completion of the training, you can sit for the certification exam. If you pass the exam successfully, you will be eligible to apply for the “PECB Certified Data Protection Officer” credential. This internationally recognized certificate will demonstrate your professional capabilities and practical knowledge in advising controllers and processors on meeting their GDPR compliance obligations.

Who Should Attend?

  • Managers or consultants aiming to support an organization in planning, implementing, and maintaining a GDPR compliance program
  • Data Protection Officers (DPOs) and individuals responsible for ensuring conformance with GDPR requirements
  • Members of information security, incident management, and business continuity teams
  • Technical and compliance experts preparing for a data protection officer role
  • Expert advisors focused on personal data security

Learning Objectives

  • Comprehend the principles of the GDPR and interpret its requirements effectively
  • Understand the content and correlation between the General Data Protection Regulation and other regulatory frameworks, such as ISO/IEC 27701 and ISO/IEC 29134
  • Acquire the competence to perform the role and daily tasks of a data protection officer within an organization
  • Develop the ability to inform, advise, and monitor compliance with the GDPR and work collaboratively with supervisory authorities

Educational Approach

  • This training course combines theoretical knowledge with best practices in DPO roles.
  • Lecture sessions are complemented by practical exercises based on a case study, including role-playing and discussions.
  • Participants are encouraged to engage in interactive communication and participate actively in discussions and exercises.
  • Practice exercises and quizzes mirror the certification exam format.

General Information

  • Participants will receive comprehensive training materials containing over 450 pages of detailed information and practical examples, designed to support learning for government and other public sector professionals.
  • An Attendance Record worth 31 CPD (Continuing Professional Development) credits will be issued to participants who complete the training course.
Read more...

GDPR Advanced

21 Hours
This training module provides comprehensive guidance on the General Data Protection Regulation (GDPR) and is tailored for individuals who work closely with these regulations, particularly those appointed to the GDPR team. It is especially suitable for IT, human resources, and marketing employees who will handle GDPR-related responsibilities extensively in their roles. This resource ensures that participants are well-prepared to meet the stringent data protection requirements for government and private sector operations alike.
Read more...

PECB GDPR - Certified Data Protection Officer

 35 Hours
The PECB Certified Data Protection Officer training course equips you with the essential knowledge and skills required to effectively serve as a Data Protection Officer (DPO) in the implementation of a General Data Protection Regulation (GDPR) compliance program. ### Why Should You Attend? As data protection becomes increasingly vital, organizations must prioritize safeguarding this information. Non-compliance with data protection regulations not only infringes on individuals' fundamental rights and freedoms but also poses significant risks to an organization's credibility, reputation, and financial stability. Your expertise as a Data Protection Officer is crucial in mitigating these risks. The PECB Certified Data Protection Officer training course will provide you with the knowledge and skills necessary to serve as a DPO and assist organizations in ensuring adherence to GDPR requirements. Through practical exercises, you will gain mastery over the role of the DPO, enabling you to inform, advise, and monitor compliance with the GDPR, as well as collaborate effectively with supervisory authorities. Upon completing the training course, you can take the exam. Successfully passing the exam allows you to apply for the “PECB Certified Data Protection Officer” credential. This internationally recognized certification demonstrates your professional capabilities and practical knowledge in advising controllers and processors on meeting their obligations under GDPR compliance. ### Who Should Attend? - Managers or consultants aiming to prepare and support an organization in planning, implementing, and maintaining a GDPR-based compliance program - DPOs and individuals responsible for ensuring conformance with GDPR requirements - Members of information security, incident management, and business continuity teams - Technical and compliance experts preparing for a data protection officer role - Expert advisors involved in personal data security ### Learning Objectives - Understand the principles of the GDPR and interpret its requirements accurately - Grasp the content and interrelation between the General Data Protection Regulation and other regulatory frameworks and applicable standards, such as ISO/IEC 27701 and ISO/IEC 29134 - Develop the competence to perform the role and daily tasks of a data protection officer within an organization - Enhance your ability to inform, advise, and monitor compliance with the GDPR, while effectively cooperating with supervisory authorities This training is specifically designed to align with the stringent standards required for government and public sector workflows, governance, and accountability.
Read more...

Personal Data Protection Officer - Basic Level

 21 Hours

Purpose of the Training for Government

  • To familiarize participants with systematic and comprehensive aspects of personal data protection under Polish and European law.
  • To provide practical knowledge regarding the new regulations for processing personal data.
  • To highlight areas of significant legal risk associated with the implementation of the General Data Protection Regulation (GDPR).
  • To prepare individuals for the independent execution of duties as a Personal Data Protection Officer.
Read more...

Personal Data Protection Officer - Advanced Level

 14 Hours

Purpose of the Training for Government

  • To acquire practical knowledge on performing the duties of an Inspector
  • To gain practical skills in conducting audits and assessing risks
  • To provide comprehensive understanding of new regulations for the processing of personal data
Read more...

Subject Access Requests (SARs)

 7 Hours
This instructor-led, live training in US (online or onsite) is designed for intermediate to advanced compliance officers, legal teams, and data protection professionals who aim to ensure their organization’s Subject Access Request (SAR) process is efficient, compliant, and risk-free. By the end of this training, participants will be able to: - Understand the legal framework governing SARs for government and private sector entities. - Process SARs efficiently while maintaining compliance with relevant regulations. - Identify exemptions and limitations under data protection laws. - Handle complex SAR scenarios, including those involving third-party data. - Implement best practices for SAR documentation and response to enhance transparency and accountability.
Read more...

Veritas Backup Exec Administration and Configuration

 10 Hours

Veritas Backup Exec is a comprehensive data protection solution designed for virtual, physical, and cloud environments.

This instructor-led, live training (available online or onsite) is targeted at intermediate-level IT infrastructure professionals who are responsible for configuring and managing Veritas Backup Exec to ensure secure, efficient, and reliable backup and recovery processes.

By the end of this training, participants will be able to:

  • Comprehend the architecture and features of Veritas Backup Exec.
  • Install and configure a robust backup solution using Backup Exec.
  • Create and manage backup and restore jobs effectively.
  • Develop foundational backup and recovery strategies.

Format of the Course

  • Interactive lectures and discussions.
  • Extensive exercises and practical activities.
  • Hands-on implementation in a live-lab environment.

Course Customization Options for Government

  • To request a customized training program tailored to specific needs, please contact us to arrange.
Read more...

Related Categories

Data Protection
Data Protection