What’s in the GDPR Compliance Programme?
This is a 12 module intensive practitioner led programme which takes your business through all the stages of compliance and also covers in depth, how to deal with breaches, DPIAs, SARs and other technical aspects surrounding GDPR and Data Protection. We cover PECR and its relationship with GDPR, the forthcoming changes and a post Brexit round up which will be updated as developments occur.
Why the Law Hound Group?
Here at the LH Group we have been advising business owners, boards, in house and freelance DPOs and solicitors on GDPR and Data Protection since the middle of 2017 and on Data Protection for 20 years before then. We have worked for over 5 years with Data Law – one of the leading providers of online CPD to solicitors. Since June of 2018 we have directly taught over 3500 students in over 115 countries via our eLearning programmes topics including GDPR, Cyber Crime and Data Protection.
Our programme is entirely practical and our course leaders support you throughout the process. Your course leaders are experienced data privacy professionals with years of experience of advising clients on the practical aspects of the law. This means all those multi faceted questions including contract law, employment Law, cyber law and complex situations that sit around GDPR can be answered for you without the need for multiple advisors.
In addition to being able to ask your questions when needed using the 10 support tickets you receive for in-depth personal advice, you can ask any further questions in our twice monthly Q and A live sessions.
How is the Programme Structured?
The programme takes you, through a video session, each week through the various steps needed to create a fully compliant system. Week by week you build up your knowledge and you can work at your own pace. The programme, once purchased is available for you to work through via self study, if you choose to work at a slower pace, or in real time if you want the intensive option. It’s flexible and accessible the way you need it.
The Introduction Module explains what personal data is, the background of data privacy and protection and the main areas of GDPR you will need to know.
Module 1 will tell you about compiling the Data Inventory using an audit and why it’s important that you complete it before you try to do anything else. You will be taken through examples of a Data Inventory, given resources to compile your own and any questions you have can be answered in the closed Facebook Group and/or live in the Q and A sessions which are held twice monthly.
Module 2 explains the 2nd stage of the audit, using the results of Stage 1. It will enable you to separate the data you hold which useful from that which has no use at all. We take you through the audit steps, how to verify the audit and retain records which support proof of compliance. We show you in the video examples of an audit and the types of data you will need to include.
Module 4 delves deeper into Legitimate Interest because businesses relying on this legal permission need to be aware of what it can be applied to and what it can’t.
Module 5 explains how data can be securely erased so that your records don’t resurface with examples, case studies and ‘how to’ guides to ask your suppliers about so you can check they have carried out what is needed. Example email text to send to suppliers to save you time is included in this module.
Module 6 examines why you need to match data access to specific job roles in order to maintain GDPR compliance and how that can be achieved.
Module 7 looks at the levels of technical protection appropriate to the quantity and types of personal data you process. There’s no reason to pay for protection features that you don’t need and will never use properly.
Module 8 introduces the impact GDPR will have on your HR processes, including how you handle information received from job applicants and other people who don’t work for you but whose information you will hold.
Module 9 deals with marketing – what needs to be in it and why, who it needs to be made available to and why it must be aligned with the ways you process personal data. This module also highlights the pitfalls that you’ll want to avoid when conducting marketing.
Module 10 DPIAs, LIAs, SARs, GDPR reviews, introduction to breaches and Data Management Policy. This module has multiple videos – one in each section and provides case studies, examples, documents and checklists to carry out ongoing compliance reviews and preparation for each aspect of GDPR maintenance of your compliance process. Easy reference guides and eLearning snap shots to share with your staff as needed.
Module 11 How to use, complete and review documents – we cover all the documents included in the programme, showing them individually with easy steps and guidance on how to complete them and advice on content inclusion.
Individual Rights Form – to be provided to anyone who wishes to exercise any of their data rights, such as to examine the information you hold about them, have you amend your records if they are incorrect and so on. Using the form ensures that you obtain the correct identifying information to prevent you from releasing personal data to the wrong person.
Data Sharing Pack – contains a checklist and clarification email when establishing data-sharing procedures.
Consent Guidelines – suggested terms to use when obtaining consent to use personal data for specific purposes.
Staff Training Record – GDPR requires a training record to be maintained for everyone in a business with responsibility for processing personal data in any form. This record must be retained as proof that training has taken place, the nature of the training and also the impact of the training in terms of effectiveness (either by a written statement by the person providing the training or the retention of quiz/questionnaire results).
Data Processing Agreement – to define, when dealing with suppliers, what personal data will be processed, for what purpose and the methods of processing necessary to achieve that purpose.
Data Breach Record – to enable you to properly maintain records of data breaches.
Data Breach Checklist – designed to help you to identify whether a data breach is reportable (to the ICO).
Update Information Service – because the data laws are likely to develop over time, we will keep you up to date on changes that are likely to affect your business for 12 months after the date of purchase.