Personal Data Breaches and Subject Access Requests under the GDPR

***Note: Pricing is ex VAT***

Course Description

Personal data breaches are much more strictly regulated under GDPR. Non-compliance constitutes a serious violation and carries significant fines, in addition to potentially causing considerable reputational damage to your business. Under GDPR, individuals will also benefit from increased rights to request and access personal data from any company holding such data about them. These two areas should be a priority focus for companies seeking to become GDPR compliant.

This course covers the new personal data breach notification regime and subject access request requirements introduced by GDPR and aims to provide practical guidance on how to manage these effectively.

Who is this course for?

This course is suitable for small business owners, Data Protection Officers and other employees with responsibility for managing personal data breaches and subject access requests.

Topics covered in this course:

Data breaches

• Basic data security principles – prevention is always better than cure
• Data Breach Defined under GDPR
• Types of breaches
• Personal Data Breach Management - Controller & Processor responsibilities
• Breach Reporting
• Assessing Risk
• Information to Report (Supervisory Authority & Individuals impacted)
• Next Steps - Breach Management Plan & Planning for Disclosure

Subject Access Requests

• Key Definitions
• Additional information for Data Subjects
• Responding to a Subject Access Request
• Subject Access Requests and Third Party Data
• Subject Access Request Process - key stages
• Record Management
• Next Steps – Where to start

Course Duration: 45 minutes