Let’s make it work for you
Certified Data Protection Foundation (GDPR)
From £1,715 + VAT
Interested in this course? Check out when this course is running and get in touch
Overview
This two-day foundation course will provide a practical guide to Data Protection (GDPR) & Privacy Legislation, Information Governance and Data Protection (GDPR) implementation.
Data protection law requires, the appointment of a Data Protection Officer (DPO) for some controllers and processors, including those in the public sector. The obligations for this challenging role will require insight into threats and risks to personal data, data breach management, data protection by design and default principles, privacy compliance, and the legal spectrum of the GDPR.
This course is suitable for data protection officers, HR Professionals, compliance officers, auditors, IT & security Professionals requiring a sound knowledge of the key elements of the data protection law. There is no exam in the two-day course, those wishing to embrace the challenge of the independent exam will need to take the follow-on Certified Data Protection Practitioner course (QACDPP).
Prerequisites
There are no prerequisites for this course.
Target audience
This Data Protection Foundation (GDPR) course is primarily aimed at professionals working with IT, Risk, Security, Governance and Compliance roles across public and private sectors. It is also aimed at Human Resources and Marketing Professionals, Product Owners, Business Analysts and Project Managers. It is also the recommended prerequisite for the Data Protection Practitioner (GDPR) course.
Delegates will learn how to
By the end of this course, learners will:
- understand why privacy is important and how it relates to data protection.
- have a good understanding of the data protection principles and individual rights.
- have an in-depth understanding and knowledge of GDPR (UK and EU).
- be able to locate important articles and recitals when necessary.
Outline
Module 1: Introduction to Data Protection and Privacy
By the end of the module, learners will understand:
- the drivers for privacy and data protection.
- the data protection framework and guiding principles (UK & EU).
- understand key definitions.
- Introduction to privacy & electronic communications.
Module 2: Data Protection (GDPR) Fundamentals and Principles
By the end of this module, learners will:
- understand what GDPR covers.
- understand the territorial and material scope of GDPR.
- have a good understanding of GDPR definitions used throughout the regulation.
- understand how data protection principles under GDPR.
- understand how accountability is defined under GDPR.
- understand what constitutes valid consent and why implicit consent is no longer compliant.
- understand the requirements for processing special category personal data under GDPR.
Module 3: Data Protection (GDPR) Rights of the Data Subject
By the end of this module, learners will:
- understand data subjects’ rights under GDPRs.
- be able to understand when restriction of processing should be applied and what that entails for an organisation.
- understand the obligations on controllers and processors to facilitate data subjects’ rights.
Module 4: Data Protection (GDPR) Controllers and Processors
By the end of this module, learners will:
- understand the obligations on controllers.
- understand what DP by design and default requires.
- understand what obligations processors must comply with
- understand the record keeping requirements that are obligated or best practice.
- have an awareness of the obligation to keep personal data secure.
- be able to describe the role and responsibilities of the Data Protection Officer.
- be aware of the breach reporting requirements.
Module 5: GDPR International Transfers
By the end of this module, learners will:
- understand the difference between EU data transfers, UK data transfers, and those to 3rd countries or international organisations.
- understand the obligations on controllers where adequacy decisions are not in place.
- understand the appropriate safeguards required for international transfers.
Module 6: GDPR Remedies, Liabilities, and Penalties
By the end of this module, learners will:
- have a good understanding of the different penalty regimes.
- be able to identify which breaches fall into the higher penalty regime and which fall to the lower regime.
- understand that other penalties and remedies may be incurred in cases of a breach.
Module 7: GDPR Supervisory Authorities, Cooperation, and Specific Situations
By the end of this module, learners will:
- be aware of the Supervisory Authority powers.
- understand specific provisions for other processing.
Module 8: Privacy in the workplace CCTV & Surveillance
By the end of this module, learners will:
- understand privacy in the workplace.
- discuss the link to CCTV & Surveillance.
Exams and assessments
There is no exam included in this foundation course. Learners seeking certification can progress to the Certified Data Protection Practitioner course, which prepares participants for an independent examination.
Hands-on learning
Learners participate in discussions, review questions, and practical reviews of GDPR concepts to reinforce understanding of rights, responsibilities, and compliance requirements. The course emphasises the application of legislative principles to real organisational contexts.
NCSC Assured Training
Continuous Professional Development (CPD)
CPD points can be claimed for NCSC assured training courses at the rate of 1 point per hour of training for NCSC assured training courses (up to a maximum of 15 points).
Related courses
Cyber Security learning paths
Want to boost your career in cyber security? Click on the roles below to see QA's learning pathways, specially designed to give you the skills to succeed.
Privacy Professional learning path
Want to boost your career as a Privacy Professional? View QA's learning pathway below, specially designed to give you the skills to succeed.
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course.
Once you have purchased the Online course and have completed your registration, you will receive the necessary details to enable you to immediately access it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.
Let's talk
A member of the team will contact you within 4 working hours after submitting the form.