Data Protection - Updated for the GDPR

Emphasising the importance of processing information effectively, securely and according to set policies and procedures.


Why take this course?

This e-learning course is intended to emphasise the importance of processing information effectively, securely and according to set policies and procedures.

Learners will explore the different ways in which they process data through the course of their work and identify the reasons why it must be handled and managed correctly. They will also be given the opportunity to familiarise themselves with, and gain a better understanding of, the guidelines, policies and legal requirements in place which set out how information must be governed in their workplace.

The online materials include quizzes and exercises to help reinforce learning. There is also an online assessment to test students’ understanding of the topic on completion of the course.

What you will experience

Unit 1 — An Introduction to Information Governance

This unit emphasises the importance of building and maintaining an effective information governance framework. After completing this unit learners will understand that organisations handling personal information belonging to service users and personnel must handle it securely and appropriately at all times and have a clear management accountability structure in place. The unit goes on to inform learners what their responsibilities are under the General Data Protection Regulation (GDPR), Freedom of Information Act and Caldicott principles.

Unit 2 — The Legal Framework

This unit explains how to comply with various legal requirements as stipulated by the Information Commissioner's Office (ICO). After completing this unit, learners will understand the definition of 'personal data' and how the legal framework affects the way organisations handle and manage this type of information.

Unit 3 — Maintaining Confidentiality

This unit helps learners focus on how they can contribute to maintaining confidentiality during the course of their everyday work. Learners will look at:

  • What makes information confidential
  • How staff can safeguard against breaching confidentiality and consider the consequences of people failing to comply with the policies and procedures in place
  • The purpose of a Confidentiality Statement

Unit 4 — Information Security and Communication Policy

The purpose of this unit is to help learners familiarise themselves with their organisation's Information Security and Communication Policy. The unit explains why all staff need to understand and comply with its requirements and that failure to do so could lead to disciplinary action.

Topics covered include:

  • The purpose and requirements of an Information Management Policy
  • Responsibilities in relation to information governance
  • Definitions of the terms 'confidential', 'personal' and 'sensitive' in relation to data
  • The purpose and requirements of the GDPR (General Data Protection Regulation) & the Freedom of Information Act 2000
  • What is meant by 'processing' data
  • The rights of clients/customers according to the GDPR
  • An introduction to and explanation of the Caldicott principles
  • The purpose and content of an organisation's Confidentiality Statement and Information Security and Communication Policy and the consequences of failing to comply with them
Student writing

Key facts

Mode of study
Distance Learning
Method of study

This course will require you to manage your workload independently, without tutor support.

Entry requirements

Previous knowledge or experience would be of benefit but is not essential.

What you will need

Students must have access to a computer with a broadband internet connection.

What you need to know

Anything else?

This is a Distance Learning course which means you can study at home, in the workplace or wherever you choose at times that are convenient for you. You do not have any classes to attend. The materials for this course are provided as webpages for you to work through online. As you progress through the course materials you will find explanations of each feature, followed by practical exercises.

Fee Waivers

Please note that fee waivers or funding do not apply for this course.

Next steps



For more information about job opportunities, salaries and employment rates in this industry, visit the Career Coach website.


Duration Fees Code
5 Hours over 1 Month £30.00
Paper applications only

Paper applications

You must submit a paper application form for this course and return it to us completed and signed.

Completed forms should be returned to the following freepost address:

The Student Information & Admissions Manager
North East Scotland College
Aberdeen City Campus

Should you have any problems with your application, please contact the Student Advice Centre:

Telephone: 01224 612330

If you take up a place on a College course, at the start of the course you will be asked to sign an enrolment form. In signing the form and/or taking up a place on a College course, you will enter into a contract with the College and be bound by the North East Scotland College Standard Terms and Conditions of Study. Copies of the Terms and Conditions are available for inspection on notice boards and at various locations throughout the College, at the College Reception, on the College website:, or can be obtained on request from the Student Funding and Admissions Manager, North East Scotland College, Aberdeen City Campus, Gallowgate, Aberdeen AB25 1BN. Please note that courses are offered subject to (a) there being sufficient numbers of enrolments and (b) the availability of resources. The College reserves its right (i) not to run courses where the number of students is considered insufficient or where resources are unavailable and (ii) in certain circumstances, to refuse admission to an individual applicant.