General Data Protection Regulation (GDPR)
This course gives an overview of the General Data Protection Regulation (GDPR), how to comply and the penalties for non-compliance.
Why take this course?
This online course covers the key purposes of the General Data Protection Regulation (GDPR) providing learners with an overview of the legislation, what they must do to comply with it and the penalties for non-compliance. These penalties can be substantial and the GDPR states smaller offences could result in fines of up to €10 million or two per cent of a firm's global turnover (whichever is greater). For more serious offences this can lead to fines of €20 million or four percent of turnover.
The General Data Protection Regulation (GDPR) law empowers people to gain full control of their personal data and creates a standardised level of data protection throughout the EU, with a view to influence and maintain responsible data practices on a global scale. This strengthening of data protection rules within the EU covers personal data such as names, addresses, phone numbers, email and IP addresses, etc. The GDPR has also added requirements for documenting IT procedures, performing risk assessments, notifying consumers and authorities if there is a breach, improved rules minimising the collection of personal data and its deletion when no longer necessary. It also increases control over the transfer of personal data outside the EU.
The course is aimed at decision makers and managers within an organisation who are responsible for planning, implementing and managing the handling of data and associated processes.
The online materials include quizzes and exercises to help reinforce learning. There is also an online assessment to test students' understanding of the topic on completion of the course.
What you will experience
Units one and two in this e-learning course cover the key purposes of the legislation providing learners with an overview of the General Data Protection Regulation (GDPR), what they must do to comply with the legislation and the penalties for non-compliance. It is aimed at the decision makers and managers within an organisation who are responsible for planning, implementing and managing the handling of data and associated processes.
Units three and four include a definition of ‘personal data’ and cover the new rights for individuals introduced by the GDPR and how the GDPR strengthens some of the rights that existed under the old Data Protection Act (DPA).
The online materials include quizzes and exercises to help reinforce learning. There is also an online assessment to test students’ understanding of the topic on completion of the course.
Unit 1 – Introduction to the GDPR
- Understanding what the General Data Protection Regulation (GDPR) is and why it was implemented
- What Data Processors and Data Controllers are
- The reasons for establishing and documenting a lawful basis for processing personal data
- The importance of Data Processing Agreements
- The purpose of Privacy Impact Assessments (PIAs)
- The role of a Data Protection Officer (DPO)
Unit 2 – Complying with the GDPR
- What needs to be done to comply with the GDPR
- The importance of reviewing personal data collection processes
- Handling requests for data and understanding what data portability is
- Recognising when a data breach has occurred and following the correct data breach notification procedures
- The penalties for non-compliance with the GDPR
- The importance of privacy by design and default
Unit 3 – The Rights of Individuals – Part 1
- The definition of ‘personal data’
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
Unit 4 – The Rights of Individuals – Part 2
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
This course will require you to manage your workload independently, without tutor support.
Previous knowledge or experience would be of benefit but is not essential.
What you will need
Students must have access to a computer with a broadband internet connection.
What you need to know
This is a Distance Learning course which means you can study at home, in the workplace or wherever you choose at times that are convenient for you. You do not have any classes to attend. The materials for this course are provided as webpages for you to work through online. As you progress through the course materials you will find explanations of each feature, followed by practical exercises.
Please note that fee waivers or funding do not apply for this course.
For more information about job opportunities, salaries and employment rates in this industry, visit the Career Coach website.
|5 Hours over 1 Month||£30.00||
|Paper applications only|
You must submit a paper application form for this course and return it to us completed and signed.
Completed forms should be returned to the following freepost address:
The Student Information & Admissions Manager
North East Scotland College
Aberdeen City Campus
UK AB25 1BN
Should you have any problems with your application, please contact the Student Advice Centre:
Telephone: 01224 612330
If you take up a place on a College course, at the start of the course you will be asked to sign an enrolment form. In signing the form and/or taking up a place on a College course, you will enter into a contract with the College and be bound by the North East Scotland College Standard Terms and Conditions of Study. Copies of the Terms and Conditions are available for inspection on notice boards and at various locations throughout the College, at the College Reception, on the College website: www.nescol.ac.uk, or can be obtained on request from the Student Funding and Admissions Manager, North East Scotland College, Aberdeen City Campus, Gallowgate, Aberdeen AB25 1BN. Please note that courses are offered subject to (a) there being sufficient numbers of enrolments and (b) the availability of resources. The College reserves its right (i) not to run courses where the number of students is considered insufficient or where resources are unavailable and (ii) in certain circumstances, to refuse admission to an individual applicant.