Overview

Data protection legislation has had a significant impact on how organisations manage and respond to data subject access requests (SARs).

This virtual Complying with Data Subject Access Requests course has been specifically designed to help you to identify and manage SARs. Through a series of interactive workshops, gain hands on experience at understanding the latest legislation and ICO guidance on SARs; identifying and managing SARs, and applying the exemptions.

Key learning resources and information on identifying and managing SARS, applying the exemptions and requests for third party data will be distributed online across the course of the day.

There will be plenty of opportune moments for you to network, share resources and experiences with other delegates. Gain valuable contacts with other like-minded peers to create that invaluable SARs handling support network.

Unlocking the Power of Virtual

Our virtual courses have been designed with you in mind. From group exercises in breakout rooms to live chat, whiteboards and interactive polls, we use a range of tools and techniques to ensure that you can connect with your trainer; network and share best practice with your peers and leave the day with the skills you need.

Our courses provide you with an interactive and engaging learning environment that can be accessed from any location, helping you to continue to connect, learn and grow. Click here to discover more!

Please note we will use Zoom to deliver this training course.

trainer photo
Scott Sammons
FIIMA, AMIRMS, Cert.NLP

Scott is an experienced Information Governance (IG) Practitioner having worked in IG across both the public and private sectors for 10+ years and qualified in various subjects including Data Protection and Information Management.

Scott is now independent and owns Lighthouse IG working with a range of councils, government departments, charities and businesses looking to improve how they handle and make the most of their records and data.

As a volunteer Scott has also been Chair of the Information & Records Management Society (IRMS) for the last 3 years, leading the development of standards and resources for those ...

Read more

Learning Outcomes

  • Develop a thorough understanding of SARs requirements
  • Learn how to perfect SARs procedures
  • Understand how GDPR and the Data Protection Act 2018 impacts SARs
  • Gain an overview of the ICO’s right of access guidance 
  • Design a more effective SARs handling toolkit
All the Understanding ModernGov courses are Continuing Professional Development (CPD) certified, with signed certificates available upon request for event.

Enquire About In-House Training

To speak to someone about a bespoke training programme, please contact us:
0800 542 9414
InHouse@moderngov.com

Agenda

Collapse all
09:25 - 09:30

Registration

09:30 - 10:00

Virtual Ice Breaker and Clarification of Learning Objectives

10:00 - 10:45

Workshop I: Understanding Legislation and ICO Guidance on SARs

Gain a brief overview of Data Subjects Access Requests, under GDPR and Data Protection Act 2018.

  • Ascertain what the GDPR and DPA Act 2018 say about SARs
  • Gain a better understanding of the ICO’s right of access guidance
  • Learn how to reconcile conflicting legislation
  • Understand the reduced time frames
  • What personal information is covered
10:45 - 11:00

Morning Break

11:00 - 12:00

Workshop II: Identifying and Managing SARs

  • Ensure the subject access request is valid
  • Train your staff to identify a SAR
  • Prepare your staff to take a SAR through different mediums: phone, email, letter or form
  • Gain senior buy-in to ensure your organisation has effective procedures in place to manage SARs
  • Develop strategies to manage the increase of SARs
  • Learn the tools to verify the data subjects identity
  • Establish proof of authority
12:00 - 13:00

Workshop III: Applying the Exemptions

  • Understand the exemptions in the DPA Act 2018
  • Identifying and managing vexatious requests
  • Understand how to conduct a public interest test
  • Know what information to include in a refusal notice
  • Understand what tools are available for managing SARs
13:00 - 13:45

Lunch

13:45 - 14:00

Reflection Session

  • Trainer will review the day’s learning and the next stages of the course
  • Delegates will have time to ask questions and share views with one another
14:00 - 14:45

Workshop IV: Requests for Third Party Personal Data

How to deal with requests for personal data relating to third parties without harming individual’s rights.

  • Data protection considerations
  • The public interest factors
  • Sensitive personal data
  • Establish what information should never be disclosed
14:45 - 15:00

Afternoon Break

15:00 - 16:00

Workshop V: Design a SARs Handling Toolkit

  • The role of a Data Protection Officer in managing a SAR
  • Examine bad and best practice examples
  • Learn what information to include when responding to a SAR
  • Avoid data breaches by removing other individual’s data
  • Develop recording procedures to monitor the process of the SAR request
16:00 - 16:15

Key Takeaways and Roundup

Pricing

Central Government & Agencies - Virtual

Delegate Price
£345 + VAT

Local Government, Housing, Education & Health - Virtual

Delegate Price
£345 + VAT

Charity - Virtual

Delegate Price
£345 + VAT

Private Sector - Virtual

Delegate Price
£445 + VAT