COURSES > DATA COMPLIANCE

Complying with Data Subject Access Requests

Managing Requests for Personal Data

Previously Chaired by
Scott Sammons

Sorry, we don’t have any upcoming dates available for individuals.

All of our training courses can be tailored specifically for your team or organisation and presented at your offices, at another suitable location or virtually.


Overview

Data protection legislation has had a significant impact on how organisations manage and respond to data subject access requests (SARs).

This Complying with Data Subject Access Requests course has been specifically designed to help you to identify and manage SARs.

Through a series of interactive workshops, gain hands on experience at understanding the latest legislation and ICO guidance on SARs; identifying and managing SARs, and applying the exemptions.

There will be plenty of opportune moments for you to network, share resources and experiences with other delegates. Gain valuable contacts with other like-minded peers to create that invaluable SARs handling support network.


Information Governance Coach,
MNLP, AMIRMS, MBCS, H-FIIM

Scott is an experienced and qualified practitioner & coach in the management and governance of information and data having worked and volunteered for 14+ years in the profession. Starting his career in Local Government, Scott has since worked across both the private and public sectors (both large and small) and gained experience, knowledge and/or qualifications working with information governance frameworks applicable in the UK, Ireland, Isle of Man, and wider European context. From 2016-2020 Scott was Chair of the Information and Records Management Society (IRMS) and now volunteers as their lead on professional development including Accreditation, Mentoring, Apprenticeships and ...


Scott Sammons


Learning Outcomes

  • Develop a thorough understanding of SARs requirements

  • Learn how to perfect your SARs procedures

  • Understand how GDPR and the Data Protection Act 2018 impacts SARs

  • Gain an overview of the ICO’s right of access guidance

  • Design a more effective SARs handling toolkit






All the Understanding ModernGov courses are Continuing Professional Development (CPD) certified,
with signed certificates available upon request for event.


Enquire About In-House Training

To speak to someone about a bespoke training programme, please contact us:

0800 542 9414
InHouse@moderngov.com



Agenda

09:25 - 09:30 Registration

09:30 - 10:00 Trainer’s Welcome and Clarification of Learning Objectives

10:00 - 10:45 Workshop I: Understanding the Latest Legislation on SARs

Gain a brief overview of Data Subjects Access Requests, under GDPR and Data Protection Act 2018.

  • Ascertain what the GDPR and DPA Act 2018 say about SARs

  • Gain a better understanding of the ICO’s right of access guidance

  • Learn how to reconcile conflicting legislation

  • Understand the reduced time frames

  • What personal information is covered

10:45 - 11:00 Morning Break

11:00 - 12:00 Workshop II: Identifying and Managing SARs

  • Ensure the subject access request is valid

  • Train your staff to identify a SAR

  • Prepare your staff to take a SAR through different mediums: phone, email, letter or form

  • Gain senior buy-in to ensure your organisation has effective procedures in place to manage SARs

  • Develop strategies to manage the increase of SARs

  • Learn the tools to verify the data subjects identity

  • Establish proof of authority

12:00 - 13:00 Workshop III: Applying the Exemptions

  • Understand the exemptions in the DPA Act 2018

  • Identifying and managing vexatious requests

  • Understand how to conduct a public interest test

  • Know what information to include in a refusal notice

  • Understand what tools are available for managing SARs

13:00 - 13:45 Lunch

13:45 - 14:00 Reflection Session

  • Trainer will review the day’s learning and the next stages of the course

  • Delegates will have time to ask questions and share views with one another

14:00 - 14:45 Workshop IV: Requests for Third Party Personal Data

How to deal with requests for personal data relating to third parties without harming individual’s rights.

  • Data protection considerations

  • The public interest factors

  • Sensitive personal data

  • Establish what information should never be disclosed

14:45 - 15:00 Afternoon Break

15:00 - 16:00 Workshop V: Design a SARs Handling Toolkit

  • The role of a Data Protection Officer in managing a SAR

  • Examine bad and best practice examples

  • Learn what information to include when responding to a SAR

  • Avoid data breaches by removing other individual’s data

  • Develop recording procedures to monitor the process of the SAR request

16:00 - 16:15 Feedback, Evaluation & Close

  • Effective Report Writing, Senior Engineering Specialist, Eastleigh Borough Council

    “This course provided an excellent understanding of how to write effectively and why it is important to do so.”

  • Effective Proofing and Editing Skills: Senior Events Officer, King's College London

    “I would really recommend the course. Sue is a fantastic trainer and the day passed by far too quickly. Lots of helpful resources to take away, also very impressed with the smooth transition to online learning. Thank you!

  • Effective Data Visualisation: Corporate Performance Management Officer, Carmarthenshire County Council

    “I have learned a great deal with many tips and ideas to enable to improve the authority’s reports”

  • Effective Business Process Mapping: Internal Quality and Improvement Officer, Social Work England

    “It was a fun course to take a part in. There was a lot of information given, and it was done in an engaging way with lots of interactivity, even over zoom. i really enjoyed the course and learned lots from it.”

Become Part of the Understanding ModernGov Community