Complying with Data Subject Access Requests - Understanding ModernGov

Available Dates

Date

Venue

Availability

Purchase
11 July, 2023

09:25 - 16:15

Virtual Using Zoom

Limited places available

View Price & Book

Overview

Data protection legislation has had a significant impact on how organisations manage and respond to data subject access requests (SARs).

This Complying with Data Subject Access Requests course has been specifically designed to help you to identify and manage SARs.

Through a series of interactive workshops, gain hands on experience at understanding the latest legislation and ICO guidance on SARs; identifying and managing SARs, and applying the exemptions.

There will be plenty of opportune moments for you to network, share resources and experiences with other delegates. Gain valuable contacts with other like-minded peers to create that invaluable SARs handling support network.

trainer photo

Information Governance Coach, MNLP, AMIRMS, MBCS, H-FIIM

Scott is an experienced and qualified practitioner & coach in the management and governance of information and data having worked and volunteered for 14+ years in the profession. Starting his career in Local Government, Scott has since worked across both the private and public sectors (both large and small) and gained experience, knowledge and/or qualifications working with information governance frameworks applicable in the UK, Ireland, Isle of Man, and wider European context. From 2016-2020 Scott was Chair of the Information and Records Management Society (IRMS) and now volunteers as their lead on professional development including Accreditation, Mentoring, Apprenticeships and ...

Read more

Run this Course In-House

Learning Outcomes

Develop a thorough understanding of SARs requirements
Learn how to perfect your SARs procedures
Understand how GDPR and the Data Protection Act 2018 impacts SARs
Gain an overview of the ICO’s right of access guidance
Design a more effective SARs handling toolkit

All the Understanding ModernGov courses are Continuing Professional Development (CPD) certified, with signed certificates available upon request for event.

Enquire About In-House Training

To speak to someone about a bespoke training programme, please contact us:

0800 542 9414
[email protected]

Contact us

Agenda

Collapse all

09:25 - 09:30

Registration

09:30 - 10:00

Trainer’s Welcome and Clarification of Learning Objectives

10:00 - 10:45

Workshop I: Understanding the Latest Legislation on SARs

Gain a brief overview of Data Subjects Access Requests, under GDPR and Data Protection Act 2018.

Ascertain what the GDPR and DPA Act 2018 say about SARs
Gain a better understanding of the ICO’s right of access guidance
Learn how to reconcile conflicting legislation
Understand the reduced time frames
What personal information is covered

10:45 - 11:00

Morning Break

11:00 - 12:00

Workshop II: Identifying and Managing SARs

Ensure the subject access request is valid
Train your staff to identify a SAR
Prepare your staff to take a SAR through different mediums: phone, email, letter or form
Gain senior buy-in to ensure your organisation has effective procedures in place to manage SARs
Develop strategies to manage the increase of SARs
Learn the tools to verify the data subjects identity
Establish proof of authority

12:00 - 13:00

Workshop III: Applying the Exemptions

Understand the exemptions in the DPA Act 2018
Identifying and managing vexatious requests
Understand how to conduct a public interest test
Know what information to include in a refusal notice
Understand what tools are available for managing SARs

13:00 - 13:45

Lunch

13:45 - 14:00

Reflection Session

Trainer will review the day’s learning and the next stages of the course
Delegates will have time to ask questions and share views with one another

14:00 - 14:45

Workshop IV: Requests for Third Party Personal Data

How to deal with requests for personal data relating to third parties without harming individual’s rights.

Data protection considerations
The public interest factors
Sensitive personal data
Establish what information should never be disclosed

14:45 - 15:00

Afternoon Break

15:00 - 16:00

Workshop V: Design a SARs Handling Toolkit

The role of a Data Protection Officer in managing a SAR
Examine bad and best practice examples
Learn what information to include when responding to a SAR
Avoid data breaches by removing other individual’s data
Develop recording procedures to monitor the process of the SAR request

16:00 - 16:15

Feedback, Evaluation & Close

Testimonials

“Lynn's approach to teaching this subject was ideal, I particularly appreciated her openness about challenges we all face as DPO's and her willingness to work collaboratively with delegates in her offering to point us towards helpful materialsto support our work. I really enjoyed the course and found it extremely helpful for my ongoing development as a DPO"

Excelling in the Role of a Data Protection Officer Quality and Compliance Officer, Ark Housing Association

“I really enjoyed the course. To be honest, I had been slightly concerned about participating in a full day’s course remotely, especially as I had never used Zoom before, but the trainer was excellent and put everyone at their ease and was knowledgeable and engaging. I found the material really interesting and the time flew by! I really liked the mix of whole group learning and break out groups.”

Excelling in the Role of a Data Protection Officer Learning and Development Officer, Intellectual Property Office.

It was a fun course to take part in. There was a lot of information given, and it was done in an engaging way with lots of interactivity, even over Zoom. I really enjoyed the course and learned lots from it.”

Excelling in the Role of a Data Protection Officer Internal Quality and Improvement Officer, Social Work England

“This is a very useful course. The presentation was clear and informative. The presenter was very knowledgeable and approachable.”

Creating Data Protection Impact Assessments Disclosure Officer, South Wales Police

Very interesting and knowledge speaker who provided practical examples of how to apply DPA/GDPR in practice

Creating Data Protection Impact Assessments Development and Support Service Manager, East Lancashire Hospice

“The effective data impact assessments course was really engaging and interesting covering a range of topics from the legal understanding required to complete the assessments to the method thought process required to do so.”

Creating Data Protection Impact Assessments Data Analyst, Health and Safety Executive

"An excellent and informative course delivered by knowledgeable presenters. I recommend it!"

A Guide to Successful Information and Records Management Agency Records Officer, Vehicle Certification Agency

"This course provides a good combination of general theory and very practical, experience based advice; really adding value to your day to day activities if you work with records management.”

A Guide to Successful Information and Records Management GDPR Protect Manager, DataAI

"A very well put together course which covered all aspects of records management you could possibly want!"

A Guide to Successful Information and Records Management Departmental Records Officer, Natural England

"Excellent location and venue. Course was very informative, excellent clear speakers with an excellent understanding of their subjects."

A Guide to Successful Information and Records Management Corporate Governance Implementation Manager, North West Anglia NHA Foundation Trust