COURSES > DATA COMPLIANCE

Bespoke Training: Complying with Data Subject Access Requests

Managing Requests for Personal Data

Overview

A data subject access request (SAR) is a legal right for individuals to access the information that an organisation holds about them.

Recent data protection legislation has had a significant impact on how organisations manage and respond to data subject access requests (SARs). The abolition of the £10 administration fee, reduced timescale for responding to a SAR, and higher fees for not complying; all pose significant challenges to how organisations manage SARs.

This Complying with Data Subject Access Requests course has been specifically designed to help you to identify and manage SARs. Through a series of interactive workshops, gain hands-on experience at understanding the latest legislation on SARs; identifying and managing SARs, and applying the exemptions.

Book this group training session for your teams (available online and bite-size sessions) and take back a SARs handling toolkit to ensure that you and your organisation successfully comply and respond to a SAR.

Learning Outcomes

  • Develop a thorough understanding of SARs requirements

  • Learn how to perfect SARs procedures

  • Understand how GDPR and the Data Protection Act 2018 impacts SARs

  • Embed effective SARs procedures within your organisation

  • Design a more effective SARs handling toolkit



All the Understanding ModernGov courses are Continuing Professional Development (CPD) certified,
with signed certificates available upon request for event.


Enquire About In-House Training

To speak to someone about a bespoke training programme, please contact us:

0800 542 9414
InHouse@moderngov.com



Agenda

09:15 - 09:45 Registration

09:45 - 10:00 Trainer’s Welcome and Introductions

10:00 - 10:45 Workshop I: Understanding the Latest Legislation on SARs

Gain a brief overview of Data Subjects Access Requests, under GDPR and Data Protection Act 2018.

  •  Ascertain what the GDPR and DPA Act 2018 state about SARs

  • Learn what has changed from DPA 1998

  • Understand the difference between SARs and FOI requests

  • Understand what is covered by SARs – what is personal data?

10:45 - 11:00 Morning Break

11:00 - 12:00 Workshop II: Identifying and Managing SARs

  • Ensure the subject access request is valid

  • Train your staff to identify a SAR

  • Prepare your staff to take a SAR through different mediums: phone, email, letter or form

  • Gain senior buy-in to ensure your organisation has effective procedures in place to manage SARs

  • Develop strategies to manage the increase of SARs

  • Learn the tools to verify the data subjects identify

  • Establish proof of authority

12:00 - 13:00 Workshop III: Applying the Exemptions

  • Understand the exemptions in the Data Protection Act 2018

  • Know when exemptions apply to SARs

  •  Learn what should be included in responses when refusing requests

13:00 - 14:00 Lunch

14:00 - 14:45 Workshop IV: Requests for Third Party Personal Data

How to deal with requests for personal data relating to third parties without harming individuals’ privacy.

  • The Third party data exemption

  • Obtaining consent from third parties

  • Deciding whether it is reasonable to disclose data

  • Data about children and families

14:45 - 15:00 Afternoon Break

15:00 - 16:00 Workshop V: Design a SARs Handling Toolkit

  • The role of a Data Protection Officer in managing a SAR

  • Examine bad and best practice examples

  • Learn what information to include when responding to a SAR

  • Avoid data breaches by removing other individual’s data

  • Develop recording procedures to monitor the process of the SAR request

16:00 - 16:15 Feedback, Evaluation and Close

Become Part of the Understanding ModernGov Community