GDPRINTRO – Introduction to GDPR

Enquire/Book this course

  • This field is for validation purposes and should be left unchanged.
Print this page
  • Duration: 1 Day
  • Price per delegate: £395.00 +VAT

Trained over 60000 delegates

Course delivered by industry expert instructors

Highly competitive pricing

General Data Protection Regulation


1 day



Course Overview

This course gives an introduction to the EU General Data Protection Regulation (GDPR), which has been enforced since the 25th May 2018.  You should already have undertaken significant preparation for this major change in data protection law with its massive potential penalties.  If not, then this course will allow to make a start … and this is what could be demanded by the Information Commissioner.

While many details remain to be clarified there is a great deal which is clear, enabling preparations to be made.  The Information Commissioner has emphasised that the Regulation will be enforced and that reasonable preparations must be made!

Find out the main obligations of the GDPR and formulate an action plan.  Topics covered will include: principal definitions, data protection principles, consent, privacy notices, privacy impact assessments, data protection officers, data processors, international transfers, enforcement, data security and breaches, the Data Protection Act 2018.

This course can be adapted to the needs of clients by, for example, including issues around direct marketing.

Learning outcomes:

  • To understand the key terminology, principles, obligations and rights specified in the GDPR
  • To understand the role of the Information Commissioner’s Office under the GDPR, the enforcement options available and steps which may be taken to mitigate enforcement
  • To be aware of the current official guidance concerning the GDPR
  • To prepare an action plan for GDPR compliance

Course Outline


  • protection
  • GDPR, scope data and Brexit
  • Principal definitions

Data Protection Principles

  • 7 principles
  • Legal basis for processing
  • consent

International Transfers

  • adequacy
  • appropriate safeguards
  • binding corporate rules
  • derogations
  • Privacy Shield

Data Subject Rights

  • access
  • rectification
  • erasure
  • object
  • restriction
  • portability
  • automated decisions

Security and Breach Reporting

  • appropriate measures
  • risk
  • encryption
  • breach management

Data Processors

  • obligations
  • contracts

Data Protection Officers

  • who needs one?
  • eligibility
  • duties

Data Protection by Design

  • Data Protection by Default
  • Data Protection Impact Assessments

The Accountability Principle

  • documentation
  • more documentation!


  • the ICO
  • penalties
  • consistency

The Data Protection Act 2018 – the main points

Preparing an action plan