Overview

This essential course equips UK managers with practical knowledge to handle data protection responsibilities confidently. Building on foundational GDPR awareness, you'll learn manager-specific duties including responding to data breaches and Subject Access Requests, determining lawful bases for processing, and managing your team's compliance in remote working environments. Through real-world scenarios and expert guidance, you'll develop the skills to make sound data protection decisions that protect both individuals and your organisation.

Objectives

At the end of the course, trainees will be able to:

• Explain your legal duties as a manager under the UK GDPR and Data Protection Act 2018, including the six data protection principles and potential penalties of up to £17.5m or 4% of annual turnover
• Identify and manage high-risk data processing activities including Subject Access Requests (SARs), data breaches requiring ICO notification within 72 hours, and remote working security requirements
• Apply a risk-based approach to data protection decision-making, from implementing technical safeguards to responding to incidents and ensuring team compliance