TRAINING: Face to Face & Online;
We have brought together a range of specialist partners and services to help organisations get training and support for data privacy and cyber awareness. This can be delivered a number of ways from classroom environments, workshops, and also E Learning which can be taken at your convenience.

Your staff play a vital part in the running of your organisation but they can also be a weak link when it comes to data privacy. They can even be a target for cyber criminals too. Do you understand how to identify risk? Do your staff? Do you have your business processes documented? Do your staff actually follow your processes? Talking with a specialist to help you think about and identify flaws in your processes so that you can address them. Sessions available on site, on line via video link, and also our e learning platforms. Please ask for details.

Following on from our successful series of GDPR Express sessions, HM Network and Sytorus are pleased to announce we are hosting a summarised version of the Data Protection Primer Course for team leaders and / or Data Protection Officers (DPOs).

These full day sessions includes a detailed run through of Data Protection (DP) legislation. We will provide the same manual given to the attendees of the 2 day Data Protection Primer course. The intention of this course, is to provide clear understanding of the practical expectations required from staff who process personal data, and to help embed the concept of best practice / culture within their day to day behaviours.

The course is offered to nominated DPOs, or staff supporting officers in this role (normally team leaders). The objective is to provide an overview of the new General DP Regulation, and to offer pragmatic suggestions on how to prepare for compliance with the new legislation. Candidates are typically nominated DPO or Program Leader for their own organisations, and are already familiar with the challenges of implementing compliant data management solutions under the 1995 Data Protection Directive.

Co-Requisite Topics
Candidates should also have a good understanding of their own organisation’s data processing activities, through the life cycle from initial acquisition, through the various areas of processing and usage, to eventual removal or destruction.

Number of days: 1

Subject Aims;
To provide the candidate with the basic overview of current General Data Protection Regulation and to outline pragmatic suggestions on organisational, technological and procedural solutions to ensure compliance under the new Regulation.

On completion of this module candidates will have the following learning outcomes:

Overview of Regulation
L1.1 Review the core principals of the General Data Protection Regulation (GDPR)
L1.2 Understand newly-defined terms and concepts relevant to the DPO

DPO Role and responsibilities 
L2.1 Understand the tasks set out for the DPO
L2.2 Understand the practical implications of the Principles and Rights contained within the Regulation

Internal Data Management Processes Supporting
L2.3 Understand the obligations for the Data Controller and Processor under the Regulation
L3.1 Consider the requirement regarding Privacy Impact Assessments
L3.2 Third-party Contracts and shared liability
L3.3 Logging of data management processes
L3.4 Data Breach Notification obligations
L3.5 Restrictions regarding overseas transfer of personal data
L4.1 Preparing for the ‘Right to be Forgotten’
L4.2 Implementing ability to enable restriction of processing
L4.3 Enabling the Data Subject to object to certain processing
L4.4 Implement processes to amend or erase inaccurate data
L4.5 Preparing to enable data portability
L4.6 Enabling the Data subject’s right to access their personal data
L4.7 Review of automated decision-making and profiling

Document Templates
L5.1 Prepare templates for Data Management Logs
L5.2 Embedding Breach Notifications procedures
L5.3 Review of data management policies and procedures

Planning and Preparation
L6.1 Planning for implementation of GDPR
L6.2 Nomination of Data Protection ‘Champions’
L6.3 Adoption of appropriate Codes of Conduct, Certification
L6.4 Consideration of suitable tools and systems
L6.5 Available support mechanisms

Assessment Criteria

There is no exam accompanying this module.

HM & Sytorus will follow up with Candidates in the weeks following the course to ensure that they are comfortable with the requirements of the Regulation

Required Reading
Sytorus summary of GDPR key principles – circulated to candidates on registration for the course

Course Material
Sytorus Slide Deck. These will be handed out to each candidate following the course

Supplementary Reading
General Data Protection Regulation – final published draft 2016

EU Data Protection Directive 95/46/EC
EU Electronic Communications Regulation, 2002
Article 29 Working Party definitions (Personal Data, Data Controller)

This training can be delivered in two ways.

A) for up to 15 people at your business premises or at specified venue

B) in a shared learning environment for up to 15 people from different organisations

What next?
To register your interest please contact us on 03333 444 190 or email

Contact us