Duration - half day

This course will cover the EU’s General Data Protection Regulation (GDPR) and the Data Protection Act 2018. The changes place greater obligations on organisations, with potential fines for breaches as high as €20 million or 4% of global turnover. Organisations need to act now to implement changes to their systems and procedures to ensure compliance.

Who is this course aimed at?

The Data Protection Act (DPA) 2018 integrates and enhances the General Data Protection Regulation (GDPR) which came into force on 25 May 2018. The change in emphasis from ‘best practice’ to ‘requirements’, greater consent from individuals, new rights such as the right to be forgotten, and other significant changes means that organisations will not only have to audit and update their processes and procedures but regularly review for continued compliance.

Payroll and HR data, procedures and systems will be directly affected, including where third party software or service providers are involved.

This course helps delegates understand, prepare for and maintain the changes so that they can help their organisations become, and continue to be, fully compliant.

Please note: Materials for this course will be made available via an online platform, however a selection of this materials will need to be printed off and brought with you on the day. Login details for the online platform will be sent to you 10 days before the course start date. If you have any problems or questions, please email admin@cipp.org.uk.

Who should attend?

Anyone with responsibility for the data collection and processing within their organisation.

Course content

  • The General Data Protection Regulation (GDPR)
  • Principles of the GDPR
  • Definitions of GDPR and DPA 2018 terms
  • Lawful processing
  • Rights of a data subject
  • Complying with GDPR and DPA 2018
  • Accountability and governance
  • Practical application of GDPR and DPA 2018
  • Actions to take and the different implementation tools available to use
  • Implications for payroll and HR
  • Maintaining compliance with GDPR and DPA 2018

Course content for webinar delivery is available.

Course aims

At the end of the course, you should be able to:

  • Enact the requirements of the Data Protection Act 2018
  • Apply the principles of the Data Protection Act 2018 to your organisation’s data processes
  • Identify who is accountable for key Data Protection Act 2018 tasks
  • Identify and implement the appropriate tool for a range of Data Protection Act 2018 tasks
  • Respond to a Subject Access Request correctly
  • Respond to a data breach within statutory timescales
  • Ensure your organisation maintains ongoing compliance with the Data Protection Act 2018


Booking information

Closing date for bookings is two weeks prior to the course date.

In-house delivery

The CIPP can offer in-house delivery on most training courses.

In-house delivery can be very attractive for organisations as they can train large numbers of employees* at a reduced rate, without the additional associated costs, such as travel and 'lost time'.

Click here for more information.

*Minimum number of delegates apply