Call to book: 01983 861133

GDPR Planning and Preparation for Employers

Approx. 7.5 hours

GDPR implementation came in to force on the 25th May 2018. This has huge impacts on employers and has affected all organisations no matter what size. As employers, it is imperative that your policy and procedures are legally watertight and ICO compliant, as a failure to do this can have serious punitive financial and reputational consequences.

Click here to make an enquiry

This training provides in-depth hands-on practical advice and strategy to ensure you receive all the essential information you require to become compliant.

What this course offers:

  • A practical action plan to write, implement and embed your GDPR policy company-wide
  • An understanding of the implications and impact of GDPR on your organisation
  • Effective strategies to plan and manage a comprehensive audit of your current position
  • A thorough overview of the legal issues involved, implications to your organisation and how to ensure compliance
  • Key areas your policy must cover in order to make it workable

We will tailor the course to suit your organisation's needs. This is a preliminary outline to give you a taste of what we typically offer when delivering this course in-house. After an in-depth discussion between your organisation and the trainer, we will develop a course outline which meets the specific needs of your team. 

We can also deliver this course virtually, or as webinar modules.

Click here to make an enquiry

Which functions will benefit from attending

  • HR, Pay Roll, HR Operations and Admin, Security and Compliance, HR Information Services Management

Schedule

Welcome and review of learning objectives for the day

LEGAL

  • GDPR: evolution, not revolution
  • The Cornerstones of the GDPR: Governance and Accountability
  • GDPR Principles
  • Lawful grounds for processing personal data & special categories of personal data
  • Enforcement action (not just fines)! Regulatory audits, restrictions on processing, compensation, reputational risk, tiered-fines & class-actions.
  • GDPR: Notices

PRACTICAL IMPLICATIONS AND DATA AUDITS

  • New requirements
  • Old requirements tightened
  • Old requirements (that you might not have done)
  • What is Personal data
  • Data Audits
  • Data retention

DATA

  • Data-sharing (e.g. HR & Payroll providers):
    • due diligence for on-boarding new processors
    • contracts (new & existing)
    • off-shore processing
  • Security (and security myths)
  • Security breach notification obligations
  • Data protection by design and default
  • Key Data Subject Rights:
    • changes to fees/timeframes
    • subject access
    • right to be forgotten
    • data portability
    • rectification
    • objection
    • compensation
  • Tiered-fines

DATA PROTECTION POLICIES - REVIEW AND UPDATE

  • Privacy Policies
  • Privacy Notice
  • Data Protection handbook – Contents and uses
  • HR Example

ACTION PLAN

  • Drafting an action plan
  • Things to remember
  • Making it about you
  • Making it real
  • Fitting with the company strategy
  • Example
  • DIY

End

Contact us to book or discuss our events & services

Phone icon 01983 861133
Email icon info@bfi.co.uk