0845 450 6120

Data Protection Impact Assessment Workshop

This one-day workshop is designed to provide delegates with the practical knowledge needed to perform a data protection impact assessment (DPIA) that will minimise privacy risks and comply with the UK Data Protection Act (DPA) and the EU General Data Protection Regulation (GDPR).

A data protection impact assessment (DPIA) is a key risk assessment process outlined in the requirements of the EU General Data Protection Regulation (GDPR). It helps organisations make an early evaluation of the impact a business process might have on the privacy of the individuals involved, and ensures compliance with the UK Data Protection Act and EU GDPR.

The Information Commissioner’s Office (ICO) already recommends that privacy impact assessments are conducted to assess the privacy risks for all policies and projects involving the use, collection and disclosure of personal information, and the government’s Security Policy Framework mandates their use by all government departments.

In order to comply with the GDPR, organisations will be required to perform a DPIA where the processing of personal data involves high risk to the rights and freedoms of individuals. In particular, a DPIA will be required for automated data processing activities, including:

  1. Profiling leading to decisions that produce legal effects for the individual.
  2. Large-scale processing of certain types of data.
  3. Systematic monitoring of a publicly accessible area on a large scale.

The DPIA Workshop will explain how to develop a DPIA, implement the project, monitor the results and take action where required. When conducted at the start of a project, a DPIA will help organisations identify and resolve problems at an early stage, reducing the associated costs and potential damage to reputation.

Who should attend the course?

The course is aimed at managers who are responsible for ensuring that their organisation is fully compliant with its data privacy obligations. This includes data privacy/protection, compliance, HR, IT and contracts managers. The course is particularly relevant to people who work in organisations that process large quantities of personal information, such as government departments, universities, charities and market research companies.

Pre-Requisites

Entry requirements

While there are no formal entry requirements, this course has been designed to meet the needs of delegates who have some knowledge of data protection and the GDPR. We recommend that delegates who require an introduction to the requirements of the GDPR attend our certified GDPR Foundation training course.  Delegates on the certified GDPR Practitioner course do not need to attend the workshop, as the material is already covered in the DPIA section of the GDPR P course.

Course Content

What will you learn on this course?

  • The principles of data protection impact assessment (DPIA)
  • The legal requirements for a DPIA
  • Getting started: how to conduct a DPIA
  • Determining whether the risk is acceptable
  • How to develop a data protection impact assessment procedure
  • How to create and implement more efficient project processes
  • Monitoring the results and understanding when to take action
  • How to track the outcomes in order to take the appropriate remedial actions
  • Why and how to conduct a data flow mapping exercise
One Month
Two Months
Three Months
More than Three Months
PRINCE2 Foundation & Practitioner
MSP Foundation & Practitioner
APMP Certificate
ITIL Foundation
Scrum in One Day
Certified ScrumMaster
ISTQB Software Test Foundation
Microsoft Project
BCS Business Analysis Practice
Other - Please Specify Below

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include