The first in our series of GDPR mini workshops. This bite sized session introduces Information Asset Registers and Data Protection Impact Assessments (DPIAs) and their pivotal role in understanding and managing data protection risk and for achieving compliance.
This workshop takes delegates from the process of initial data mapping, to understanding the data they are processing, the legal basis for that processing and their responsibilities to data subjects, through to the importance of understanding 3rd party processors/suppliers datamaps and privacy notices and then using examples relevant to schools, focusses on the :Why?; When?; and How? of undertaking a Data Protection Impact Assessment, including calculating risk appetite and appropriate risk mitigation strategies.
By the end of the course delegates will understand:
- A Data Controllers/Processors responsibilities
- What an Information Asset Register is and why it is the key to understanding and controlling their data ecosystem and creating privacy by design
- How to create a data map and turn a data map into an Information Asset Register
- How to classify their processing activity
- What they need to know about any 3rd party data processors they are using.
- What a DPIA is and when to undertake a one
- How to complete a DPIA
- What they need to know from 3rd party data processors/suppliers involved
- How to approach and manage risk
Refreshments will be provided. If you would like us to deliver this course for your cluster we will do so at a reduced price of £30 per head, subject to a minimum of 10 attendees. To arrange this please contact us at firstname.lastname@example.org or call us on 01629 532888
This course is aimed at Business Officers, Senior Leaders, IT Leads, Data Leads/DPOs and anyone involved in the management of data processing activity or 3rd party applications within a school.