The aim of this course is to provide you with the fundamental knowledge to be able to recognise and respond to data subject access requests (SAR).
Who Should Take This Course
Suitable for anyone who might be responsible for dealing with SARs, including:
- Private, Public, Charity and Voluntary sectors
- Data Protection Leads
- Data Protection Officers
- HR Professionals / Departments
- Practice Manager and Partners
- Operations Directors
- Business Owners
- Office Managers
- Legal Departments
- HR Directors
Dealing effectively with SARs can prove to be a management challenge for many organisations. Requests can be received from within your own organisation and externally from a variety of data subjects including customers, employees, complainants, and others. Depending on your business process, you may be holding vast quantities of information on individuals, sometimes as an unintended consequence of technological advances.
This course is fully up to date with the requirements of the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018, and the ICO’s latest guidance (February 2022). It looks in detail at the right of individuals to gain access to their data, as well as the exemptions that organisations can use to withhold information. It also provides you with the information your organisation will need to set up an effective SAR handling process in their organisation to ensure you comply with any SAR.
This course covers the following components:
- Define the ‘Right of Access’ right
- Recognise a data subject access request (SAR)
- Identify the timescales required for responding to a SAR
- Understand how to comply with a SAR
- Consider the exemptions from data subjects right to access
- Understand the implications of failing to respond to a SAR.
Interactive modules and an assessment at the end are included. A certificate is available on successful completion and the course counts towards Continuing Professional Development (CPD). The course certificate expires 12 months from issue.
Developed by an experienced Data Protection Officer (DPO).