Handling Data Subject Access Requests

This course provides you with a comprehensive understanding of managing subject access requests, and gives you an in-depth look at the appropriate practice and policy when it comes to tackling SARs.

Description

The course covers legal guidance and practical topics in order to equip delegates with the understanding to confidently respond to a subject access request. Created to guide individuals with an existing knowledge towards a competent understanding, and to equip those new to the sector with the necessary tools in order to complete requests in line with relevant laws and guidance.

Course Content

We will look at:

How things have changed throughout the years, in terms of the incredible advancements in technology and its gathering of your data.
Article 15 of the GDPR and how it allows you and your data subjects the right of access to the personal data held about you/them.
The GDPR guidance on protection of the data held.
A detailed look at the GDPR and its purpose, including the legislation and principles.
The consequences of not complying with the guidance.
What constitutes personal data, the requirements when searching for the data to complete a SAR, and how to identify the data subject is entitled to the requested.
How to determine if you are processing special category data and how to handle it correctly if you are.
What exemptions are, and when they could be applied.
How you can demonstrate compliance when using an exemption, and when you can justifiably refuse a SAR received.
The preparations you should make when completing a SAR.
The role of the controllers and processors, and what is good practice and policy to undertake.
The timeframe for completing a SAR, and under what circumstances you can apply an extension.
Dealing with a SAR in regard to children.
Understanding the request you have received, how to provide the data requested, and where to gather that data from within your systems.
How to deal with a SAR from a third party, how to provide data once it has been collated, and what if any reasonable adjustments can be made.
How you process other people's data that may be contained within the file.
What to do if you receive repeated requests from a data subject.

What's Included:

One-day interactive course with an experienced trainer.
Access to relevant resources, such as policies, to take back to your organisation.
Opportunity to network with other data protection professionals.

Course Format

The course takes 1 days to complete and will be held virtually.

You will need access to Microsoft Teams throughout the course as all sessions will be held via Teams.

The course will start at 9:00 am and finish at 4:00 pm (approx.).

Our course is great for

This course requires no prior understanding of subject access requests and provides a full overview of the relevant legislation and its practical application.

This qualification is likely to be of particular benefit to those working in the following areas:

Data protection and privacy
Information governance, risk and compliance
Managers with data protection responsibilities
Human resources
SAR handling staff

Similar courses

Our Caldicott Guardian training course will increase your confidence in protecting patient data confidentiality, helping you understand the breadth and impact of data sharing in health and social care, and how to fulfil your role as Caldicott Guardian.

More Information

Our Senior Information Risk Owner (SIRO) course fulfils a practical and interactive training need, helping you understand the SIRO role in depth, providing a sound foundation for those already in the SIRO role, or looking to move into it.

More Information

This course explores the application of current data protection laws, including the EU-GDPR, the UK-GDPR and the UK Data Protection Act 2018, and helps you understand how to manage and protect data responsibly and ethically.

More Information

This course covers legal guidance and practical topics in order to equip you with the understanding to confidently use data ethically. Examine how to get it right the first time, while looking at case studies for those who didn’t.

More Information

This course will teach staff about good data-sharing practices and ensure they are sharing data in line with best practices, providing them with the necessary tools to share data in line with relevant laws and guidance.

More Information

This course will give you the tools to be able to manage and monitor your audit process within your organisation, covering three units that will examine the why, how, and what of a good audit.

More Information

This course is aimed at experienced data protection professionals, and candidates that want to build on the BCS Foundation Certificate to gain a broader and deeper understanding of the current laws.

More Information

This course will help you perform in your Data Champion role by helping you to confidently implement data protection policies and procedures, safeguard your organisation’s sensitive information, and remediate potential threats and risks.

More Information

The effective DPO course builds on your knowledge from the BCS Data Protection Practitioner or similar industry-standard course and aims to give you the skills to be able to put your knowledge gained into practice. This CPD accredited course aims to give you the skills and more importantly the resources required to be an effective Data Protection Officer.

More Information

This course will help you understand how CCTV interacts with data protection laws, the practical side of the legislation, and how it protects the data subjects’ rights, plus the most simple and effective ways to ensure compliance.

More Information

This CPD accredited course builds on your knowledge from the BCS Data Protection Practitioner or similar industry-standard course and gives you the skills to put your new knowledge into practice to be an effective Data Protection Officer.

More Information