Understanding Data Protection Law
Get everything you need to ensure you're prepared for GDPR and get up-to-speed with the key data protection issues facing HR.
The General Data Protection Regulation (GDPR) became EU law in May 2017 and comes into effect in the UK on 25 May 2018. While the scope of GDPR is similar to the Data Protection Act 1998, the requirements and penalties are considerably greater. The CIPD Understanding Data Protection Law course addresses the principles and conditions of collecting, processing and retaining personal data, with reference to GDPR requirements, providing delegates with the direction they need to comply with GDPR. The course is updated monthly, to include any further guidance provided by the Information Commissioner's Office before then.
By the end of the Understanding Data Protection Law course, you'll be able to:
- understand the key provisions of data protection legislation and how to apply it to your organisation
- ensure the confidentiality of employee personal data throughout the employment relationship
- advise on the key principles applying to the collection, access and use of personal data
- apply these principles to policies and procedures in particular areas such as management of sickness records and monitoring of email and Internet usage
- understand the implications of non-compliance.
Data Protection Overview
- The Data Protection Act 1998
- What is personal data?
- The difference between sensitive and non-sensitive data
- Who is responsible for applying the Data Protection Act?
- The main principles of the Data Protection Act
- Collecting personal information – fair collection notices, rights and obligations
- Freedom of Information Act 2000
Data Protection Codes of Practice
- Understanding and applying the codes
- Employees health
- Drug and alcohol testing at work
Beginning and During Employment
- Recruitment and selection
- Including advertising, applications, shortlisting, selection testing, references, medical records, vetting, verification, validation, access to interview notes, retention of records
- Collection and storage of information
- Equal opportunities monitoring
- Pensions and insurance schemes
- Disclosure policy
Monitoring and Surveillance
- Link to human rights issues
- Regulation of Investigatory Powers legislation and privacy
- Changes to improve the protection of workers’ personal data
- Monitoring communications – telephone, internet and email policies
- Networking, tweeting, blogging, Facebook
- GDPR (EU legislation effective May 2018)
- Personal data
- Employee rights
Programme is subject to change pending new developments.
Who should attend
HR practitioners responsible for employment law issues within their organisation. No prior knowledge of data protection law is required.