This practical workshop will cover the essential aspects of the requirement for health and social care bodies to have a Data Protection Officer as outlined in the General Data Protection Regulation and associated legislation and guidance. It will concentrate on the tasks the Data Protection Officer must disperse.
In 2018 both the General Data Protection Regulation and a new Data Protection Act were introduced in the UK, requiring health and social care bodies, by the nature of their work, to employ a Data Protection Officer. There is, to a certain extent, relatively clear guidance in the legislation as to what this role entails. This course however, undertakes to highlight how to practically implement the requirements, introducing a practical approach to concepts such as Data Protection Impact Assessments / Privacy by Design and Data Breach Management.
It will move beyond the letter of the legislation, to guide delegates towards the support that is available to them in the wider health and social arena and beyond in the dispersal of their duties as a Data Protection Officer.
Key Learning Objectives include understanding:
who can hold the role of DPO
understanding how the role can be constituted as an employee or contractor
the baseline knowledge of the Data Protection legislation required to carry out the role
the DPO’s role in the organisation and where it is situated in the management structure
the independence of the DPO
the tasks of the DPO, including, but not limited to: Informing the Data Controller / Processor of their, Data Protection obligations. Monitoring compliance with the legislation. The offering of Data Protection advice to the organisation’s employees. Liaising with the Information Commissioner’s Office
