This course will provide a solid foundation in data protection law for local authority lawyers and officers. The course will include an explanation of the key provisions of GDPR and the Data Protection Act 2018; an exploration of the requirements of data protection impact assessments including around consultation and implementation; data sharing and the interaction with Freedom of Information; and breach reporting. The course will be useful for those who are new to dealing with data protection and information management, as well as those who have some limited experience or are in need of a refresher.
Sessions will cover the following:
Introduction
Definitions & Responsibilities
The Principles
Privacy Notices
Break out exercise - discussion of categories of personal data held by attendees’ organisations
DPIAs
Requirements
Consultation
Implementation, Review & Sign-off
Break out exercise - what to consider in example scenario
Data Sharing
Interaction with FOI
Data Sharing Agreements
Data Subject Rights
Break out exercise - handling example requests
Breaches, Breach Reporting & Complaints
The role of the Information Commissioner
Mandatory breach reporting
Enforcement case studies
Information Governance Lead, Liverpool City Region Combined Authority
Andy has responsibility for Data Protection, Freedom of Information, The Environmental Information Regulations, the Local Government Transparency Code and Records Management.
Andy’s career has included positions in higher education, the civil service and local government, with the provision of training to colleagues, schools, community organisations and service users playing a prominent role in his work.
Andy holds the BCS Practitioner Certificates in both Data Protection and Freedom of Information/Environmental Information Regulations, as well as the Preparing To Teach in the Lifelong Learning Sector (PTLLS) educational qualification.