IHRIM

PDP - Compliance News Updates - 26 June 2018

BT fined £77,000 by the ICO for five million spam emails
 
 
PDP header graphic
  Issue: 26.06.2018

News 
BT fined £77,000 by the ICO for five million spam emails
British Telecommunications plc has been fined £77,000 by the Information Commissioner's Office after it sent nearly five million nuisance emails to customers. The 4.9 million emails, promoting three charity initiatives, were sent between December 2015 and November 2016. During the investigation, BT accepted that emails for two of the charities, Giving Tuesday and Stand up to Cancer, were unlawful, but disputed the assessment that those to the third charity, My Donate, were direct marketing. The ICO found that all of the emails sent constituted marketing, and were not simply service messages. The messages were delivered to recipients who had not given the necessary consent, and were therefore sent in breach of Regulation 22 of the Privacy and Electronic Communications Regulations.    

Supreme Court rules on mobile location data

In a landmark ruling, which protects the privacy of mobile phone users, the US Supreme Court confirmed that the government generally needs a warrant to collect location data on customers of mobile phone companies. The case, Carpenter v. United States,  arose from armed robberies of Radio Shacks and other stores in the Detroit area starting in 2010. The court ruled that the damning location evidence of the alleged perpetrators was inadmissible due to a breach of their 4th Amendment rights. The 5-to-4 ruling made exceptions for emergencies such as bomb threats and child abductions. Eduardo Ustaran, Partner at Hogan Lovells, tweeted that the decision was "a nod in the right direction from US judiciary for those concerned about the Privacy Shield and Model Clauses, and limits to access to data by the state." Mr Ustaran is speaking on the Privacy Shield and Model Clauses at the upcoming 17th Annual Data Protection Practical Compliance Conference taking place in London on 11th and 12th October. His article on the future of EU international data transfers appears in June edition of Privacy & Data Protection

Campaign group alleges illegitimate use of data by UK revenue service

The Information Commissioner's Office is investigating complaints that the voices of millions of taxpayers have been analysed and stored by HM Revenue and Customs without consent. According to the campaign group Big Brother Watch, HMRC's Voice ID system, which was introduced last year, has collected 5.1 million audio signatures and is creating "biometric ID cards by the back door". HMRC says the data are held securely and emphasised that callers could elect not to use Voice ID.    

New rules on free flow of non-personal data closer to being finalised

EU governments would be required to justify national regulations requiring companies to store non-personal data locally, under proposed new rules that moved closer to being finalised last week. The European Parliament, Council of Ministers and European Commission reached political consensus on a new regulation on the free flow of non-personal data and prohibiting data localisation restrictions. The Regulation has no impact on the application of the GDPR as it does not cover personal data. However, the two Regulations will function together. In the case of a mixed dataset, the GDPR provision guaranteeing free flow of personal data will apply to the personal data part of the set, and the free flow of non-personal data principle will apply to the non-personal part.   

Twitter, comScore Sued For Allegedly Tracking Kids Who Use Disney Apps by Wendy Davis

A group of parents in the US who are suing Disney over alleged privacy violations have expanded their case by adding Twitter's MoPub and comScore as defendants. The class-action complaint being brought under the Children's Online Privacy Protection Act alleges that Disney allowed outside companies to embed code that tracked young children who used apps. According the new complaint, those outside companies include Twitter, comScore, Upsight, Unity Technologies and Kochava. Disney say that the complaint is based on a fundamental misunderstanding of COPPA principles.    

National data strategy to be developed in the UK

The UK government has announced that a national data strategy will be developed "to unlock the power of data in the UK economy and government, while building public confidence in its use". The plan to develop the strategy was outlined as the government published proposals on what role, objectives and areas of focus the new Centre for Data Ethics and Innovation should have. The consultation paper states "We want to ensure the Centre adds real value and builds confidence and clarity for businesses and citizens. We will therefore engage extensively with all those who have an interest and stake in the way data use and AI are governed and regulated. This includes citizens, businesses, regulators, local and devolved authorities, academia and civil society."       

Hackers steal crypto-exchange of £24 million

A leading crypto-coin exchange has suspended trading after declaring that hackers had stolen some of the digital currencies it stored. Seoul-based Bithumb said that 35bn won (£24m) worth of cyber-cash had been "seized" overnight, adding that it would fully compensate affected customers. The values of Bitcoin, Ethereum and Ripple all fell on the news. The occasion is the second within a year that Bithumb has been breached. Last July, the company acknowledged that an employee's PC had been hacked, exposing users' personal details.  

More in depth data protection news and articles... 

PDP Journals logo
 
 
New GDPR Article Series 

Privacy & Data Protection journalIntroducing a special series of articles on the practical changes that organisations need to implement in order to prepare for the GDPR

Visit the
Privacy & Data Protection for a Free Sample and to Subscribe
 

Subscribe to two or more titles at the same time and receive a 15% discount off the cheapest journal.
 



17th Annual Data Protection Conference (GDPR)

17th Annual Conference


11th & 12th October 2018 - London, UK 
** London's leading two-day GDPR Conference **  

Keynote:
James Dipple Johnstone
 
How the ICO will exercise its New Powers
James Dipple-Johnstone 
Infomation Commissioner's Office (ICO)
  This year, the conference is dedicated to reviewing the practical implications of the General Data Protection Regulation, and to help organisations ensure they are compliant.
 
16th Annual Data Protection Compliance Conference

  
* Speaker Highlight *
 
Eduardo Ustaran  
The Long Term Viability of the Privacy Shield and Model Clauses       
 
Eduardo Ustaran - Partner, Hogan Lovells
 
Some of the most commonly used methods to legitimise international data transfers are under serious scrutiny. For data exports to the United States, the Privacy Shield is an attractive option. But the constant challenges to the legality of the Shield, as well as the political climate, are questioning its survival. Commonly used tools like model clauses have also been challenged and will likely need to be revised. How can companies proceed in the uncertain world of data globalisation?


For more information and to book your place:
 

 
PDP Training logo


Our professional and practical Training Courses enable delegates to understand the legal requirements in key areas of information and data protection compliance. Courses run throughout the year around the United Kingdom.
 
Here is a selection of courses taking place shortly:
 
Estelle Dehon_ Cornerstone Barristers
Estelle Dehon
Cornerstone Barristers
This course is an introductory level course for all those that are new to data protection and the GDPR, or those that require a refresher on the fundamental concepts. It is designed for people who work with, or will work with, data protection issues on a regular basis.This invaluable and practical training session examines core concepts of practical data protection compliance.This course can be used as credit towards the Practitioner Certificate in Data Protection.The next available dates for this course are:
  • London    Monday, 9th July 2018
  • Belfast     Monday, 10th September 2018
  • London    Monday, 17th September 2018
     
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue
     
This practical training session is designed for those that work in the field of data protection. The Level 1 and Level 2 courses taken together constitute a complete training package on the fundamentals of data protection. This session provides a thorough grounding in the important aspects of data protection practice.The Level 2 course is designed as a natural progression from Data Protection Essential Knowledge - Level 1, although attending Data Protection Essential Knowledge - Level 1 is not a pre-requisite to attending the Level 2 unless you are a complete beginner to data protection.Attendance on this course can be used as credit towards the Practitioner Certificate in Data Protection.The next available dates for this course are:
  • London    Tuesday, 10th July 2018
  • Belfast     Tuesday, 11th September 2018
  • London    Tuesday, 18th September 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue
John Wilson, Mosaic
Organisations face increasing pressure to manage their records according to statutory and business requirements. As the use of electronic records and the deployment of electronic document and records management systems continue to increase, the core skills of the person responsible for records management become ever more important to the organisation. In many cases, appropriate data protection and FOI compliance will depend upon a good records management system.This invaluable training session, led by John Wilson, examines core concepts of good records management practice.Records Management 1 is an introductory level session that provides delegates with a thorough grounding in the fundamentals of records management, including:
  • introduction - basic concepts
  • records management tools
  • records lifecycle approach
  • designing a file plan
  • records destruction
  • legal framework / compliance
  • management of electronic records and email 
Upcoming dates for this training course are:
  • London           Tuesday, 17th July 2018
  • Manchester    Wednesday, 5th September 2018
  • Edinburgh      Thursday, 4th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

This course examines how to implement good records management practice. Led by John Wilson, Records Management 2 is an intermediate level session that provides a grounding in the fundamentals of records management, including:
  • introduction - initiating a records management project
  • records audit
  • process mapping
  • building a business classification scheme
  • measuring performance
  • EDRMS
  • sustaining a records management programme
Delegates are encouraged to share their own experiences at the session. The day will be a mixture of presentation and practical exercises. There will be plenty of opportunity for questions.Upcoming dates for this training course are:
  • London           Wednesday, 18th July 2018
  • Manchester    Thursday, 6th September 2018
  • Edinburgh       Friday, 5th October 2018
A discount is available for delegates attending both the Level 1 and Level 2 sessions, as well as for multiple delegates attending from the same organisation.For further information and to make a booking,
  1. Visit PDP's website  
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Practitioner Certificate in Data Protection - GDPR Conversion Programme
Ensure you are have the knowledge to practically implement the GDPR in your organisation.  
 
The Practitioner Certificate in Data Protection is the practical qualification which can be taken either on an intensive, flexible or distance-learning basis.
 
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the new Regulation." 
Joanne Maurizi 
MutualOne 
 
Find out more >
   
Records Management Levels 1&2
Next sessions: 17th & 18th July 2018 - London
Records Management Levels 1 & 2
   
These highly practical sessions provide a thorough grounding and examine the core concepts of good records management practice.  

"By far the most practical resource available to help understand the complexities of the GDPR..."
A Practical Guide to UK and EU Law  

This book is an invaluable practical resource for organisations in meeting the requirements of the GDPR.
Find out more & Order your copy here >

Practitioner Certificate in Data Protection - GDPR Conversion Programme
The online self-study Programme for candidates who gained their qualification prior to 2018 to upgrade their qualification for the GDPR era.

"I'm delighted to have passed the GDPR Conversion Programme Examination. The Programme was both enjoyable and challenging, providing an in depth look at the changes GDPR brings and how to apply these in practice.  I am now confident that my knowledge of Data Protection Law remains up to date and comfortable that I can apply the new regulations in practice in my day to day role."
Find out more >
   


Qualify as a GDPR Data Protection Practitioner

Flexible training options allow you to train alongside other commitmentsMore information >  
"The course content was informative and well presented, with very knowledgeable trainers. The exam was challenging, so I feel a real sense of achievement in having gained this qualification."   Caroline Chalk
Head External Information Services
Civil Aviation Authority
"I found the course to be thoroughly enjoyable and enlightening in a number of areas. I have managed to apply the knowledge gained through the course already in my day to day role."
Brendan Byrne
Senior Managing Consultant Security & Privacy
IBM
"The qualification strikes the right balance of interpreting important and complicated legislation and imparting this to students with a well structured course, underpinned with simple to understand information and then a vigorous examination. Organisations should feel assured by any of its staff undertaking and passing this qualification that their information is being managed and shared securely."
Kim Bellis
Records Service Manager
Royal Cornwall Hospitals NHS Trust
"I am very pleased to have followed the Practitioner Certificate in Data Protection course and passed the examination. This will be of great benefit to my employer, as it demonstrates the value we place on this complex area of ethics and compliance."
Alan White
Data Protection Manager
Pitney Bowes
"The course which was delivered by experts in the field of Privacy and Data Protection Law was very enjoyable and engaging. The examination was based on applying legislation and knowledge to practical cases rather than a test of how much information you could remember. I am delighted that I passed the exam and to have a qualification that is very much respected, as well as letters after my name! I recommend both the course and the examination for anyone wanting to increase their knowledge of Data Protection Law."
Bleneta Carr
Investigator
Pearson Education
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the impending new Regulation."
Joanne Maurizi
Assistant Manager
mutualone
"Synectics Solutions recognises that compliance with data protection regulation is critical to all organisations that handle personal information. It has never had a greater focus than at the present time. Having looked at the training and professional qualifications available, we concluded that the PDP certification was the most appropriate for our business. The course was delivered by legal experts in the field. They were able to bring the events to life with real-life scenarios and case studies."
Steve Sands
Head of Security
Synectics Solutions
 
PDP, Canterbury Court, Kennington Park, London, SW9 6DE, United Kingdom
 
 
 

The NHS at 70: A timeline in pictures

On 5 July 1948, 70 years ago on Thursday

Read more...

PDP - Compliance News Updates - 12 June 2018

Online marketing companies will need to rewrite contracts as a result of new ruling
 
 
PDP header graphic
  Issue: 12.06.2018

News 
Online marketing companies will need to rewrite contracts as a result of new ruling
The European Court of Justice has ruled that companies and people who administer Facebook fan pages are jointly responsible with Facebook for data protection on those pages, effectively widening the scope of controllers. The decision means that if Facebook is infringing on the data-protection rights of users who follow a fan page, the page's administrators may also be in the firing line. Equally, if the fan-page operator infringes on people's privacy rights, Facebook may also be responsible. As a result of the ruling, Facebook and a range of other companies involved in online marketing may need to rewrite their contracts with customers across Europe. "We are disappointed by this ruling," said a Facebook spokesperson.  

UK regulator fines charity

The Information Commissioner's Office has fined the British and Foreign Bible Society £100,000 after cyber hackers gained access to more than 400,000 supporters' personal data. The Commissioner found that, although the Society was the victim of a criminal act, it failed to take appropriate technical and organisational steps to protect its supporters' personal data. The charity, which translates and distributes the Bible in the UK and around the world, has taken remedial action since it became aware of the attack, and fully co-operated with the ICO's investigation.

ICANN loses data-gathering court battle

The internet's global domain name organisation, the Internet Corporation for Assigned Names and Numbers, has lost its bid to force a German registrar to collect the personal data of technical and administrative contacts for websites the registrar approves domain names for. ICANN asked the Regional Court of Bonn to issue an order to force EPAG Domain services to collect the personal data of technical and administrative contacts of organisations that register domain names with EPAG. EPAG previously collected the information, but advised ICANN that it would stop doing so in order to comply with the GDPR. The Regional Court of Bonn ruled in favour of EPAG and said ICANN's application for an injunction to be served against the registrar was "unfounded". 

Facebook apologises after latest blunder

Facebook has apologised after admitting that a software bug changed the privacy settings of 14 million users' posts. Affected users had the privacy settings of their posts automatically set to be shared to "everyone", even if they had chosen a setting which restricted who could see them. The bug affected Facebook's internal systems between 18 and 22 May, and the social media company was not able to return the posts to their original settings until 27 May. Facebook said users who were affected by the bug will be notified of the issue on their news feed. The UK's Deputy Information Commissioner, Steve Wood, said: "The UK public can be reassured that the ICO will support the Irish Data Commissioner if required to ensure Facebook takes the appropriate steps to resolve this matter."  

Job application tool suspects data breach

A firm in the UK that manages millions of job applications around the world suspects it has suffered a data breach. PageUp's software is used for recruitment, salary information, bank details, tax numbers and other sensitive personal data. Its clients include supermarket Aldi, Clydesdale Bank and chocolate-maker Lindt. The firm has notified data regulators, including the UK's Information Commissioner's Office. The UK regulator has confirmed that it is investigating the breach.     

Facebook confirms existence of data sharing partnership

Facebook has confirmed it has a data sharing partnership with Chinese firms including Huawei, a company US intelligence previously flagged as a security threat. The agreements gave the Chinese firms some access to users' data to help them build Facebook "experiences" on their smartphones. Facebook said all the data collected remained on users' phones not servers. Huawei said its cooperation with Facebook was to improve user services. A Huawei spokesperson said: "Like all leading smartphone providers, Huawei has worked with Facebook to make Facebook's services more convenient for users. Huawei has never collected or stored any Facebook user data."

ICO on Cambridge Analytica - "this is our largest investigation"

Information Commissioner Elizabeth Denham and Deputy Commissioner of Operations James Dipple-Johnstone have appeared in front of the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament hearing on the Facebook/Cambridge Analytica case. In their opening remarks they said the ICO has over 40 of its own investigators full time on the enquiry plus external legal and forensic IT recovery experts. Elizabeth Denham told MEPs "give the GDPR some time to operate. This investigation by the ICO is unprecedented in its scale - we believe it is the largest investigation ever undertaken by a data protection authority. The investigation is providing an early opportunity to consider the GDPR against the pressures and demands of a real world contemporary case." James Dipple-Johnstone will be giving the Keynote Address at the 17th Annual Data Protection Compliance Conference, taking place in London on 11th & 12th October.

Statement in response to new plans for nuisance call directors to face fines

Steve Wood, Deputy Commissioner for Policy at the ICO, has given a statement in response to the UK government's plans (reported last week) to introduce fines for company directors heading up nuisance call firms. He said: "We welcome these proposals from the government to make directors themselves responsible for nuisance marketing. We have been calling for a change to the law for a while to deter those who deliberately set out to disrupt people with troublesome calls, texts and emails. These proposed changes will increase the tools we have to protect the public." 

More in depth data protection news and articles... 

PDP Journals logo
 
 
New GDPR Article Series 

Privacy & Data Protection journalIntroducing a special series of articles on the practical changes that organisations need to implement in order to prepare for the GDPR

Visit the
Privacy & Data Protection for a Free Sample and to Subscribe
 

Subscribe to two or more titles at the same time and receive a 15% discount off the cheapest journal.
 



17th Annual Data Protection Conference (GDPR)

17th Annual Conference


11th & 12th October 2018 - London, UK 
** London's leading two-day GDPR Conference **  

Keynote:
James Dipple Johnstone
 
How the ICO will exercise its New Powers
James Dipple-Johnstone 
Infomation Commissioner's Office (ICO)
  This year, the conference is dedicated to reviewing the practical implications of the General Data Protection Regulation, and to help organisations ensure they are compliant.
 
16th Annual Data Protection Compliance Conference

  
* Speaker Highlight *
Estelle Dehon
 
The New Transparency Obligations       
 
Estelle Dehon - Cornerstone Barristers
 
The GDPR mandates 'transparency' as a new requirement of data protection. But what exactly does it mean to be transparent, and what must organisations now do that they were not doing before? This talk provides a practical guide to transparency, and includes key takeaways from the Article 29 Working Party's recently updated guidance.

For more information and to book your place:
 

 
PDP Training logo


Our professional and practical Training Courses enable delegates to understand the legal requirements in key areas of information and data protection compliance. Courses run throughout the year around the United Kingdom.
 
Here is a selection of courses taking place shortly:   

Accountability - How to Comply with the GDPR's Requirements
Jenai Nissim_ TLT
Jenai Nissim
TLT
For the first time in data protection law, the GDPR introduces the requirement of "accountability". In basic terms, accountability means that organisations are not only be required to comply with data protection requirements, but also that they must demonstrate that they comply.Demonstrating compliance consists of several elements, including preparing policies, monitoring compliance with internal policies and procedures, amending job roles and updating customer facing documentation such as websites and offline forms.This highly practical sessions looks at the detail of what accountability requires, and provides delegates with all the knowledge and tools necessary to achieve compliance in their organisations.It is recommended that delegates attending this session have a basic knowledge of current data protection legal requirements. Delegates with no existing knowledge may find it helpful to attend Data Protection Essential Knowledge Level 1 before attending this training course.The course is taking place on the following dates:
  • London           Wednesday, 4th July 2018
  • Manchester    Friday, 28th September 2018
  • Isle of Man     Monday, 15th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Records Management 1
John Wilson, Mosaic
Organisations face increasing pressure to manage their records according to statutory and business requirements. As the use of electronic records and the deployment of electronic document and records management systems continue to increase, the core skills of the person responsible for records management become ever more important to the organisation. In many cases, appropriate data protection and FOI compliance will depend upon a good records management system.This invaluable training session, led by John Wilson, examines core concepts of good records management practice.Records Management 1 is an introductory level session that provides delegates with a thorough grounding in the fundamentals of records management, including:
  • introduction - basic concepts
  • records management tools
  • records lifecycle approach
  • designing a file plan
  • records destruction
  • legal framework / compliance
  • management of electronic records and email 
Upcoming dates for this training course are:
  • London           Tuesday, 17th July 2018
  • Manchester    Wednesday, 5th September 2018
  • Edinburgh      Thursday, 4th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Records Management 2
This course examines how to implement good records management practice. Led by John Wilson, Records Management 2 is an intermediate level session that provides a grounding in the fundamentals of records management, including:
  • introduction - initiating a records management project
  • records audit
  • process mapping
  • building a business classification scheme
  • measuring performance
  • EDRMS
  • sustaining a records management programme
Delegates are encouraged to share their own experiences at the session. The day will be a mixture of presentation and practical exercises. There will be plenty of opportunity for questions.Upcoming dates for this training course are:
  • London           Wednesday, 18th July 2018
  • Manchester    Thursday, 6th September 2018
  • Edinburgh       Friday, 5th October 2018
A discount is available for delegates attending both the Level 1 and Level 2 sessions, as well as for multiple delegates attending from the same organisation.For further information and to make a booking,
  1. Visit PDP's website  
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 
 
Manish Soni
Manish Soni
MacFarlanes
Breaches of information security are consistently one of the top two reasons for data protection regulator enforcement action. And fines for breaches of security are usually higher than for other types of breaches.With mandatory breach notification under the GDPR and the significant uplift in potential monetary penalties, compliance professionals need to be suitably empowered with cybersecurity knowledge and awareness to assist their organisations to both mitigate ongoing data security risks and to deal with personal data breaches. It is also useful for compliance professionals to have a basic knowledge of cybersecurity terminology to facilitate effective communications with IT Team members.This session is prepared specifically in the context of the GDPR and the objective of compliance professionals dealing more assuredly and knowledgeably with cybersecurity within their organisations. Find out more...The course is taking place on the following dates:
  • London           Monday, 2nd July 2018
  • Manchester    Tuesday, 13th November 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue

Practitioner Certificate in Data Protection - GDPR Conversion Programme
Ensure you are have the knowledge to practically implement the GDPR in your organisation.  
 
The Practitioner Certificate in Data Protection is the practical qualification which can be taken either on an intensive, flexible or distance-learning basis.
 
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the new Regulation." 
Joanne Maurizi 
MutualOne 
 
Find out more >
   

"By far the most practical resource available to help understand the complexities of the GDPR..."
A Practical Guide to UK and EU Law  

This book is an invaluable practical resource for organisations in meeting the requirements of the GDPR.
Find out more & Order your copy here >
* New course for 2018 *
Cybersecurity for Data Protection Professionals  2nd July 2018 - London
Breach Notifications Training Course 

This session is prepared specifically in the context of the GDPR and the objective of compliance professionals dealing more assuredly and knowledgeably with cybersecurity within their organisations.

Practitioner Certificate in Data Protection - GDPR Conversion Programme
The online self-study Programme for candidates who gained their qualification prior to 2018 to upgrade their qualification for the GDPR era.

"I'm delighted to have passed the GDPR Conversion Programme Examination. The Programme was both enjoyable and challenging, providing an in depth look at the changes GDPR brings and how to apply these in practice.  I am now confident that my knowledge of Data Protection Law remains up to date and comfortable that I can apply the new regulations in practice in my day to day role."
Find out more >
   


Qualify as a GDPR Data Protection Practitioner

Flexible training options allow you to train alongside other commitmentsMore information >  
"The course content was informative and well presented, with very knowledgeable trainers. The exam was challenging, so I feel a real sense of achievement in having gained this qualification."   Caroline Chalk
Head External Information Services
Civil Aviation Authority
"I found the course to be thoroughly enjoyable and enlightening in a number of areas. I have managed to apply the knowledge gained through the course already in my day to day role."
Brendan Byrne
Senior Managing Consultant Security & Privacy
IBM
"The qualification strikes the right balance of interpreting important and complicated legislation and imparting this to students with a well structured course, underpinned with simple to understand information and then a vigorous examination. Organisations should feel assured by any of its staff undertaking and passing this qualification that their information is being managed and shared securely."
Kim Bellis
Records Service Manager
Royal Cornwall Hospitals NHS Trust
"I am very pleased to have followed the Practitioner Certificate in Data Protection course and passed the examination. This will be of great benefit to my employer, as it demonstrates the value we place on this complex area of ethics and compliance."
Alan White
Data Protection Manager
Pitney Bowes
"The course which was delivered by experts in the field of Privacy and Data Protection Law was very enjoyable and engaging. The examination was based on applying legislation and knowledge to practical cases rather than a test of how much information you could remember. I am delighted that I passed the exam and to have a qualification that is very much respected, as well as letters after my name! I recommend both the course and the examination for anyone wanting to increase their knowledge of Data Protection Law."
Bleneta Carr
Investigator
Pearson Education
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the impending new Regulation."
Joanne Maurizi
Assistant Manager
mutualone
"Synectics Solutions recognises that compliance with data protection regulation is critical to all organisations that handle personal information. It has never had a greater focus than at the present time. Having looked at the training and professional qualifications available, we concluded that the PDP certification was the most appropriate for our business. The course was delivered by legal experts in the field. They were able to bring the events to life with real-life scenarios and case studies."
Steve Sands
Head of Security
Synectics Solutions
 
PDP, Canterbury Court, Kennington Park, London, SW9 6DE, United Kingdom
 
 
 

PDP - FOI News Update - 6 June 2018

GDPR goes into effect
 
FOI email header
  Issue: 06/06/2018

News

GDPR goes into effect
The GDPR has now gone into effect as from 25th May, affecting the operation of section 40 of FOIA which deals with the FOI exemption for personal data. The GDPR requires organisations including public authorities to document their compliance, meaning public authorities who also have duties to be transparent to the public are even more open to scrutiny. Volume 13, Issue 5 of Freedom of Information journal featured an article on how exactly the GDPR affects FOI law. See the back issues page
Secrecy over Lord's conflicts of interest
The Department for Education has refused to say what steps a minister who oversees academies while remaining a trustee of a controversial academy trust has taken to avoid conflicts of interest. Lord Agnew, who founded the Norfolk-based Inspiration Trust in 2012, stood down as Chairman when he became a schools minister in September 2017 but remained a member and trustee. His ministerial responsibilities include academies, multi-academy trusts and free schools. The decision to keep Lord Agnew's conflict of interest agreement secret following a FOI request from Tes (Times Educational Supplement) has been branded an "absurd spectacle" by Labour Shadow Education Secretary Angela Rayner. Tes has asked for the decision to withhold the information to be reviewed.  
Ministers ignored fire safety calls in 2010 review, documents reveal
Documents released under FOIA show that ministers ignored calls for mandatory fire sprinklers and warnings that "a culture of poor standards" was putting lives at risk in the last review of regulations before Grenfell. The consultation submissions to a 2010 review of building regulations carried out by the coalition government show significant warnings were issued about the mounting risk from fire safety, seven years before 72 people were killed in the blaze at Grenfell Tower. The documents were released after the intervention of the Information Commissioner and following a 10 month battle with the Ministry of Housing, Communities and Local Government. 
ICO begins investigating MoJ
The ICO has begun a criminal investigation into the Ministry of Justice over allegations the department broke Freedom of Information law. The investigation was launched after a report leaked to BuzzFeed News suggested that the MoJ buried damning research into people defending themselves in court. BuzzFeed News and others complained to the ICO that the government had concealed the existence of a 36-page internal report containing explosive testimony from senior judges about the impact on the justice system of unrepresented people in crown court.
Latest criticism levied against Scottish government
The Scottish government is failing to act in the "spirit" of Freedom of Information laws, an architect of the legislation has claimed. The criticism came from Lord Wallace, as it was revealed from a snapshot of requests over a two week period in March that of 141 requests for information, 57 of them were referred to politically appointed advisers and 39 were sent for "ministerial approval". Carole Ewart, convenor of the Campaign for Freedom of Information in Scotland, said the original act "does not permit information to be skewed or withheld to avoid political embarrassment", adding that "the involvement of special advisers in finalising the content of so many freedom of information requests is worrying and it is right the public should know the nature and extent of that involvement."
Open Government Manifesto
The Open Government has released its Civil Society Manifesto set to inform the government's fourth Open Government Action Plan that will run from mid-2018 to mid-2020, as part of the Open Government Partnership (OGP) initiative. The Manifesto, which has been developed following discussions by civil society, puts forward the UK Open Government Civil Society Network's[2] key thematic areas for consideration. The UK is scheduled to leave the European Union halfway through this action plan. The OG stated "We are deeply concerned by the lack of transparency in the preparations and negotiation of withdrawal from, and future relationship with, the EU. Whilst the EU has integrated transparency as part of its negotiating strategy and has regularly published detailed impact studies[6], we note that the UK Government has adopted a negotiating approach which lacks similar levels of openness.[7] As such, the Manifesto also considers this and the recommendations from the OGP Independent Review Mechanism mid-term report, that highlights "A focus on the openness of Brexit, especially as regards the impact of Brexit on everyday life and politics."
Freedom of infomation JournalMore freedom of information news and articlesVisit the website to receive a Free Sample Copy or to Subscribe Now"PDP's FOI journal has proved very helpful in keeping us up to date with developments in FOI, interesting news and case law."Deborah Coombs
Nottingham University Hospitals NHS TrustSubscribe to two or more journals at the same time and receive a discount
For more information, visit PDP Journals

PDP Training logo
Professional and practical Training Courses enable delegates to understand the legal requirements in key areas of compliance.  
 
The following is a selection of some of PDP's current courses.  

Records Management 1
John Wilson, Mosaic
Organisations face increasing pressure to manage their records according to statutory and business requirements. As the use of electronic records and the deployment of electronic document and records management systems continue to increase, the core skills of the person responsible for records management become ever more important to the organisation. In many cases, appropriate data protection and FOI compliance will depend upon a good records management system.This invaluable training session, led by John Wilson, examines core concepts of good records management practice.Records Management 1 is an introductory level session that provides delegates with a thorough grounding in the fundamentals of records management, including:
  • introduction - basic concepts
  • records management tools
  • records lifecycle approach
  • designing a file plan
  • records destruction
  • legal framework / compliance
  • management of electronic records and email 
Upcoming dates for this training course are:
  • London           Tuesday, 17th July 2018
  • Manchester    Wednesday, 5th September 2018
  • Edinburgh      Thursday, 4th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

 
Records Management 2
This course examines how to implement good records management practice. Led by John Wilson, Records Management 2 is an intermediate level session that provides a grounding in the fundamentals of records management, including:
  • introduction - initiating a records management project
  • records audit
  • process mapping
  • building a business classification scheme
  • measuring performance
  • EDRMS
  • sustaining a records management programme
Delegates are encouraged to share their own experiences at the session. The day will be a mixture of presentation and practical exercises. There will be plenty of opportunity for questions.Upcoming dates for this training course are:
  • London           Wednesday, 18th July 2018
  • Manchester    Thursday, 6th September 2018
  • Edinburgh       Friday, 5th October 2018
A discount is available for delegates attending both the Level 1 and Level 2 sessions, as well as for multiple delegates attending from the same organisation.
For further information and to make a booking,
  1. Visit PDP's website  
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 
Estelle Dehon, Cornerstone Barristers
Estelle Dehon
Cornerstone Barristers
Since the Freedom of Information Act 2000 came fully into force in 2005 we have experienced a fundamental change in the relationship between UK government and its citizens as government information has become more publicly accessible. Greater transparency is also a key policy of the Coalition Government, and in light of the deficit reduction programme there is an ever increasing public interest in how public money is spent. This has led to the publication of a wide range of public sector datasets and proposals to expand the Freedom of Information Act through the Protection of Freedoms Bill. Information Officers are central to these developments and need to be fully aware of the Act and the impact of future changes to it.This training session is designed to help those who are on the receiving end of requests for information and those who advise and assist them.This training course can be used as credit towards gaining the Practitioner Certificate in Freedom of Information.Upcoming dates for this training course are:
  • Belfast           Monday, 24th September 2018
  • Manchester   Tuesday, 16th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

 
FOI Practical Training - Level 2 (Applying the Exemptions)
Liz Fitzsimons, Eversheds
Liz Fitsimons
Eversheds

Public sector bodies must make daily decisions on how to respond to requests for information under the Freedom of Information Act 2000 and how to apply the exemptions in the Act. Those decisions are increasingly reviewed and, in many cases, overturned by the Information Commissioner, the Information Tribunal and the Courts. As case law develops and changes, public authorities need to ensure that they understand when the exemptions can be applied, and what they have to demonstrate to apply them correctly.This training session considers in detail the practical application of the main FOI exemptions.A discount is available for delegates booking both FOI Level 1 and FOI Level 2.This training course can be used as credit towards gaining the Practitioner Certificate in Freedom of Information.Upcoming dates for this training course are:
  • Belfast           Tuesday, 25th September 2018
  • Manchester    Wednesday, 17th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 
The latest edition (Volume 14, Issue 4), features the following articles:Back to the FOIA: how FOIA affects historical records - Paul Gibbons, aka FOIManTo hold, or not to hold - that is the question - Lynn Wyeth, Leicester City CouncilRecent decisions of the Commissioner and Tribunal - Alison Berridge & Imogen Proud, Monckton Chambers
Request a FREE sample or

For more information, please visit PDP Journals


Advanced Records Management Training
Glasgow - 22nd June 2018
 
 

This training course provides an in-depth analysis of the key issues and challenges facing those responsible for the management of records and information in the current business environment.


PDP Training Catalogue 2018  
available for download
 
Browse through PDP's leading information compliance qualifications and training courses 
 
PDP Training Catalogue 2018 
  
 
PDP Logo 
Contact us 
 
Should you have any Training, Conference, Recruitment or Journal queries, please 
send us an email
 
     
Flexible training options allow you to train alongside other commitments  
   
 
"I am very pleased to have achieved the Practitioner Certificate in Freedom of Information. The programme provides excellent knowledge and understanding on the practical applications of handling requests for information"
Louise Smith
Financial Ombudsman Service
"A very worthwhile qualification which I wholeheartedly recommend to colleagues"
Barbara Tyldesley
The Environment Agency
"I am so pleased to have passed the Practitioner Certificate in FOI. The 4 day course was excellent and I am now confident in my role as FOI Officer for Social Services. The course has helped me develop my skills and knowledge of FOI/EIR and DP and I would encourage anyone working in this area to attend."
Rachael Strand
Flintshire County Council
"The Practitioner Certificate in FOI was an excellent opportunity to receive specialised training and gain a recognised qualification. In particular, I found the instructors to be both knowledgeable and engaging. As a regulator in an overseas territory, I was easily able to translate the learning into practice. I have and do encourage other FOI practitioners to take advantage of this training programme."
Clara Smith
Information Commissioner's Office (Grand Cayman)
"I am delighted to have passed my examination, achieving this qualification and attending the courses have been a very positive experience which have boosted my confidence and enthusiasm for this subject. I found the courses very informative and the course handout binders are an excellent reference tool which is very relevant to the workplace."
Julie Johnson
Durham County Council
"I'm delighted to have passed the exam; it was hard work preparing for an exam, having not sat one for over 10 years, but the course materials really helped structure my revision. Passing has increased my confidence in dealing with the Act which will be of benefit to myself as well as my organisation."
Heledd Thomas
Comisiynydd y Gymraeg
"I found this to be a comprehensive course, which was well structured to be relevant and of interest to everyone from FOI beginners to more seasoned practitioners. The course tutors were very knowledgeable and clearly very interested in their respective topic areas, and the course was similarly detailed and well-taught."
Mark Reynolds
Barclays
"I'm thrilled to have gained this qualification. FOI can be a complicated area to understand and apply, but the tutors were excellent in bringing it to life in an interesting way."
Angela Sanderson
Big Lottery Fund
"The Practitioner's Certificate has equipped me with the knowledge and confidence to undertake my role. I found the courses well presented and easy to follow. The case studies are particularly useful, as they give an insight into different scenarios that one may experience. I would recommend PDP to anyone wanting to gain this qualification."
Kim Starbuck
London Borough of Barking and Dagenham "Both the thought provoking training and materials as well as passing the exam will help to ensure we provide a prompt quality service when dealing with information requests particularly as those involving planning can raise complex issues"
John Pierce
The Department for Communities and Local Government 
 
PDP, Canterbury Court, Kennington Park, London, SW9 6DE, United Kingdom
 
 
 

 

PDP - Compliance News Updates - 5 June 2018

EDPB publishes its first guidelines
 
 
PDP header graphic
  Issue: 05.06.2018

News 
EDPB publishes its first guidelines
The European Data Protection Board has published the final version of Guidelines on derogations in the context of international data transfers and Guidelines on certifications under the GDPR. Derogations under Article 49 of the GDPR are exemptions from the general principle that personal data may only be transferred to countries outside of the European Economic Area if an adequate level of data protection is provided for, or if appropriate safeguards have been adduced. Certification mechanisms are accountability tools that companies may choose to implement to demonstrate compliance with the GDPR. Further detail on the guidance will be published in the upcoming edition of Privacy & Data Protection

Directors could be made personally liable for nuisance calls in UK

Company directors could be made personally liable for nuisance calls leading to potential fines of up to £500,000 under new plans  by the UK government and currently out for consultation. The ICO can currently only fine organisations for breaches of the Privacy and Electronic Communications Regulations. "For too long a minority of company directors have escaped justice by liquidating their firms and opening up again under a different name," said Digital Minister Margot James. "We want to make sure the Information Commissioner has the powers she needs to hold rogue bosses to account and put an end to these unwanted calls" she added. The consultation is open until 21st August.

Barnier rejects UK Brexit position on data protection

The UK government's proposal for a special agreement with the EU on data protection has been rejected by the EU's chief Brexit negotiator. The UK's proposed agreement went beyond the standard adequacy approach that the EU has adopted with third countries for ensuring the free flow of personal data to those locations. It also provided for an ongoing role for the ICO on the European Data Protection Board, and the ICO's participation in the EDPB's 'one stop shop' framework for resolving data protection disputes of a cross border nature. The EU found this to be unacceptable. Michel Barnier said: "What is sometimes hard for the British to understand is that we don't want to negotiate, we don't want to compromise on who we are. They want to leave, it is their choice to leave."

Facebook denies privacy breach claim

Facebook has rejected claims by the New York Times that its sharing of personal data with smartphone firms represented a breach of privacy pledges made to its members and a US regulator. The newspaper reported that the social network had given at least 60 device-makers access to users' friends' data without obtaining explicit consent. It added that in some cases, the details were stored on the firms' own servers. Facebook said that this was only done to help offer a mobile service, and that the circumstances were "very different" from those involved in the Cambridge Analytica scandal in which user data were used for different purposes. 

EDPB calls for adoption of e-Privacy Regulation

The European Data Protection Board is asking the European Commission, Parliament and Council to join forces to enact new e-Privacy rules as soon as possible now that the EU General Data Protection Regulation has gone into effect. The Board has offered advice on handling parts of the proposed e-Privacy Regulation, including the enforcement of consent requirements for cookies, ensuring privacy protections are in place for all forms of electronic communications including by "over-the-top" services, and obtaining user consent in an efficient manner before any data are processed.   

GDPR lacks clarity and threatens transatlantic trade, says US official

A lack of clarity around how new EU data protection laws apply poses a threat to EU-US trade, the US Secretary of Commerce has said. Writing in the Financial Times, Wilbur Ross criticised the guidance produced on the General Data Protection Regulation as being "too vague" and made an urgent call to EU authorities for "clearer rules and a more predictable regulatory environment to support investment and innovation". "As currently envisioned, GDPR's implementation could significantly interrupt transatlantic co-operation and create unnecessary barriers to trade, not only for the US, but for everyone outside the EU," Ross said.    
 

More in depth data protection news and articles... 

PDP Journals logo
 
 
New GDPR Article Series 

Privacy & Data Protection journalIntroducing a special series of articles on the practical changes that organisations need to implement in order to prepare for the GDPR

Visit the
Privacy & Data Protection for a Free Sample and to Subscribe
 

Subscribe to two or more titles at the same time and receive a 15% discount off the cheapest journal.
 



17th Annual Data Protection Conference (GDPR)

17th Annual Conference


11th & 12th October 2018 - London, UK 
** London's leading two-day GDPR Conference **  

Keynote:
James Dipple Johnstone
 
How the ICO will exercise its New Powers
James Dipple-Johnstone 
Infomation Commissioner's Office (ICO)
  This year, the conference is dedicated to reviewing the practical implications of the General Data Protection Regulation, and to help organisations ensure they are compliant.
 
16th Annual Data Protection Compliance Conference

  
* Speaker Highlight *

Eduardo Ustaran The Long Term Viability of the Privacy Shield and Model Clauses      
 
Eduardo Ustaran - Partner, Hogan Lovells
 
Some of the most commonly used methods to legitimise international data transfers are under serious scrutiny. For data exports to the United States, the Privacy Shield is an attractive option. But the constant challenges to the legality of the Shield, as well as the political climate, are questioning its survival. Commonly used tools like model clauses have also been challenged and will likely need to be revised. How can companies proceed in the uncertain world of data globalisation?

For more information and to book your place:
 

 
PDP Training logo


Our professional and practical Training Courses enable delegates to understand the legal requirements in key areas of information and data protection compliance. Courses run throughout the year around the United Kingdom.
 
Here is a selection of courses taking place shortly:   
Peter Given_ Bond Dickinson
Peter Given
Womble Bond Dickinson
Organisations are legally required to notify a personal data breach to the national data protection authority unless the breach is unlikely to negatively impact individuals. Organisations are additionally obligated to inform affected, and potentially affected, individuals where the breach is likely to result in a high risk for the rights and freedoms of those individuals. This highly practical training session looks at the breach notification obligations in detail, including:
  • the types of incidents that will trigger the requirement to notify
  • actions that organisations should be taking now in order to prepare for a possible security breach
  • incident response plans and opportunities to mitigate risk
  • implications for data processors
  • what the ICO, and other relevant regulators, expect organisations to do
  • the requirement for an internal breach register and how to maintain it
  • consequences of failing to notify breaches 
It is recommended that delegates attending this session have a basic knowledge of current data protection legal requirements. Delegates with no existing knowledge may find it helpful to attend Data Protection Essential Knowledge Level 1 before attending this training course.

The next available dates for this course are:
  • London    Monday, 25th June 2018
  • London    Monday, 3rd December 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Records Management 1
John Wilson, Mosaic
Organisations face increasing pressure to manage their records according to statutory and business requirements. As the use of electronic records and the deployment of electronic document and records management systems continue to increase, the core skills of the person responsible for records management become ever more important to the organisation. In many cases, appropriate data protection and FOI compliance will depend upon a good records management system.This invaluable training session, led by John Wilson, examines core concepts of good records management practice.Records Management 1 is an introductory level session that provides delegates with a thorough grounding in the fundamentals of records management, including:
  • introduction - basic concepts
  • records management tools
  • records lifecycle approach
  • designing a file plan
  • records destruction
  • legal framework / compliance
  • management of electronic records and email 
Upcoming dates for this training course are:
  • London           Tuesday, 17th July 2018
  • Manchester    Wednesday, 5th September 2018
  • Edinburgh      Thursday, 4th October 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Records Management 2
This course examines how to implement good records management practice. Led by John Wilson, Records Management 2 is an intermediate level session that provides a grounding in the fundamentals of records management, including:
  • introduction - initiating a records management project
  • records audit
  • process mapping
  • building a business classification scheme
  • measuring performance
  • EDRMS
  • sustaining a records management programme
Delegates are encouraged to share their own experiences at the session. The day will be a mixture of presentation and practical exercises. There will be plenty of opportunity for questions.Upcoming dates for this training course are:
  • London           Wednesday, 18th July 2018
  • Manchester    Thursday, 6th September 2018
  • Edinburgh       Friday, 5th October 2018
A discount is available for delegates attending both the Level 1 and Level 2 sessions, as well as for multiple delegates attending from the same organisation.For further information and to make a booking,
  1. Visit PDP's website  
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 
 
Manish Soni
Manish Soni
MacFarlanes
Breaches of information security are consistently one of the top two reasons for data protection regulator enforcement action. And fines for breaches of security are usually higher than for other types of breaches.With mandatory breach notification under the GDPR and the significant uplift in potential monetary penalties, compliance professionals need to be suitably empowered with cybersecurity knowledge and awareness to assist their organisations to both mitigate ongoing data security risks and to deal with personal data breaches. It is also useful for compliance professionals to have a basic knowledge of cybersecurity terminology to facilitate effective communications with IT Team members.This session is prepared specifically in the context of the GDPR and the objective of compliance professionals dealing more assuredly and knowledgeably with cybersecurity within their organisations. Find out more...The course is taking place on the following dates:
  • London           Monday, 2nd July 2018
  • Manchester    Tuesday, 13th November 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue

Practitioner Certificate in Data Protection - GDPR Conversion Programme
Ensure you are have the knowledge to practically implement the GDPR in your organisation.  
 
The Practitioner Certificate in Data Protection is the practical qualification which can be taken either on an intensive, flexible or distance-learning basis.
 
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the new Regulation." 
Joanne Maurizi 
MutualOne 
 
Find out more >
   

"By far the most practical resource available to help understand the complexities of the GDPR..."
A Practical Guide to UK and EU Law  

This book is an invaluable practical resource for organisations in meeting the requirements of the GDPR.
Find out more & Order your copy here >
* New course for 2018 *
Cybersecurity for Data Protection Professionals  2nd July 2018 - London
Breach Notifications Training Course 

This session is prepared specifically in the context of the GDPR and the objective of compliance professionals dealing more assuredly and knowledgeably with cybersecurity within their organisations.

Practitioner Certificate in Data Protection - GDPR Conversion Programme
The online self-study Programme for candidates who gained their qualification prior to 2018 to upgrade their qualification for the GDPR era.

"I'm delighted to have passed the GDPR Conversion Programme Examination. The Programme was both enjoyable and challenging, providing an in depth look at the changes GDPR brings and how to apply these in practice.  I am now confident that my knowledge of Data Protection Law remains up to date and comfortable that I can apply the new regulations in practice in my day to day role."
Find out more >
   


Qualify as a GDPR Data Protection Practitioner

Flexible training options allow you to train alongside other commitmentsMore information >  
"The course content was informative and well presented, with very knowledgeable trainers. The exam was challenging, so I feel a real sense of achievement in having gained this qualification."   Caroline Chalk
Head External Information Services
Civil Aviation Authority
"I found the course to be thoroughly enjoyable and enlightening in a number of areas. I have managed to apply the knowledge gained through the course already in my day to day role."
Brendan Byrne
Senior Managing Consultant Security & Privacy
IBM
"The qualification strikes the right balance of interpreting important and complicated legislation and imparting this to students with a well structured course, underpinned with simple to understand information and then a vigorous examination. Organisations should feel assured by any of its staff undertaking and passing this qualification that their information is being managed and shared securely."
Kim Bellis
Records Service Manager
Royal Cornwall Hospitals NHS Trust
"I am very pleased to have followed the Practitioner Certificate in Data Protection course and passed the examination. This will be of great benefit to my employer, as it demonstrates the value we place on this complex area of ethics and compliance."
Alan White
Data Protection Manager
Pitney Bowes
"The course which was delivered by experts in the field of Privacy and Data Protection Law was very enjoyable and engaging. The examination was based on applying legislation and knowledge to practical cases rather than a test of how much information you could remember. I am delighted that I passed the exam and to have a qualification that is very much respected, as well as letters after my name! I recommend both the course and the examination for anyone wanting to increase their knowledge of Data Protection Law."
Bleneta Carr
Investigator
Pearson Education
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the impending new Regulation."
Joanne Maurizi
Assistant Manager
mutualone
"Synectics Solutions recognises that compliance with data protection regulation is critical to all organisations that handle personal information. It has never had a greater focus than at the present time. Having looked at the training and professional qualifications available, we concluded that the PDP certification was the most appropriate for our business. The course was delivered by legal experts in the field. They were able to bring the events to life with real-life scenarios and case studies."
Steve Sands
Head of Security
Synectics Solutions
 
PDP, Canterbury Court, Kennington Park, London, SW9 6DE, United Kingdom
 
 
 

 

Contact IHRIM

Office open Monday to Friday
9AM to 2PM

Connect with IHRIM

We use cookies to improve our website and your experience when using it. Cookies used for the essential operation of this site have already been set. To find out more about the cookies we use and how to delete them, see our privacy policy.

  I accept cookies from this site.
EU Cookie Directive Module Information