Online or Classroom

Every course purposefully designed

Managing Personal Data Breaches

Under the General Data Protection Regulation (GDPR) Data Controllers have a duty to record and, in some cases, report personal data breaches to the Information Commissioner as well as Data Subjects.

In addition, there are a range of other statutory and regulatory duties for recording, reporting and responding to information security incidents impacting on personal data. But there are also practical and reputational benefits from responding promptly and appropriately. An effective response can be the last chance to put things right.

This workshop will examine the law and best practice, drawing on real-life case studies, to identify how organisations can position themselves to deal appropriately with data security incidents and data breaches, in order to minimise the impact on customers and service users and mitigate reputational damage.

This is an interactive workshop using exercises and group discussion to support real-world application.

Key Topics

  • GDPR requirements and definitions
  • Information Security standards
  • Receiving reports and information
  • Investigating a breach
  • Time limits
  • Reporting thresholds
  • What is reportable and what is recordable
  • Reporting Mechanisms
  • External reporting ' ICO, DS and others
  • Containment, recovery and closure
  • Dealing with the ICO

Dates & Cost

Online

£399 plus VAT

Classroom

£449 plus VAT

Timings: 10am to 4pm

 
Date: 15 Nov 2024
Location: Online
Date: 30 Jan 2025
Location: Online
Date: 21 Apr 2025
Location: Online
Date: 17 Jul 2025
Location: Online
Date: 02 Sep 2025
Location: Online
Date: 19 Nov 2025
Location: Online

Course tutors

All our associates are experienced information governance professionals who have been training and advising in this field for many years.

  • Philip Jones

    Course Tutor


    Philip has 40 years of information management experience in the public and private sectors both as a practitioner and at a senior management level. He was Head of Information Governance at Staffordshire Council. Philip holds a masters degree in information management and an MBA. He is a senior associate for Act Now and Chair of the Exam Panel.

  • Scott Sammons

    Course Tutor


    Scott is an information governance specialist with over 15 years of experience. He has delivered a number international projects for Act Now Training and is a senior tutor on the Advanced Certificate in GDPR Practice. His previous roles include European Data Protection Lead for a bank and GDPR Implementation lead for a council. He is a former Chair of the IRMS.

  • Susan Wolf

    Course Tutor


    Susan holds a judicial position as a Fee Paid Member of the Upper Tribunal (Information Rights). She spent ten years teaching the LLM in Information Rights Law at Northumbria University and developed their Postgraduate Certificate in Data Protection Law and Information Governance. Susan is one of the senior curriculum developers for Act Now Training.

  • Lynn Wyeth

    Course Tutor


    Lynn is the Head of Information Governance for a large local authority and has over 20 years of experience as a practitioner. She holds a post graduate diploma in Information Rights, the CISMP certificate and is an accredited HSCIPP privacy practitioner. She is the author of two books and is currently undertaking a PhD. Her experience is across GDPR, FOI and RIPA.

  • Iain Harrison

    Course Tutor


    Iain is currently an Information Governance Risk Manager for a large local authority and has over 20 years of experience. He has been delivering training for Act Now for over 7 years in GDPR and FOI for public, private and charitable organisations. His extensive experience in planning and implementation of Information Rights legislation allows him to bring training sessions to life.

  • Kirsty Squires

    Course Tutor


    Kirsty is currently a DPO for a number of local authorities and has over 15 years of experience in Data Governance. She has led the IG Project Team on transformation projects to deliver local government restructure in Northamptonshire, dealing with issues including information sharing, data protection by design and leading on training and policy development.

  • Naomi Matthews

    Course Tutor


    Naomi is a local authority lawyer and holds a judicial position as a Fee Paid Member of the Upper Tribunal (Information Rights). She has extensive experience in all areas of information compliance and RIPA. Her training has been commended by RIPA inspectors and her advice has helped many local authorities understand the law and practicalities of covert surveillance.

  • Suzanne Ballabás

    Course Tutor


    Suzanne Ballabás, is a privacy professional with over ten years of practical experience in implementing privacy practices across various international organisations, in addition to acting as a compliance officer for multiple regulated entities within the UAE’s financial districts of DIFC and ADGM.

  • Olu Odeniyi

    Course Tutor


    Olu Odeniyi is a Cyber Security, Information Security and Digital Transformation Trusted Advisor who has 30 years' experience helping organisations maximise gain from technology solutions, including optimisation of business operations and processes. During this time, Olu held several key senior leadership, strategic and operational positions, in the public and private sectors.

  • Robert Bateman

    Course Tutor


    Robert Bateman is a trainer and writer specialising in privacy, data protection, security, and AI. He is a respected voice on privacy and has been writing, researching, and leading conversations in the field since 2017.

  • Craig Geddes

    Course Tutor


    Craig is a qualified archivist and records manager, with 28 years experience working across the range of information governance activities. He has worked for several Scottish local authorities as Archivist, Records Manager, and Senior Information and Improvement Officer.

What our clients say about us

    I would highly recommend the GDPR Practitioner Course. The Tutor was extremely knowledgeable and gave plenty of chance for group conversation or individual questions. A great course for anyone wanting to expand their knowledge of GDPR and understand putting the principles into practise.
    SL, BCH

    I would highly recommend the GDPR Practitioner Course. The Tutor was extremely knowledgeable and gave plenty of chance for group conversation or individual questions. A great course for anyone wanting to expand their knowledge of GDPR and understand putting the principles into practise.
    SL, BCH

    I learned so much! The course was just the right balance of theory and practical, and was very well delivered.
    CB, CHAS

    The course was very useful as an IG Officer. The trainer was knowledgeable and explained some complex aspects of the legislation using interesting examples and real life scenarios. As a refresher, even with lots of work experience behind me, it was very useful to undertake the Practitioner course. The course materials and handbook are invaluable and I know I will re-use them in conjunction with my usual resources.
    NC, Lincolnshire County Council

    A very practical and all-encompassing coverage of the UK GDPR provided over 4 days. Although 4 days is not enough time to cover this whole subject in depth, there was just enough covered with further resources and links provided within the sessions to cover all aspects of the GDPR to a level at which I now feel a lot more confident in my role. Thank you, Kirsty!
    SW, Norwich University of the Arts