What is URM’s Data Subject Access Request (DSAR) Course?
Under the General Data Protection Regulation (GDPR) an individual (data subject) has the right to access their personal data which is processed by an organisation. This is one of the key rights under DP legislation and failure to adequately respond to a DSAR can carry significant penalties from the regulator (ICO in the UK). URM’s 1-day DSAR Course will address all aspects of managing a DSAR.
By Attending This Course, You Will Learn:
- What the rights of access to personal data are and what is a DSAR?
- How to recognise a DSAR and determine whether its valid or not
- All the key stages in dealing with a DSAR, from ‘acknowledgement’ to ‘completion’
- How to liaise with an individual when seeking to clarify a DSAR
- How to verify the identification of a data subject
- The timescales for responding to a DSAR, and when it is possible to extend the response time
- What is redaction and how you go about redacting information?
- What is disclosable, e.g., a name alone is not always personal data
- When you are not legally obliged to release data, i.e., dealing with exemptions
- How to deal with unfounded or excessive requests
- How to respond to a data subject and complete a DSAR
- What to do if the data subject complains to the ICO.
What are the Prerequisites for Attending?
Some basic knowledge of data protection law and key principles and terminology would be beneficial but not mandatory.
What is the Format of URM’s DSAR Course?
URM’s DSAR Training Course leans heavily on discussions, exercises and real-life scenarios which are designed to help you understand how to deal with a DSAR back in your work environment.
The on-line course is also designed to encourage debate and the sharing of knowledge and experience.
The course runs from 9:30 am to 4:30 pm with 45 minutes for lunch and a 10 minute break in the morning and afternoon.
Why Train With URM?
- We believe that the key differentiator between URM and other data protection (DP) training providers is the calibre of our trainers.
- You will benefit from the fact that all URM’s trainers are practising DP consultants, who are highly experienced in dealing with subject access requests, but also conducting DPIAs and dealing with data breaches.
- One area of particular expertise is redaction, where URM has extensive experience of establishing DSAR response teams and training DP team members to become proficient and confident redactors
- As such, they are able to translate best practice theory into ‘real world’ practical applications. URM’s trainers all adopt a facilitative approach, where the goal is to maximise knowledge and skills sharing across the group.
Enjoyed the redacting exercise at the end, which was interesting to see how people would redact the information differently I found this really useful to apply to SARs I might receive going forward, and that it's down to interpretation.
Who should attend this course?
Anyone who might be responsible for dealing with DSARs, including:
- Private, public, charity and voluntary sectors
- Data protection officers, leads or champions
- HR professionals
- Business and office managers
- Legal departments
- Practice managers and partners