GDPR Essentials
A comprehensive course equipping every team member with the knowledge to stay GDPR compliant.
Duration
1 Hour
Lessons
27
CPD Hours
1
Certificate
On Completion
WHAT YOU WILL LEARN
Six outcomes from this training
Understand the importance of data protection and the consequences your organisation faces if it breaches GDPR regulations
Know the relevant UK GDPR rules and regulations as they apply to your business and the personal data you process
Understand the seven principles of data protection as set out in the UK GDPR and what they mean for how your organisation handles data
Understand the rights individuals have over their personal data and how to follow the correct procedures to respect and protect those rights in your work
Understand how to process Subject Access Requests correctly and within the timescales required by law
Recognise data breaches and near misses, and know the steps your organisation must take to mitigate them and meet reporting obligations
About this training
Every member of your organisation who handles personal data carries a legal responsibility under UK GDPR. Without a clear understanding of what that means in practice, the risk of a breach — and the consequences that follow — falls on individuals who may never have been properly trained.
This course provides a clear and practical introduction to the core principles of GDPR, designed for staff at every level. It covers the legal framework, the rights of data subjects, how to handle Subject Access Requests, and how to recognise and respond to a data breach. On completion, learners receive a CPD certificate demonstrating compliance with ICO training requirements.
Developed by Ben Murphy, an experienced barrister working in-house at Briefed who has advised organisations on GDPR compliance since 2018, this training is built from live advisory experience and kept current as regulations evolve.
Key topics
-
1
The importance of data protection
-
2
Reputational damage and fines
-
3
Data categories
-
4
The data protection principles
-
5
Subject Access Requests
-
6
Data breaches
What learners say
“Doing this training always reminds me how important it is to protect data and what rights I have as a data subject.”
Frequently asked questions
The UK General Data Protection Regulation (UK GDPR) is the UK’s data protection law. It sets out how organisations must handle personal data and ensures individuals have control over how their information is used. The law is based on the EU GDPR but tailored for UK law following Brexit, and operates alongside the Data Protection Act 2018.
Personal data means any information that can identify a living person, directly or indirectly. This includes obvious identifiers such as names, email addresses, and phone numbers, as well as less obvious ones such as IP addresses or device IDs.
The UK GDPR applies to all organisations, public or private, that process personal data about individuals in the UK. It also applies to organisations outside the UK if they process the personal data of UK residents.
The UK GDPR mirrors most of the EU GDPR’s requirements but is now independent of the EU legal framework. The principal difference lies in jurisdiction: the UK GDPR applies to UK-based processing, while the EU GDPR applies across the EEA. Organisations processing data in both jurisdictions must comply with both.
A data breach is any security incident that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data. Organisations must report breaches that meet the threshold to the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of them.
All staff should complete GDPR training on induction and annually thereafter. Refresher training is recommended whenever data protection policies, laws, or technologies change. Regular training demonstrates compliance with ICO guidance and reduces the risk of a data breach caused by human error.
Related training
Related services
Briefed offers advisory, audit, and policy services alongside training. If your organisation needs support beyond eLearning, we can help.