GDPR - training!

[Fekko]

Does anyone know of and decent courses to get to grips with this? I've read up on it but still have questions.

No, but watching with interest as I need to start doing an information audit and working out exactly how it's going to affect us.

Likewise watching with interest!

I'll dig out my links and post them for you tomorrow!

Sorry - can't help with training advice - only sympathy. It's epic (& ridiculously impractical). We've just had a solicitor brought in for 6 months to get us ready for it and we're not exceptionally heavy in personal data. Good luck.

Looking at this too, and the lack of ICO guidance is not helpful.

6 months! They expect me to do it by myself alongside my day job!

The penalties are severe and the rules easily misunderstood. Honda was recently fined for emailing consumers asking for their permission to use the data! They were trying to comply... and GDPR hasn't even come in yet.

Ooooh hello fellow GDPR nerds !!

I can thoroughly recommend a course me and my boss have just done but am I allowed to do that on here??

We are just starting with our project plan now and so much to do!

I guess you could PM us! It seems easy enough but I have questions. Our database is a bloody sales system- it's just not fit for purpose as a marketing tool!!

I don't think it differs too much to the DPA. The main things for us are reduction in time for SARs and breach reporting, as well as increased penalties etc.

I guess if you're looking at it from a marketing perspective it would be the change in consent stuff that's more applicable to you! I am on the app so I can't PM but I have been able to reply before when someone PMs me (using the link in the email) so PM me if you would like to know the course info

It is much more onerous than the DPA. Has a massive impact on my role and I will become the DPO (as a 'small' additional task), I already work an extra day most weeks - I am dreading it!

I have done two training sessions already - about 3 hours in total, neither of which were sector specific enough to be of massive help.

I am hoping that one of my institutes begins to offer guidance to my sector but whatever they do it is a massive job to do before next spring.

I will say that the ICO are very very helpful if you call them, they are my favourite organisation to deal with.

Have you looked at the obligations for your sector on the ICO website. I started off with the data protection self assessment toolkit and 'getting ready for the GDPR'.

I have started drafting the policies we need but still have weeks of work to do.

Thanks Barchester - I was trying not to scare the OP too much (light hearted).

I'm about to start on 3 massive databases tomorrow, wish me luck...

Maybe this should become the GDPR support thread?

Someone sent me a link at work for something called GDP for dummies and said it was good ( and he's our DPO)

Better a scare on here than a massive fine IRL! 😂

It is a sledgehammer to crack a nut in many cases but we (or Brexit) can't stop it.

I've just heard about this (clearly I live under a rock) and have no idea where to start. Any links much appreciated!

Not scared, just thinking 'how in holy fuck am I going to get this lot sorted out??'. I'm dealing with databases that are not user friendly and I'm going to have to do all the data capture manually.

But of course, not only am I a mind reader, I have a magic wand!

I went on a course yesterday run by CLT. Very informative!

If we are allowed to post recommendations I can highly recommend Act Now. I have just completed the Practitioner Certificate but they do other courses which aren't as in depth.

I see that the CIM do a course - I cant see work paying for that (I pay for my own membership fees)

Ahh, ohh, why didn't i think of this before? exchange.cim.co.uk/search/?keywords=GDPR

A few nuggets I have become aware of

• GDPR is likened to The Y2K millenium bug. There is and will continue to be a lot of hype surrounding obligations, penalties for non- compliance etc.

• beware of consultancies jumping on the bandwagon, increasing the sense of panic "you have to move mountains and perform miracles in x weeks/months"

• GDPR is likely to be an aspirational goal rather than reality. Watch out for deadlines that were originally quoted as highly aggressive, being slackened when theres a realisation that it just won't be possible for organisations with limited resources to meet the targets.

• even though the DPA has been around for decades, organisations still flout the law and nothing happens to them. Of course the company open themselves to risk of prosecution, but reality is people in the know don't want to whistleblower if they want to keep their job. That's life. It's such a massive problem.

• Right to be Forgotten is the headline grabber of GDPR - but (there always is a but) my understanding is that a person wanting to exercise their Right has to justify why they want to be forgotten. Interesting.

I head up a legal department in a MNC we've been working on GDPR readiness for at least 12 mths, we have outside counsel supporting.

We're a pretty risk tolerant organisation and don't process a huge amount of data and still the task is massive - it's certainly way more onerous than DPA and current EU legislation.

There are lots of courses available but it's difficult to recommend without knowing what your company does and your role as some can be very focus dependent. Lots of articles online also

Interested in joining this thread . I've got 6 systems to sort out and struggling to get any clarification from management as to what we need to be doing