When you get a subject access request or you experience a data breach, you need to be certain your processes are robust.
Access requests require you to collate data from many different sources, redact it to avoid infringing the rights and freedoms of others and provide access and copies within a month. Everyone in your organisation needs to recognise a SAR and know how to deal with the request.
From the point you are aware that a breach has occurred you have decide if notification is required and if so notify the Information Commissioner’s Office within 72 hours and potentially work with them if data subjects have to be notified.
This course helps you understand what data can be released and looks at the practical issues of dealing with personal data like CCTV recordings and emails. The course assumes you have an understanding of the requirements of the GDPR and is focused on the processes that must be in place and the systems that can help you manage the task.