PDP - Compliance News Updates

UK Data Protection Bill gets amended
PDP header graphic
  Issue: 20.03.2018

UK Data Protection Bill gets amended
The House of Commons Public Bill Committee has adopted amendments that introduce new measures for personal data processing carried out by safeguarding professionals. Victoria Atkins MP, Parliamentary Under-Secretary of State, the Home Office said: "This is probably the most important new measure that we intend to introduce to the Data Protection Bill. The amendments will ensure that sensitive data can be processed without consent in certain circumstances for legitimate safeguarding activities that are in the substantial public interest." Amendment 85 permits the processing of sensitive personal data which is necessary to safeguard children from physical, emotional, sexual and neglect-based abuse. Amendment 86 permits the processing of health data necessary to protect an individual's economic wellbeing where that individual has been identified as an individual at economic risk.

17th Annual Data Protection Conference - booking now open
Attend London's largest annual data protection event on the GDPR. The 17th Annual Data Protection Compliance Conference takes place in London on 11th and 12th October. Workshops on the second day feature practical compliance topics such as 'Updated Rights Under the GDPR', 'How to Implement Data Protection by Design and Data Protection by Default', 'Preparing for Compulsory Breach Notifications', and 'Cybersecurity and the GDPR'.  Bookings can be made online. Early booking is recommended, as this event has sold out in the past few years.
Facebook faces transatlantic backlash after potentially mishandling huge data breach
The UK regulator has announced that it is investigating the circumstances in which Facebook data may have been illegally acquired and used. The announcement comes after Facebook suspended data firm Cambridge Analytica (credited with helping Donald Trump win the 2016 US election) from its services, following claims that the company improperly harvested private information from 50 million Facebook users via an app. Massachusetts' Attorney General, Maura Healey, said: "This is a major breach that must be investigated. It's clear these platforms can't police themselves. Mark Zuckerberg needs to testify before Senate Judiciary." Facebook executive Andrew Bosworth tweeted "This was unequivocally not a data breach."

WhatsApp signs undertaking with ICO
WhatsApp has signed an Undertaking with the UK Information Commissioner's Office committing to not sharing personal data with Facebook until it can do so in compliance with the GDPR. The Undertaking is the outcome of the ICO's investigation of WhatsApp commenced in August 2016 into whether the company could legally share users' data with Facebook in the manner set out in its updated privacy policy. Information Commissioner Elizabeth Denham said "I reached the conclusion that an Undertaking was the most effective regulatory tool for me to use, given the circumstances of the case. As WhatsApp has assured us that no UK user data has ever been shared with Facebook (other than as a 'data processor'), I would not be able to meet the criteria for issuing a civil monetary penalty under the Data Protection Act."

UK regulator launches campaign to help 'micro-businesses' with new law
The Information Commissioner's Office has launched a GDPR awareness campaign aimed at assisting those employing fewer than 10 people. The campaign has been launched with a series of radio adverts, which are principally aimed at micro-businesses that haven't heard about the GDPR at all. Information Commissioner Elizabeth Denham said: "All organisations have to be ready for the new data protection rules, but we recognise that micro-businesses in the UK face particular challenges. For the large majority of [such] businesses, the steps towards GDPR compliance can be practical and achievable without costly or expensive external support." She added "It's also worth noting that many sector and industry groups and associations are offering help to micro businesses about the GDPR and can be a good starting point for industry-specific advice."
More in depth data protection news and articles... 

PDP Journals logo
New GDPR Article Series 

Privacy & Data Protection journalIntroducing a special series of articles on the practical changes that organisations need to implement in order to prepare for the GDPR

Visit the
Privacy & Data Protection for a Free Sample and to Subscribe

Subscribe to two or more titles at the same time and receive a 15% discount off the cheapest journal.

PDP Training logo

Our professional and practical Training Courses enable delegates to understand the legal requirements in key areas of information and data protection compliance. Courses run throughout the year around the United Kingdom.
Here is a selection of courses taking place shortly:   

Records Management 1
John Wilson, Mosaic
Organisations face increasing pressure to manage their records according to statutory and business requirements. As the use of electronic records and the deployment of electronic document and records management systems continue to increase, the core skills of the person responsible for records management become ever more important to the organisation. In many cases, appropriate data protection and FOI compliance will depend upon a good records management system.This invaluable training session, led by John Wilson, examines core concepts of good records management practice.Records Management 1 is an introductory level session that provides delegates with a thorough grounding in the fundamentals of records management, including:
  • introduction - basic concepts
  • records management tools
  • records lifecycle approach
  • designing a file plan
  • records destruction
  • legal framework / compliance
  • management of electronic records and email 
Upcoming dates for this training course are:
  • London    Monday, 9th April 2018
  • Bristol      Thursday, 14th June 2018
  • London    Tuesday, 17th July 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Records Management 2
This course examines how to implement good records management practice. Led by John Wilson, Records Management 2 is an intermediate level session that provides a grounding in the fundamentals of records management, including:
  • introduction - initiating a records management project
  • records audit
  • process mapping
  • building a business classification scheme
  • measuring performance
  • sustaining a records management programme
Delegates are encouraged to share their own experiences at the session. The day will be a mixture of presentation and practical exercises. There will be plenty of opportunity for questions.Upcoming dates for this training course are:
  • London    Tuesday, 10th April 2018
  • Bristol      Friday, 15th June 2018
  • London    Wednesday, 18th July 2018
A discount is available for delegates attending both the Level 1 and Level 2 sessions, as well as for multiple delegates attending from the same organisation.For further information and to make a booking,
  1. Visit PDP's website  
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue 

Data Protection - Preparing for the GDPR (Introductory Level)
Robert Bond_ Bristows
Robert Bond
The EU General Data Protection Regulation (GDPR) is by far the biggest regulatory development in information law in 20 years. Repealing the current data protection framework, the Regulation will impose new obligations on data controllers that all organisations will have to get to grips with before the Regulation enters in to force on 25th May 2018.This course provides delegates with a detailed insight in to the main provisions of the EU Regulation as well as the implications of Brexit. This course offers practical guidance on what organisations should start doing to ensure that they are prepared for the changes. The content includes:
  • the scope of the Regulation, including extra-territorial applicability
  • key definitions
  • the role of the lead authority
  • the principles relating to personal data processing, including a detailed analysis of 'consent' and 'legitimate business interests'
  • new obligations on data processors
  • data breach notification
  • new obligations for Data Protection Officers
  • data subjects' rights
  • data protection by design and default
  • accountability
  • codes of Conduct and Certification
  • international data transfers
  • consequences of non-compliance
Delegates attending this session must have a basic knowledge of current data protection legal requirements in order to be able to understand the material in this session. Delegates with little no existing knowledge should attend Data Protection Essential Knowledge Level 1 before attending this training course.The next available dates for this course are:
  • London          Tuesday, 1st May 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue

Advanced Records Management
John Wilson_ JMW Mosaic
John Wilson
JMW Mosaic
This training course provides an in-depth analysis of the key issues and challenges facing those responsible for the management of records and information in the current business environment. This training session is designed to meet the needs of senior and more experienced practitioners and builds on the basic and intermediate skills and techniques covered on the Records Management 1 and Records Management 2 training courses. Topics covered include:Information governance
  •  Dealing with risk
  •  Records management policy development
  • Embedding good records management practice
  • Records migration and dealing with legacy records
  • Digital continuity - managing electronic records over time
Delegates are encouraged to share their own experiences in the session. 

The next available dates for this course are:
  • London          Monday, 16th April 2018
  • Manchester    Friday, 27th April 2018
  • Glasgow        Friday, 22nd June 2018
For further information and to make a booking,
  1. Visit PDP's website 
  2. Telephone PDP at +44 (0)207 014 3399
  3. Download the PDF Training Catalogue
Role: Senior Data Protection AnalystOrganisation: Office of the OmbudsmanLocation: Cayman Islands 

Upcoming session in Glasgow (final few places remaining)

This invaluable one-day session is designed to meet the needs of anyone who has responsibility for the use of employee data, including Human Resources and Compliance Officers 

PDP Training Catalogue 2018  
available for download
Browse through PDP's leading information compliance qualifications and training courses 
PDP Training Catalogue 2018 
Privacy & Data Protection Journal  
Privacy & Data Protection - Volume 17, Issue 8 
The latest edition (Volume 18, Issue 4), features the following articles:
GDPR series:
Outsourcing contracts
- all changed,
changed utterly?GDPR series: new
obligations on data
processorsGDPR series: the Right
to be ForgottenIreland's take on the
Request a FREE sample or Take out a New SubscriptionFor more information, please visit PDP Journals .  
PDP Logo 
Contact us 
Should you have any Training, Conference, Recruitment or Journal queries, please 
This email address is being protected from spambots. You need JavaScript enabled to view it.

Practitioner Certificate in Data Protection
Practitioner Certificate in Data Protection
Qualify as a Data Protection Practitioner

Flexible training options allow you to train alongside other commitmentsMore information >  
"The course content was informative and well presented, with very knowledgeable trainers. The exam was challenging, so I feel a real sense of achievement in having gained this qualification."   Caroline Chalk
Head External Information Services
Civil Aviation Authority
"I found the course to be thoroughly enjoyable and enlightening in a number of areas. I have managed to apply the knowledge gained through the course already in my day to day role."
Brendan Byrne
Senior Managing Consultant Security & Privacy
"The qualification strikes the right balance of interpreting important and complicated legislation and imparting this to students with a well structured course, underpinned with simple to understand information and then a vigorous examination. Organisations should feel assured by any of its staff undertaking and passing this qualification that their information is being managed and shared securely."
Kim Bellis
Records Service Manager
Royal Cornwall Hospitals NHS Trust
"I am very pleased to have followed the Practitioner Certificate in Data Protection course and passed the examination. This will be of great benefit to my employer, as it demonstrates the value we place on this complex area of ethics and compliance."
Alan White
Data Protection Manager
Pitney Bowes
"The course which was delivered by experts in the field of Privacy and Data Protection Law was very enjoyable and engaging. The examination was based on applying legislation and knowledge to practical cases rather than a test of how much information you could remember. I am delighted that I passed the exam and to have a qualification that is very much respected, as well as letters after my name! I recommend both the course and the examination for anyone wanting to increase their knowledge of Data Protection Law."
Bleneta Carr
Pearson Education
"I am delighted to have achieved this qualification. The Certificate sets a recognised standard for data protection professionals and it has provided me with the knowledge and confidence of data protection requirements, especially in light of the impending new Regulation."
Joanne Maurizi
Assistant Manager
"Attaining the Practitioner Certificate in Data Protection evidences that I have the in-depth knowledge and understanding of data protection issues required to ensure our firm remains compliant with the requirements of the legislation. The intensive 5 day course delivered by data protection experts was extremely informative, and provided me with essential technical background and practical work based scenarios before undertaking the exam."
Helen Hassen
Quality & Investigations Manager
Brewin Dolphin
 "Synectics Solutions recognises that compliance with data protection regulation is critical to all organisations that handle personal information. It has never had a greater focus than at the present time. Having looked at the training and professional qualifications available, we concluded that the PDP certification was the most appropriate for our business. The course was delivered by legal experts in the field. They were able to bring the events to life with real-life scenarios and case studies."
Steve Sands
Head of Security
Synectics Solutions
PDP, Canterbury Court, Kennington Park, London, SW9 6DE, United Kingdom