Data Breach Support

Data Protection Act 2018

Home / Data Protection Training / Data Protection Act 2018

Training for UK Data Protection Legislation

What is the UK Data Protection Act 2018?

The Data Protection Act 2018 is the UK’s main data protection law, which works alongside the UK General Data Protection Regulation (UK GDPR). It sets out how personal data must be handled, stored, and protected by organizations and public bodies.

It replaced the older Data Protection Act 1998, bringing the UK’s law in line with the EU GDPR and tailoring it for the UK legal system.

Course Overview

This course provides an overview of the UK data protection legislation in terms of its core components and alignment with the GDPR.  Course duration is one day and can be done online or classroom based.

Enrol Today
  • Certified Qualification
  • Course Duration is 1 Day
  • Online Instructor Led
  • Provides In-depth Knowledge
  • Classroom Based Option
  • Multiple Locations Available

What is the course curriculum?

The courses consists of instructor led tuition either online or classroom based.

It consists of 10 modules that are covered over the one day training period.

Module 1: Six Data Protection Principles

Introducing Data Protection
Six Data Protection Principles

Module 2: DPA’s Alignment with GDPR

What are the Penalties?
What can We Get an Administrative Fine for?
What Influences the Size of an Administrative Fine?
Staff Member Responsibilities
Personal Information
Sensitive Data​

Module 3: Conditions for Sensitive Processing

Judicial and Statutory Purposes
Safeguarding of children and individuals at risk
Individual’s vital interests
Archiving
Preventing Fraud

Module 4: Safeguards for Sensitive Processing

Information Commissioner’s Office (ICO)
Law Enforcement

Module 5: Individual Rights Under the DPA 2018
  • Right to Be Informed
    • Right to Be Informed: When Should Information Be Provided?
    • Best Practice Guidance: Selling/Sharing PII
    • Best Practice Guidance: Purchasing PII
    • Best Practice Guidance: Publicly Derived PII
    • Best Practice Guidance: Artificial Intelligence (AI)
  • Right of Access
  • Right to Rectification
  • Right to Erasure (The Right to Be Forgotten)
    • When Can I Refuse to Comply with a Request for Erasure?
    • Erasing Children’s Data
  • Right to Restrict Processing
    • When Processing Should be Restricted
    • Other Issues about Restricting Processing
  • Right to Data Portability
  • Right to Object
    • Complying with the Right to Object
    • Rejecting the Right to Object
    • Right to Object: Processing for Direct Marketing Purposes
    • Right to Object: Processing for Research Purposes
    • Rights Related to Automated Decision Making and Profiling (1)
    • Rights Related to Automated Decision Making and Profiling (2)
    • Rights Related to Automated Decision Making and Profiling (3)
    • When does the Right not apply?
Module 6: Documenting and Logging Data

Documenting and Logging Data
What Must Be Recorded?
Maintaining Records

Module 7: Categorising Individuals and Retaining Personal Data

What is Personal Information?
Who Has PII?
Who Processes PII?
Demonstrating Compliance
Protecting PII

Module 8: Appointing a Data Protection Officer

Role of a Data Protection Officer
Involvement of the DPO
Main Responsibilities of the DPO
Working Environment for the DPO
Must We Have a DPO?

Module 9: Reporting and Responding to Data Breaches

Overview: Incident Response Plan
Developing an Incident Response Plan
Preparation
Identification
Containment
Eradication
5 Whys
How to Complete The 5 Whys
Fishbone Diagram
Recovery
Lessons Learned
Incidence Response: DPOs role

Module 10: International Data Transfers and Relevant Authorities

External Transfers
Cross Border Transfers
Transfer Mechanisms
Derogations
Adequacy
Adequate Ways to Safeguard Transfers of PII
One-Off or Infrequent Transfers
Transferring PII Between EEA Members
Adequate Countries Outside of the EEA
EU-US Privacy Shield
Privacy Shield Overview
Privacy Shield: Mechanics
Model Clauses
Public Authority Agreements

What’s included?

World-Class Training Sessions from Experienced Instructors
Data Protection Act (DPA 2018) Certificate
Digital Delegate Pack

Find Out More

Other Courses

Certified Data Protection Officer
GDPR Compliance Training
Data Protection Awareness
EU GDPR Practitioner
Dealing with DSARs

UK Data Protection Act 2018 Training Course

£1295.00 + VAT

Enrol Today

Improve your knowledge of UK Law

Enrol Today

WE CAN PROVIDE A DISCOUNT FOR MULTIPLE LICENSES

We can enrol you today, let us know your course preferences

Contact Us

Contact us.

UK DPA 2018
First
Last
Data Protection - Please give your explicit consent for the processing of your personal data.

logo

Office Hours

We are available during UK office hours.

Call Us : +44 330 027 2161
We are open from Monday to Friday
9.00 AM - 5.00 PM

Quick Links

Services

Company Overview

Cyber Security 4 you is a trading name of Cyber21 Limited, a UK registered Limited Company.

The company provides affordable and cost-effective cyber security and data protection services and solutions.

Cyber21 Limited © Copyright 2025

Cyber Security 4 you
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.