Subject Access Requests (SAR) from parents and staff are increasingly common.
This Masterclass is aimed at professionals in the education sector with a working knowledge of the right of access looking for high-level training on how to process SARs and evidence compliance with the UK GDPR requirements.
Areas covered include:
- How to recognise a SAR
- Verifying SARs
- Handling third party requests made on behalf of a data subject – in particular SARs which relate to children
- Basis for refusing SARs
- Clarifying scope of SARs
- Deadlines for responding to SARs and time extensions
- Searching for personal data: applying the ICO guidance in practice
- Reviewing data sets to apply common exemptions, such as personal data of other individuals
- Legally required supplementary information to provide when responding to a SAR
Who should attend?
This course is suitable for anyone involved with data protection compliance within an educational establishment.
It is tailored for professionals in the education sector with a working knowledge of data protection and privacy who are looking for high-level training on the legal requirements, the ICO guidance and practical advice on organisational compliance. It is suitable for DPOs, all management levels (Bursar, HR and ICT teams, for example) and others working in the sector.
What will the cost be?
The cost to is £80 + VAT and includes attendance for session 1. Sessions 3, 4 and 5 cost £50 + VAT per session to attend. To attend all 5 sessions, a discounted rate of £200 is available.
Reserving a place
To book places online, please complete the form below. If booking to attend more than one session, please include in the ‘additional notes’ section. Alternatively, please e-mail email@example.com.
Who will deliver the training?
Sean Morris, Legal Manager at Navigator, trained as a solicitor in the public sector at Brighton and Hove City Council, the first UK local authority legal team to receive LEXCEL accreditation, the quality mark for excellence in practice management and client care. He completed a seat in Education and Social Work where his responsibilities included defending the local authority at Special Educational Needs Tribunals. He is a dual qualified solicitor with the Law Society of Scotland and holds a Certificate in Data Protection Practice from the Law Society of Ireland.
Having specialised in employment law, Sean joined the litigation team at RBS/NatWest Mentor where he defended Tribunal claims and in addition began to advise on data protection law. This involved supporting businesses from a wide range of sectors, such as retail and health care, and helping prepare for compliance with GDPR. He went on to work for the largest employment law services provider for UK businesses and later joined a commercial private practice (Addleshaw Goddard) where he advised on privacy and data protection law.
Sean’s experience reviewing business compliance has included audits to check compliance with the ICO’s Accountability Framework, drafting and updating internal data protection policies and privacy information, in addition to data mapping and drafting ROPAs for a wide spectrum of clients, ranging from commercial businesses and national energy companies to independent schools and charities. He has managed teams responding to complex data subject access requests on behalf of corporate clients in the retail and banking sectors and supported businesses dealing with data breaches. He regularly delivers training on data protection and employment law, with published work appearing in Business Insider, HR Network, Daily Business, Scottish Affairs, and the Industrial Law Journal.