GDPR Implementation and Compliance Workshop – Exeter

Mercure Exeter Southgate

About this course

This two day workshop has been designed to give business owners and those involved in implementing GDPR a better understanding of the regulations and to help them to design their own plan to work towards becoming compliant.

The two days will include group work and practical activities that are applicable to your own business.

Day 1 – Puttng it all into context:

What is GDPR? – an overview of the regulation:

  • The regulation’s scope
  • Definitions
  • Individual’s rights
  • The six key Principles
  • Categories of personal data
  • Security
  • Data breach and notifications
  • Protection by design and default
  • Fines and right to compensation

The first steps to compliance:

  • Data governance obligations
  • Policy reviews and privacy notices
  • Integrating GDPR across the whole organisation
  • Internal and external audit requirements
  • Outline of step by step process to follow
  • Group exercise

Assessment of your business and gap analysis:

  • Importance of gap analysis
  • Undertake gap analysis exercise
  • Discuss work to do overnight

Day 2 – Application within your business:

Data mapping:

  • Importance of data mapping
  • How to data map
  • Undertake a data map for your organisation

Data Protection Impact Assessments:

  • What is a DPIA?
  • How to conduct a DPIA for your organisation
  • Exercise on undertaking a DPIA

Data Breach and Subject Access Requests:

  • What is defined as a breach?
  • Remedies and liabilities
  • Obligations and statutory requirements
  • Responding to subject access requests

Policies, Procedures and Notices:

  • Templates that can be utilised immediately back in your business
  • NIS Directive and how it fits with GDPR
  • Data Protection Officers roles

This intensive two day workshop will enable you to begin your compliance journey with confidence, understanding and a clear plan.

Sampson Hall Team:

Phil Sampson –

An expert in strategy, transformation and governance he works at the top of organisations on Strategy, Leadership, Incident Management, Information Security, GDPR and Organisational Culture. He served in the Royal Marines for 32 years. As a counter terrorism expert he served in Whitehall, the Security Service and the US National Counter Terrorist Center. Recently he led the UK’s Cyber delegation to Mexico and presented on GDPR to the IoD in Monaco.

Sandra Sampson –

An expert in human dynamics and a proven coach with a great track record; Sandra is a qualified EU GDPR Practitioner and a Data Protection Officer, ISO 17024. Sandra has worked internationally in the Veterinary world and has been involved as a head of department in Further Education. She has a deep understanding of marketing which enables her to practically advise and implement on the new regulations.

Alasdair Cameron:

Alasdair has significant cross sector experience working both in the UK and abroad. An experienced Board member and CEO, he understands risk and governance. He is highly commended and recognised for his imagination, flair, people skills and possesses a compelling drive for success. He was one of the key senior contingency leaders for the London Olympics, he now specialises in business governance and compliance. His experience includes the delivery of high-level and business critical issues in process, compliance and finance across a range of organisations and businesses.

Book Course


Mercure Exeter Southgate, EX1 1QF