The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

This checklist is for sole traders, and other UK small businesses. Use it to help people in your business get the right information about handling personal data correctly.

Once you complete the checklist, you get a short report with practical actions you can take and additional guidance to improve how you give data protection training.

If you’re unsure if you need to comply with data protection law, you should take this short quiz first.


1. Is someone responsible for delivering data protection training in your business?
2 Does the responsible person understand key data protection requirements so they can ensure the training covers them?
3 Does the responsible person know what else they should include in a training plan?
4 Does the responsible person know when staff should receive their training?
5 Does the responsible person maintain a training log?
6 Do you regularly review the training?