Everyone in your business is responsible for complying with information rights laws. We’re here to help.
We’ve taken the information governance and legislation training modules we provide to ICO staff as part of their internal training and made them available for you to reuse. This is a good place for your business to start.
You can select the modules that fit the needs of your business and add them to your existing training materials. You can also amend the modules to suit your business if you need to.
Please note: there may be some terminology which needs updating in some of these modules, which we will update over time. However you should still find the content useful in training your staff in the key points of the relevant legislation. To make sure you're accessing the latest content, use the resources on our website rather than downloading them.
The first two modules look at the different data protection terms and what they mean. They provide a basic understanding of data protection and help you assess the types of data your business uses.
These two modules take an in-depth look at special category and criminal offence data, and the measures you need to have in place if your business processes this type of information.
These three modules look at the principles that underpin the UK’s data protection laws. Understanding the principles will help you take the right steps to make sure you’re handling people’s data correctly.
These two modules look at the rights of the individual. Understanding the principles will help you take the right steps to make sure you’re enacting data protection rights requests correctly.
These two modules look at the exemptions set out in the UK GDPR and the Data Protection Act 2018. Understanding the exemptions will help you apply them correctly, where relevant.
This module explains the role of the Information Commissioner, and the responsibilities and powers held by their office. It will be useful if you want to know more about what the ICO does.