General Data Protection Regulations: January


25th January 2018
Derby Office Icon

Welcome 2018! The year has turned and we can now say that the GDPR will come into force this year. If your organisation has its GDPR compliance matters in hand the 25th of May may not be looming too large. If not, the message is, there’s still time to become GDPR compliant, provided you start now! You can use the previous 8 steps of our 12 month countdown to help you build your GDPR compliance project plan.

This month our focus is on staff training. The ICO points to staff training as one of the appropriate organisational measures required to demonstrate compliance with the GDPR. Ensuring that your staff are aware of the importance of data protection generally, and the impact of the provisions of the GDPR from 25th May, will be one of the key considerations in your organisation’s ability to satisfy the new data protection principle of accountability, and to demonstrate that you have taken appropriate measures to ensure the security of personal data.

Our step for this month therefore is for you to provide data protection training for all staff.

Clearly, those with responsibility for data protection as part of their role and more senior levels of management will require more specific training on the impact of the GDPR, but all staff regardless of their role within your organisation should:

  • Understand the importance of data protection law and the key data protection principles;

  • Understand the key changes introduced by the GDPR;

  • Be aware of the rights of data subjects in relation to their personal data;

  • Understand the importance of data security and steps they can take to help keep personal data secure;

  • Understand what amounts to a personal data breach and what they should do if they commit or become aware of a personal data breach.

Training all your staff may present a logistical challenge, which is why the Information Law Team at Geldards together with a leading e-learning provider have developed an online Data Protection & GDPR training course, specifically designed for staff "GDPR Awareness: What employees need to know". The course encompasses all the elements outlined above in an interactive format. It is simple and easy to use, takes around 45 minutes and is designed to run online using industry standard computer equipment/devices. Users will undertake a brief assessment at the end of the course to demonstrate understanding. The course will enable your organisation to provide data protection and GDPR training to your staff in an efficient and relevant way, with minimal disruption to the working day, and will be an invaluable tool in demonstrating your data protection compliance as an organisation.

Further Information

For further information on our online Data Protection & GDPR training course please click here.




Geldards successfully advises on BioCity Group acquisition
Geldards is proud to have successfully advised on a landmark deal for the city.


Employment Cardiff Webinar Series - The Post Covid-19 Workplace
Geldards Cardiff Employment Team invite you to a series of events looking at the key considerations for the post Covid-19 workplace:


Transforming the lives of children and young people with special educational needs and disabilities
Parents of children with a disability often face significant uncertainty and struggle when seeking to secure an appropriate education and care package for their child. Each educational milestone and life stage can present fresh challenges.


Salus – Wealth and Family Protection
Salus Magazine is brought to you by the Private Client team at Geldards to help you protect your wealth and family.


Lowri Phillips


Partner, Cardiff

+44 (0)29 2039 1758