Storage Limitation is a core data protection principle and requires organisations to retain personal data for only as long as it is necessary for the purposes it is held. The concept of retention is one that typically presents an organisation with a number of challenges, in particular how to actually adhere to an agreed schedule.
This 90 minute course will discuss:
- the risks of keeping data for too short a period vs. too long
- importance of data mapping to inform your data retention policy & schedule
- understanding your legal obligations to retain personal data
- understanding 'what is necessary' for the organisation to keep when there is no statutory retention period.
- what should be included in a data retention policy
- how to create a retention schedule, including the importance of stakeholder engagement.
- obligations for controllers, processors and sub-processors, including contractual instructions.
- How to manage data destruction
- Winning hearts and minds: implementing your retention policy & schedule.
The course will use examples to bring the course material to life. We have built in time for delegates to ask questions, as well as a number of test questions to see if the material is being understood.
All delegates will receive a certificate of attendance following the completion of the course.