GDPR: Key Facts and Impacts

GDPR: Key Facts and Impacts

An eLearning module addressing the following issues:

- Data protection law has undergone a major overhaul which creates new rights for people and has major implications for organisations needing to satisfy those rights and avoid regulatory sanctions.

- GDPR is one of many pressures that organisations must respond to create trusted relationships with stakeholders.

- The effective management of data about people is central to building trust and complying with regulation.

This course reviews the new regulation and other pressures and explains what organisations should be doing to get ready for compliance.

This module is part of the EDMworks Data Management Agenda for Privacy

Approved for 1.5 Group A CPE credits for CIPP/E, CIPM, CIPT, CIPP/US, CIPP/G, and CIPP/C

So that you can get an idea for the feel and scope of the course, please feel free to take a look at the introductory module video below:

Completion of the course will provide the delegate with the ability to:

- Explain the reasons for the creation of the GDPR

- Explain its context within the overall challenge of managing data about people

- State the content of the reform package and the implementation dates

- Describe the scope of organisations impacted

- Describe the scope of data that it covers

- List the key rights it grants to users and employees

- Explain the roles of Data Subject, Data Controller and Data Processor

- Describe the rights and obligations a company has for processing and storing data

- List the penalties for non-compliance

- Describe how the implementation of GDPR should be aligned with other activities

The course is structured into the following components:

One eLearning course segmented into three modules. The contents of the three modules are described in Course Contents below.

Each module consists of:

- One eLearning self-paced interactive video

- One downloadable PDF file containing the course slides

- One downloadable voice transcript

- One self-assessment test enabling the delegate to assess their understanding of the module

Duration and timing

Each module has an estimated duration of 15 minutes. The overall duration of the course is 60 minutes.

On-line certification

This course contains an on-line certification that verifies delegates have demonstrated understanding of course content.

Delegates can take the test at any time. One resit is allowed.

The test consists of multiple choice, matching pair and true/false questions. Test questions are randomised.

The test should take approximately 15 minutes. There is a time limit of 30 minutes.

The delegate must answer all questions correctly.


There are self-assessments in each module that you can take as many times as you like.

This is confidential and does not form part of your test score.

On successful completion, a certificate is issued and an on-line record of achievement is maintained in our global register.

Global availability

The course modules and certification test are globally available without restriction.

They can be accessed 24/7.


The cost of the course for one delegate is GBP 75.00 (plus VAT where applicable).


When making payment you will be presented with several different PayPal options. Please choose the right one for you. If you have any queries, please contact us at


If you would like to pay against an invoice then please email us with Purchase Order details at

Corporate Rates

If you are interested in making a bulk corporate order, please email for more information.

This provides the delegate with:

- The eLearning Course

- A recognised certificate

- An entry in the EDMworks Certification Register

- The option to make this record public for job requirements

Course Contents


GDPR is a ground breaking regulation designed to fundamentally transform the protection of private personal data. It does this by granting several new rights to data subjects, empowering regulators with new oversight capabilities and mandating organisations to implement new processes and enhance data governance. GDPR is one of several factors impacting the way organisations must manage personal data. For this reason, the course is designed to describe GDPR within the broader context of managing data about people. The course is divided into three modules designed to explain the background to GDPR, its core content and the best practices being implemented within top organisations to ensure their management and use of data is "fit for purpose". The modules are:

Module 1: Setting the context for GDPR

This module describes the background to GDPR and describes the broader issues that are impacting the way organisations manage personal data. The contents of the module are:

- The Digital World, describing the different roles that people and organisations play together with their interactions and the involvement of 3rd party organisations

- GDPR, the intention. This describes the background to GDPR and its overall intention for how the EU sees the protection of data for its citizens.

- The broader context for managing data about people. It is important to put GDPR into the broader context of issues that organisations have to deal with concerning personal data.

Module 2: GDPR explained

GDPR is a big regulation consists of 11 chapters with a total of 99 articles. The basic essence of GDPR is about protecting the privacy rights of individuals and ensuring that organisations respect those rights. The modules contents are:

- Why is a new data privacy regulation needed?

- How does GDPR affect you? 

- The New Legal Framework for GDPR

- New Rights

- Data subjects, controllers and processors

- More on Data Controllers and Processors

- The Data Protection Officer

- Legislative authorities and powers

- Sanctions

Module 3: Your organisation’s approach to adoption of GDPR

This module deals with the best practices being adopted by leading organisations to address the issues raised by GDPR to ensure the organisation has the capability to effectively manage personal data and report breaches and risk related issues. The module covers the range of activities that the organisation will have to take and focuses on the need for "joined-up thinking" in order that the organisation implements real changes that will positively benefit its long term future. The contents of this module are: 

- Joined-up approach

- Actions to take now:

  • - The Board and Senior Management
  • - GDPR Task Force
  • - Change, IT, Development and Operations
  • - Culture, Communications and Training
  • - Data Governance
  • - Audit, Risk and Oversight
  • - Culture, values and people

    - People, capabilities and evidence

    On-line assessment. Scenario based multiple choice and matching questions.

    Last modified: Monday, 12 December 2016, 4:41 PM