This massive open online course is a great way to understand more about GDPR, however it does not hold any credits and can not be used as a top-up for your University credits.

Throughout the learning process you will be awarded a Digital Open Badge for completing each unit. These are internationally recognised by many employers and educational institutions and will allow you to display your study achievements, even if you only wish to complete a specific unit.

Upon finishing the course, you will be issued an E-Certificate featuring all earned badges and stating that you have completed the full course, so that you can add it to your CV or education portfolio.

If you're interested in exploring what else University of Derby Online Learning has to offer, browse our online courses.

High quality free online learning experience

In 2016, the University of Derby received the OpenupEd quality label. This means that the University of Derby is recognised as operating in a continuous process of improving their MOOC offerings. By achieving this label the University of Derby demonstrates that it offers quality controlled MOOCs in compliance with benchmarks tailored to both online and open education and keeps up to date with the latest developments. Furthermore, that it uses the OpenupEd quality instrument for benchmarked self-assessment on MOOCs and takes measures of improvement accordingly.

OpenupEd logo

An accredited provider of the CPD Standards Office

We are proud to be an accredited provider of the CPD Standards Office for our online short courses and free courses, demonstrating that they conform to CPD best practice and are appropriate for inclusion in a formal CPD record.

The CPD standards office CPD provider

Course units

The course is made up of 3 units, each will require up to 8 hours of study.

The legal module has a focus on providing knowledge about the legal framework for data protection

  • The legal basis of data protection
  • The role of Data Processors and Controllers
  • Personal data and data subjects
  • Special categories of personal data
  • Exceptions and derogations
  • Data processing
  • Data protection principles
  • Conditions for lawful processing of data
  • Privacy notices and policies
  • Retention and destruction of data
  • Data security
  • Data protection by design and default
  • Accountability and governance
  • Subject access requests
  • Rectification and erasure
  • Breaches, fines and enforcement
  • Applications in professional roles in big and small organisations
  • Case studies and assessments

The Behavioural and Security module is aimed at allowing participants to understand the impact of data in the behaviour of a given organisation and to acquire the ability to manage the security-related aspects involved.

  • Potential data security risks for an organisation related to employee behaviour
  • Organisational culture and security
  • Improving organisational behaviour
  • Authentication of system users
  • Social media security risks
  • Human error
  • Compliance, obedience and human motivation
  • Personality theory and implications for GDPR
  • Characteristics of data breaches
  • Case studies

The Technical, Organisational and Impact Assessment module covers technical aspects of data creation, management and storing, as well as the ability to devise data management strategies and evaluate the impact of policies.

  • Technical aspects of data protection
  • Key principles
  • Internet of things
  • Cloud computing
  • Profiling technologies
  • Privacy by design
  • Block chain technologies
  • Security protocols
  • Data protection impact assessment