Available in the Classroom & via Microsoft Teams

Data (Use & Access) Act – Preparing for the Changes

Course Overview:

The Data (Use and Access) Act 2025 updates the UK's post-Brexit data protection framework. In addition to data protection law changes, the Act has implications that extend beyond data protection and privacy in that it aims to support growth, trust and engagement with the digital economy and improve delivery of public services, as well as to promote new data-driven businesses.

This practical session covers the aspects of the Act that are relevant to the work of data protection professionals, including the following:

• The new requirement for organisations to put in place complaints handling procedures
• Digital verification services – how they will work
• Changes to the law on automated decision-making, and their practical implications
• Reform of the restrictions on international transfers
• How the new 'recognised legitimate interests’ legal basis will operate
• Smart data schemes – what they are and how they will work
• Updates to the rules on the use of cookies, particularly those lessening the requirements for consent
• Changes to the UK Information Commissioner's Office, including enhanced powers of enforcement and monetary penalties
• What organisations should be doing now to prepare for the upcoming changes

It is recommended that delegates attending this session have a solid knowledge of general data protection legal requirements. Delegates with no existing knowledge may find it beneficial to attend the following before attending this course: Data Protection Essential Knowledge - Level 1 and Data Protection Essential Knowledge - Level 2