Is GDPR training necessary for IT contractors?

**PerfectStorm** · 27 April 2018, 17:40

You don’t need a course, but an understanding is certainly useful

**DaveB** · 27 April 2018, 20:33

You need to understand what it means but you don't need training. Most IT contractors wont be caught by it as you are not actively collecting and processing personal data.

The more likely scenario is that you will be handling data on behalf of your client and will be covered by their own compliance processes, either as Processors or Data Controllers. You may find some working practices become more restrictive but thats about it.

As a side note about training, there are currently no training courses around that give you any kind of recognised GDPR certification. Anyone offering courses "Certified to ISO standards" are referring to ISO 17024 which is the standard for certification training courses and nothing to do with GDPR. It just means that they way the course is structured and delivered meets the standard.

**edison** · 1 May 2018, 14:20

I've been working on a large GDPR programme since last summer. The client has run some formal GDPR training for some of the programme staff but I've heard reports that it was only so so quality.

They have also rolled out an e-learning module course on data privacy for all staff which is about an hour's worth and I had to do it. As per the answers above, formal training isn't likely to be useful for you. You only have to look at advertised roles related to data privacy to realise that a day or two training course won't get you far in what is a complex area with practitioners who already have years of experience.

The ICO site has some fairly useful content if you want to improve your own understanding.

**mudskipper** · 1 May 2018, 20:08

I did a day's training and found it very useful - enough to raise it as an issue with clientCo who thought it didn't apply to them (they are now in full on panic mode)

I think it's something we all need to be aware of.

Edit to say - I got a foundation certificate, but not convinced it's worth the paper it's written on (it was emailed!). But it shows on the CV that I at least have a high level awareness.

**kaiser78** · 2 May 2018, 07:54

You could google the key facts and implications for IT contractors without the need for any specific training IWHT.
Good point though, I must remember to do this !

**northernladuk** · 2 May 2018, 08:01

Originally posted by kaiser78 View Post

You could google the key facts and implications for IT contractors without the need for any specific training IWHT.
Good point though, I must remember to do this !

This is how it appears to me. Each client is sure to have a detailed GDPR policy and their systems and governance should be changing to meet GDPR requirements. Once that's in it should be business as normal with GDPR just becoming standard practice for all. No requirement for any particular training above and beyond everyone else IMO.

Obviously there are those involved with the policy writing and detailed legalities who'll need more knowledge but I still don't see it as a long term 'skill' for the general IT populace.

Getting yourself up to speed and knowing just a bit more than the permies I think will be more than enough for most of us. It will most certainly need to appear on your CV's though.

All IMHO.

**northernladyuk** · 2 May 2018, 08:24

Originally posted by northernladuk View Post

This is how it appears to me. Each client is sure to have a detailed GDPR policy and their systems and governance should be changing to meet GDPR requirements. Once that's in it should be business as normal with GDPR just becoming standard practice for all. No requirement for any particular training above and beyond everyone else IMO.

Obviously there are those involved with the policy writing and detailed legalities who'll need more knowledge but I still don't see it as a long term 'skill' for the general IT populace.

Getting yourself up to speed and knowing just a bit more than the permies I think will be more than enough for most of us. It will most certainly need to appear on your CV's though.

All IMHO.

It does very much depend on what you're doing. The project I am working on is predicated around data sharing between organisations, and GDPR will be more of an enabler than a blocker (probably). However, I'm not looking at training just yet as we'll need primary legislation to get us fully implemented, and that legislation is more likely to be our guide than GDPR itself.

Is GDPR training necessary for IT contractors?