Handling and redacting subject access requests


Get Ahead
in Data Protection

with the handling and redacting subject access requests Course

Do you want to know how best to handle a subject access request (SAR)? Are you looking to learn how to deal with them in line with relevant laws and guidance?

If so, take this one-day course. It covers legal guidance and practical topics to equip you with the ability to confidently respond to a subject access request, and guides you towards a competent understanding of how to complete them in line with relevant laws. You’ll get an in-depth look at the appropriate practice and policy when it comes to tackling SARs

The course is also interactive, so you will be encouraged to ask questions throughout, and can share your real-world experiences with other attendees, discussing issues and ideas to help them within their role. You’ll also talk through real-life practice scenarios to aid with your learning, giving you a proper hands-on approach.

When you train with us at DPAS, you’ll get more than just the training. We’ll provide you with free policies, templates, and tools – after the course has concluded. We will also supply you with the relevant resources to help you throughout.


meet our trainer

Learning Outcomes

Understand the legal basis and principles of subject access requests in the UK, including the relevant sections of the Data Protection Act (DPA) and the General Data Protection Regulation (GDPR).

Recognise the different types of personal data and the scope of information that can be requested through a subject access request.

Learn the procedures and timelines for acknowledging, processing, and responding to subject access requests in a timely manner, as mandated by data protection laws.

Understand the exemptions and limitations associated with subject access requests, including scenarios where certain data may be withheld or redacted.

Gain practical knowledge on handling complex or large-scale subject access requests and strategies for managing voluminous data sets.

Understand the potential consequences of mishandling subject access requests, such as regulatory fines and reputational damage.

Learn about case studies and real-world examples of subject access requests to gain insights into practical challenges and how they were resolved.

Participate in practical exercises to reinforce learning and gain hands-on experience in managing subject access requests.

Understand the importance of ongoing review and continuous improvement of SAR processes within an organisation.

Familiarise oneself with the Information Commissioner’s Office (ICO) guidance on subject access requests and other relevant resources.

What's Included?

We’ll provide you with one of our highly skilled live trainers for the duration of the course. These experts currently work as DPOs or consultants, so can train you using real examples from their experience in the industry, ensuring the course is practical and reliable. 

We don’t just deliver courses, and leave you to it. We provide you access to our online portal – which contains dozens of useful tools, templates, audits, policies, and more – all available for you to use within your organisation.  

Though our courses are virtual, you’ll still be fully involved by participating in breakout sessions, asking questions, and sharing your experiences. You can receive valuable advice from peers in the industry, network with other delegates, and make worthwhile connections.  

Our trainers are here to help you. We will provide you with mentor support for one month after the course, to assist with any queries or issues you may have.  

join us

Upcoming courses and prices

  • 6 November
    1 day, 09:00 AM - 04:00 PM
    • £395.00 excl. VAT

Similar courses

None of these dates work for you?

who should take this course?

This course requires no prior understanding of subject access requests and provides a full overview of the relevant legislation and its practical application.

This qualification is likely to be of particular benefit to those working in the following areas:

useful course information

All of our courses are held virtually (unless otherwise stated).

All our courses are tutor-led by experienced data protection professionals.

You will need access to Microsoft Teams (MS Teams) throughout the course.

All courses will commence at 9:00am and will finish at 4:00pm.

Breaks will be scheduled throughout the day. (If you need to attend a meeting during the day, please discuss this with the trainer so they can tie this into allocated breaks.)

You will be sent a link – via email  to the Microsoft Teams meeting two to three weeks prior to the course. (Please ensure that you are able to access this before the course commences.)

All courses have a maximum of 12 delegates.

we have trained FTSE 100s Multi-National Organisations Schools Universities Councils Local Governments Agencies NHS Trusts GP Practices Retailers Charities Multi-Academy Trusts Housing Associations Ambulance Services Insurance Companies Sporting Associations Airports Retail Companies Hospitality Businesses Financial Services





Easy to understand data privacy and information security services that are always accessable, consistenty pragmatic and continually exceeding expectations.

With a DPAS course, you’re guaranteed an expert trainer, who is not only well known in the industry, but has years of hands-on data protection experience under their belt.

Our training programmes are internationally recognised and accredited by either The Chartered Institute for IT (BCS) or Continual Professional Development (CPD) Scheme. An accredited course will look better on your CV. 

If you want to speak to clients who have experienced our range of training courses, then get in touch. We are always happy to pass on contact details of our customers – with their consent, of course!

When you train with us, you receive access to free tools, templates, policies, and more – which you can use in your organisation. We also offer one month of support after the courses to ensure your questions are answered and that you’re confident going forward.

If you want us to train your staff virtually we can! Alternatively, if you’d prefer a more interactive approach, we can come to your place of work. We will always try and fit in with you and will be more than happy to discuss options.

We can offer bespoke training created for your organisation. For example, we can simulate a cyber attack for your Senior Managers to see how they would react to a real life threat, best preparing them for those situations should they ever arise.