Aims & Objectives

• Familiarize with the General Data Protection Regulation
• Understand the principles, roles, responsibilities and processes under the Regulation
• Learn the obligations of data controllers and processors
• Familiarize with the rights of data subjects and their relevance in daily life
• Understand and apply compliance mechanisms
• Learn the rules regarding international data transfers under the GDPR
• Learn the first steps for complying with the GDPR
• Learn how to use GDPR as a data protection management system

Learning Outcomes

Having successfully completed this course you will be able to:

• Demonstrate knowledge the principles, roles, responsibilities and processes under the Regulation
• Prepare you company to be GDPR compliance
• Demonstrate knowledge on the obligations of data controllers and processors
• Protect your rights as data subject and personal data from unlawful processing
• Apply control measures and compliance mechanisms

Who should attend?

• Any company, big or small, which processes personal data within the EU
• Company executives
• Social Media Consultant
• HR and IT directors
• Anyone who wishes to know more about data protection and the GDPR, especially those handling personal data

Prerequisite skills & knowledge: None required

Available in-house/distant learning? Yes

Created by: LiberoAssurance Continuous Professional Development Training Centre Level 1 - Accredited by Univab

Part 1:

Introduction to the General Data Protection Regulation

• General Data Protection Regulation
• Definitions
• Why is the GDPR necessary?

Regulations’ analysis

• Personal Data
• Controller
• Processor
• Principles relating to processing of personal data

Lawfulness of Processing

• Conditions for Lawful Processing
• Conditions for consent
• Processing which does not require identification

Codes of Conduct and Certification

• Codes of conduct
• Monitoring of approved codes of conduct
• Certification
• Certification bodies

Transfers of personal data to third countries or international organisations

• General principle for transfers
• Transfers on the basis of an adequacy decision
• Transfers subject to appropriate safeguards
• Binding corporate rules
• Transfers or disclosures not authorized by Union law
• Derogations for specific situations

Remedies, liability and penalties

• Right to lodge a complaint with a supervisory authority
• Right to an effective judicial remedy against a supervisory authority
• Right to an effective judicial remedy against a controller or processor
• Representation of data subjects
• Right to compensation and liability
• General conditions for imposing administrative fines
• Penalties

Part 2:

Security of personal data

• Security of processing
• Notification of a personal data breach to the supervisory authority
• Communication of a personal data breach to the data subject
• Personal Data Hazards
• Dealing with hazards
• Information Security Management Systems - ISO 27001

Data Protection Officer (DPO)

• Designation of the data protection officer
• Position of the data protection officer
• Tasks of the data protection officer (DPO)
• Data protection officer’s skills and education
• Data protection officer and conflict of interests
• Internal or external DPO?

GDPR as a Personal Data Protection Management System

• Data Protection Management System
• Basic Procedures of a Data Protection Management System
• Supportive Procedures of a Data Protection Management System
• Audit

Epilogue

Teaching Methods

• Detailed seminar presentations (available for download)
• No. of slides: 205

Resources

• Reading lists and resources available in presentations

Study time allocation

• Private study hours: 24
  
• Trainer contact hours: Availability and competence of instructors upon request
• Enrollment duration: 90 days (from the date of purchase)

Credits

• CPD Points: 24
  
• ECTS/ECVET Points: 0.8