Duration
2 Days
12 CPD hours
About this course
A prior understanding of EU Data Protection legislation is recommended. Candidates are typically management professionals and decision-makers who already have responsibility for data protection compliance within their organisation.Co-Requisite Subjects Candidates should have a good understanding of their own organisation's data management activities through the life cycle from initial acquisition, through the various areas of processing and usage, to eventual removal or destruction.
Overview
To equip the learner with a foundational understanding of the principles of the General Data Protection Regulation (GDPR) and to provide constructive suggestions on implementing compliant processes.
The social, historical and legal background leading to the General Data Protection Regulation (GDPR)- The scope and global context of the GDPR
- The key concepts within the GDPR
- The definition of all key words and phrases relating to this Data Protection regulation
Principle One: The criteria governing fair, open and transparent processing of personal data- Principle Two: Purpose Limitation, the challenge of limiting the processing within the context of specified and lawful purposes
- Principle Three: Minimisation of processing, and ensuring that only that data is processed which is necessary to achieve the purpose.
- Principle Two: Purpose Limitation, the challenge of limiting the processing within the context of specified and lawful purposes
- Principle Three: Minimisation of processing, and ensuring that only that data is processed which is necessary to achieve the purpose.
- Principle Four: Ensuring that any personal data held by the organisation is kept accurate and current, and that any processing of such data is appropriate
- Principle Five: Management and storage of personal data in a manner that meets regulatory obligations, while minimising the time that the individual remains identifiable
- Principle Six: The criteria governing safe, secure and confidential processing of personal data in order to protect its integrity
- Principle Seven: The key roles, responsibilities and accountabilities of those involved in Data Management within an organisation
- Establishment within a single Member State
- Joint Controllers
- Privacy by Design and by Default
- Nominated Representatives
- Third-party Contracts and shared liability
- Logging of data management processes
- Data Breach Notification obligations
- Privacy Impact Assessments
- Overseas transfer of personal data
- L2.8 The Data Subject Rights, and their implications for the Data Controller and the Data Processor
- L2.8.1 The right to be forgotten
- L2.8.2 The right to restriction of processing
- L2.8.3 The right to object to certain processing
- L2.8.4 The right to have inaccurate data amended or erased
- L2.8.5 The right to data portability
- L2.8.6 The right of access to ones personal data
- L2.8.7 Rights in relation to automated decision-making and profiling
The role of the Data Protection Officer (DPO)- The role of the Data Protection Officer (DPO)
- Criteria for designating a DPO
- Tasks of the DPO
- Position of the DPO within the organisation
- The role of the Supervisory Authority within the Member State
- The Lead Supervisory Authority and independence
- Investigative, corrective and advisory powers
- Independence of the Supervisory Authority
- Collaboration with other Supervisory Authorities
- Codes of Conduct and Certification
- The role, powers and tasks of the European Data Protection Board (EDPB)
The remedies, liabilities and penalties available under the GDPR- Right to raise a complaint
- Right to representation
- Right to effective judicial remedy
- Right to compensation and liability
- Administrative fines of up to 10m or 2% of GAT
- Administrative fines of up to 20m or 4% of GAT
Provisions for specific processing situations- Freedom of Expression
- Processing of official documents
- Processing of National Identification Numbers
- Processing regarding employment
- Processing for archiving purposes
- Processing under obligations of official secrecy
- Processing of data by religious organisations
Preparing for implementation of the GDPR- Review of data management policies and procedures
- Review of data assets and security structures
- Training and Awareness-raising
- Data management governance structures
- Embedding Privacy By Design and Default
- Codes of Conduct and Certification against standards
- Breach detection and notification procedures
- Review of third-party agreements, contracts
Additional course details:
Nexus Humans The GDPR Primer for Data Protection Officers training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward.
This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts.
Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success.
While we feel this is the best course for the The GDPR Primer for Data Protection Officers course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you.
Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.