Description
Course Overview
The dramatic increase in the use of personal information — and the associated risks — has resulted in the introduction of global data protection regulations by European Parliament and European Council in April 2016. This course provides an understanding of new and wide-reaching requirements from the General Data Protection Regulation and those rules relevant for businesses, as well as employees’ responsibilities for protecting personal information. This is a 2-day intermediate level course, intended for audience who have general awareness of GDPR.
GDPR ADOPTION
The European Union’s General Data Protection Regulation 2018 (GDPR) is the global gold standard in the protection and management of data The GDPR is EU legislation with far reaching implications & one of the major distinctions between the GDPR & the previous legislation is that the GDPR is a regulation & not any more a directive.
This program assists your organization for GDPR adoption; You will learn the best practices of GDPR implementation, from trainers who have decades of experience in Information Security Management, IT Service Management & Data Privacy.
PROGRAM HIGHLIGHTS
This comprehensive program includes 3 critical aspects in terms of EU Legislation, required Organizational ecosystem & technology consideration for GDPR adoption
- Legal basis of data protection legislation
- Gap assessment for GDPR adoption
- Key GDPR terminology & Roles
- Essential GDPR adoption practices
- Data Protection Impact Assessments (DPIA)
- Personal data risks due to technological platforms
PROGRAM AUDIENCE
This comprehensive program is open to anyone who wants to better understand the European Union’s General Data Protection Regulation 2018 (GDPR); it is ideally suited to those in a variety of job roles including:
- Data Privacy professionals
- Information Security & IT professionals
- Information System & Security Auditors
- Compliance Officers, Legal Counsels
- Designated Data Protection Officers
- Senior Management / Leadership roles
THIS PROGRAM WILL HELP YOU TO UNDERSTAND
- Required Organizational cultures for GDPR adoption
- Roles of Data Protection Officers (DPOs)
- Behaviour, supervision & protection of personal data
- Legal aspects of GDPR
- Technical aspects of handling personal data
Program Audience Level – Beginner to Intermediate
Exam – Optional
Certificate of Attendance Awarded by – IPCERT Ltd UK
Certificate of Course Completion Awarded by – IPCERT Ltd UK, upon scoring 70% in Exam.
PROGRAM CONTENTS
Module 1
- Application of GDPR relevant provisions in the GDPR Articles & Recitals
- Personal Data & relevant provisions in the GDPR Articles & Recitals
- Controllers & Processors roles & relevant provisions in the GDPR Articles & Recitals
- Determining Controllers & Processors
- Contracts & Liabilities between Controllers & Processors
Module 2
- GDPR Principles & Relevant provisions in the GDPR Articles & Recitals
- Lawful basis for processing & relevant provisions in the GDPR Articles & Recitals
- Consent & relevant provisions in the GDPR Articles & Recitals
- European Data Protection Board (EDPB) WP29 adopted guidelines on Consent
- Contract & relevant provisions in the GDPR Articles & Recitals
- Legal obligation & relevant provisions in the GDPR Articles & Recitals
- Vital interests & relevant provisions in the GDPR Articles & Recitals
- Public task & relevant provisions in the GDPR Articles & Recitals & in Data Protection Act 2018
- Legitimate interests & relevant provisions in the GDPR Articles & Recitals
Module 3
- Special category data & relevant provisions in the GDPR Articles & Recitals & in Data Protection Act 2018
- Criminal offence data & relevant provisions in the GDPR Articles & Recitals & in Data Protection Act 2018
- Individual rights & relevant provisions in the GDPR Articles & Recitals
Module 4
- Accountability & Governance & relevant provisions in the GDPR Articles & Recitals
- Documentation & relevant provisions in the GDPR Articles & Recitals
Module 5
- Data Protection by Design & Default & relevant provisions in the GDPR Articles & Recitals
- Data Protection Impact Assessments & relevant provisions in the GDPR Articles & Recitals
Module 6
- Establishing Data Protection Officers & relevant provisions in the GDPR Articles & Recitals
- Codes of Conduct & relevant provisions in the GDPR Articles & Recitals
- Certification & relevant provisions in the GDPR Articles & Recitals
- Data protection fee & Personal Data breaches
- Security & Cyber Security, Encryption & Passwords in online services
Module 7
- International transfers & relevant provisions in the GDPR Articles & Recitals
- Exemptions & relevant provisions in the GDPR Articles & Recitals & in Data Protection Act 2018
- Immigration exemption
Module 8
- ISO/IEC 27701 Threats & Opportunities for GDPR Certification
- Bridging ISO 27001 to GDPR
- GDPR for Cloud Services, IoT & Cyber security
- Impact of GDPR on Artificial Intelligence
- GDPR for Drone Stakeholders
- Using ISO 29100, ISO 27018 & COBIT 5/2019 to comply with GDPR
Audience Kit – PDF of student study guide and following additional documents, mentioned below:
Articles & Recitals | Procedure | Template | Checklist |
Regulations of the European Parliament (GDPR) | Information Security Incident Response Procedure | GDPR Roles Responsibilities & Authorities | GDPR Gap Assessment |
GDPR Privacy Data Protection Policy | Personal Data Capture Form | Data Protection Impact Assessment Questionnaire | |
GDPR Data Subject Request Procedure | GDPR Personal Data Breach Notification Form | GDPR Competence Development Questionnaire | |
GDPR Data Protection Impact Assessment | Data Subject Request Form | GDPR Vendor Assessment Questionnaire | |
GDPR Procedure for International Transfers of Personal Data | Data Subject Request Register | ||
GDPR Personal Data Breach Notification Procedure | Personal Data Asset Inventory | ||
Operational Security Procedure | Privacy Notice Planning Form | ||
GDPR Competence Development Procedure | Record of Processing Activities | ||
Personal Data Mapping Procedure | GDPR Documentation Controller Template | ||
Privacy Notice Procedure | GDPR Documentation Processor Template | ||
Records Retention & Protection Policy | GDPR – Legitimate Interests sample-LIA Template | ||
GDPR Vendor Assessment | GDPR DPIA Template |