On this accelerated 3-day Certified Data Protection Officer course you'll develop the skills to implement, manage and align a privacy framework based on General Data Protection Regulation (GDPR) requirements for your organisation.
You'll get an insight into the critical gap between the GDPR and current organisational processes such as security policies, procedures and working instructions. Understanding and acting on this knowledge will help safeguard your organisation from prosecution in the event of a cyber breach. Breaches to EU regulation by multinationals can result in fines upwards of £20 million and could be as high as 4% of worldwide gross turnover.
Some of the modules you'll cover throughout the course include:
European data protection framework
International data protection framework
Data protection and information technologies
Privacy security Management and incident response
Information system audit
With the EU GDPR coming into effect in 2018, organisations need to prepare now. This law applies to firms both in the EU, but also those outside that handle personal data of EU citizens. These regulations establish a legal requirement that organisations with more than 200 staff employ a full-time Data Protection Officer.
On this course you'll be prepared for and sit the PECB Certified Data Protection Officer Exam. This is covered by your Certification Guarantee.
This course is aimed at Data Protection Officers as well as individuals involved in data protection and data privacy. This includes project manager and operational managers.
This course is designed to complement the Certified Lead Privacy Implementer course.
Introduction to personal data protection
Presentation of the General Data Protection Regulation
Fundamental concepts included in the GDPR
Explaining definitions under the General Data Protection Regulation
Introduction of the internet governance
Look into the UN resolutions involving personal data protection
Safe international transfer of personal data to non EU states
Green lists: Countries with an adequate level of personal data protection
Binding Corporate Rules
International agreements: PNR’s (Australia, Canada, US), Privacy Shield
Explicit consent for international transfer; when do you need it?
Personal data protection in USA, Canada, South America
Data Protection and Information Technologies
Fundamentals in information security risk management
Analyzing fundamental principles of confidentiality and Integrity (and Availability)
Implication of the GDPR for access policies
GDPR security measures (pseudonymization and cryptography)
Privacy and Security
Understanding the implication of technology in personal data protection
Big data: systematic and automated profiling
Big data and the GDPR
Internet of things: Devices that gather (non-stop) personal data and the alignment with the GDPR
Presentation of the new era with quantum computing
Management and Incident Response
Understanding what is a personal data breach
Explaining how to react under a personal data breach
Introducing different types of incidents
Necessity of a continuity plan and policies for accountability
Data Protection Impact Assessment
Understanding what is Data Protection Impact Assessment according to the GDPR
Answering on why, when and how should a DPO assess in the process of carrying out a DPIA
Explaining in detail the steps to follow in a DPIA
Introducing and explaining the Personal Data Life Cycle
Exercise on the relation of the Personal Data Life Cycle and the Fundamental Principles under the GDPR