125 Impact Assessment courses in Cardiff delivered Online

Duration 2 Days 12 CPD hours This course is intended for Data Protection Officers Data Protection Managers Auditors Legal Compliance Officers Security Manager Information Managers Anyone involved with data protection processes and programmes Overview Principles of Privacy Program Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organization through process and technology?regardless of jurisdiction or industry. The Principles of Privacy Program Management training is based on the body of knowledge for the IAPP?s ANSI accredited Certified Information Privacy Manager (CIPM) certification program. Founded in 2000, the IAPP is the world?s largest and most comprehensive privacy resource with a mission to define, support and improve the Privacy profession globally. Every organization has data protection needs. Every day, we access, share and manage data across companies, continents and the globe. Knowing how to implement a privacy program is an invaluable skill that will help you protect your organization?s data?and take your career to the next level. Our Principles of Privacy Program Management training is the premier course on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a privacy team. Introduction to privacy program management Privacy program management responsibilities Accountability in privacy program management Privacy governance Considerations for developing and implementing a privacy program Position of the privacy function within an organization Role of the DPO Program scope and charter Privacy strategy Support and ongoing involvement of key functions and privacy frameworks Applicable laws and regulations The regulatory environment Common elements across jurisdictions Strategies for aligning compliance with organizational strategy Data assessments Practical processes for creating and using data inventories/maps Generating and applying gap analyses Privacy assessments Privacy impact assessments/data protection impact assessments Vendor assessments Policies Common types of privacy-related policies Policy components Strategies for implementation Data subject rights Operational considerations for communicating and ensuring data subject rights Privacy notice Choice and consent Access and rectification Data portability Erasure Training and awareness Developing privacy training and awareness programs Implementing privacy training and awareness programs Protecting personal information Holistic approach to protecting personal information Privacy by design Data breach incident plans Planning for a data security incident or breach Responding to a data security incident or breach Monitoring and auditing program performance Common practices for monitoring privacy program performance Measuring, analyzing and auditing privacy programs Additional course details: Nexus Humans Certified Information Privacy Manager (CIPM) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Information Privacy Manager (CIPM) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for A prior understanding of EU Data Protection legislation is recommended. Candidates are typically management professionals and decision-makers who already have responsibility for data protection compliance within their organisation.Co-Requisite Subjects Candidates should have a good understanding of their own organisation?s data management activities through the life cycle from initial acquisition, through the various areas of processing and usage, to eventual removal or destruction. Overview To equip the learner with a foundational understanding of the principles of the General Data Protection Regulation (GDPR) and to provide constructive suggestions on implementing compliant processes. The social, historical and legal background leading to the General Data Protection Regulation (GDPR) The scope and global context of the GDPR The key concepts within the GDPR The definition of all key words and phrases relating to this Data Protection regulation Principle One: The criteria governing fair, open and transparent processing of personal data Principle Two: Purpose Limitation, the challenge of limiting the processing within the context of specified and lawful purposes Principle Three: Minimisation of processing, and ensuring that only that data is processed which is necessary to achieve the purpose. Principle Two: Purpose Limitation, the challenge of limiting the processing within the context of specified and lawful purposes Principle Three: Minimisation of processing, and ensuring that only that data is processed which is necessary to achieve the purpose. Principle Four: Ensuring that any personal data held by the organisation is kept accurate and current, and that any processing of such data is appropriate Principle Five: Management and storage of personal data in a manner that meets regulatory obligations, while minimising the time that the individual remains identifiable Principle Six: The criteria governing safe, secure and confidential processing of personal data in order to protect its integrity Principle Seven: The key roles, responsibilities and accountabilities of those involved in Data Management within an organisation Establishment within a single Member State Joint Controllers Privacy by Design and by Default Nominated Representatives Third-party Contracts and shared liability Logging of data management processes Data Breach Notification obligations Privacy Impact Assessments Overseas transfer of personal data L2.8 The Data Subject Rights, and their implications for the Data Controller and the Data Processor L2.8.1 The ?right to be forgotten? L2.8.2 The right to restriction of processing L2.8.3 The right to object to certain processing L2.8.4 The right to have inaccurate data amended or erased L2.8.5 The right to data portability L2.8.6 The right of access to one?s personal data L2.8.7 Rights in relation to automated decision-making and profiling The role of the Data Protection Officer (DPO) The role of the Data Protection Officer (DPO) Criteria for designating a DPO Tasks of the DPO Position of the DPO within the organisation The role of the Supervisory Authority within the Member State The Lead Supervisory Authority and independence Investigative, corrective and advisory powers Independence of the Supervisory Authority Collaboration with other Supervisory Authorities Codes of Conduct and Certification The role, powers and tasks of the European Data Protection Board (EDPB) The remedies, liabilities and penalties available under the GDPR Right to raise a complaint Right to representation Right to effective judicial remedy Right to compensation and liability Administrative fines of up to ?10m or 2% of GAT Administrative fines of up to ?20m or 4% of GAT Provisions for specific processing situations Freedom of Expression Processing of official documents Processing of National Identification Numbers Processing regarding employment Processing for archiving purposes Processing under obligations of official secrecy Processing of data by religious organisations Preparing for implementation of the GDPR Review of data management policies and procedures Review of data assets and security structures Training and Awareness-raising Data management governance structures Embedding Privacy By Design and Default Codes of Conduct and Certification against standards Breach detection and notification procedures Review of third-party agreements, contracts

Duration 2 Days 12 CPD hours This course is intended for Data Protection Officers Data Protection Lawyers Records Managers Information Officers Compliance Officers Human Resource Officers Anyone who uses, processes and maintains personal data Overview The General Data Protection Regulation (GDPR) took effect in 2018. Are you in compliance? There's a lot to know, there's a lot at stake and there's a lot of opportunity for data protection professionals with the right training and education. Achieving a CIPP/E credential shows you have the comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe-and to take advantage of the career opportunity this sweeping legislation represents. The Certified Information Privacy Manager (CIPM) credential provides the practical day-to-day information to lead an organisation's data protection programme. Adding the CIPM to your CIPP/E puts you at the forefront of ensuring you are ready for the GDPR. The General Data Protection Regulation (GDPR) took effect in 2018. Are you in compliance? There?s a lot to know, there?s a lot at stake and there?s a lot of opportunity for data protection professionals with the right training and education. Achieving a CIPP/E credential shows you have the comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe?and to take advantage of the career opportunity this sweeping legislation represents. The Certified Information Privacy Manager (CIPM) credential provides the practical day-to-day information to lead an organisation?s data protection programme. Adding the CIPM to your CIPP/E puts you at the forefront of ensuring you are ready for the GDPR. Data protection laws Key European data protection laws and regulatory bodies Evolving toward a harmonised legislative framework Personal Data Understanding and differentiating between types of data as defined by the GDPR Personal, anonymous, pseudonymous and special categories Controllers and Processors Roles and relationships of controllers and processors as defined by the GDPR Processing Personal Data Data processing and GDPR processing principles Applying the GDPR Legal grounds for processing personal data Data subject rights Data subject rights Applying rights Controller and processor obligations Information provision obligations Controller obligations for providing information about data processing activities to data subjects Supervisory authorities as set out in the GDPR Cross-border data transfers Options and obligations under the GDPR for transferring data outside the European Economic Area Adequacy decisions Safeguards and derogations Compliance considerations Applying European data protection laws Legal bases and compliance requirements for processing personal data in practice Processing employee data Surveillance Direct marketing Internet technology and communications Security of processing Considerations and duties of controllers and processors for ensuring security of personal data GDPR specifications for providing notification of data breaches Accountability Accountability requirements Data protection management systems Data protection impact assessments Data protection policies Role of the data protection officer Supervision and enforcement Role, powers and procedures of supervisory authorities Composition and tasks of the European Data Protection Board Role of the European Data Protection Supervisor Remedies, liabilities and penalties for noncompliance as set out in the GDPR Additional course details: Nexus Humans Certified Information Privacy Professional (CIPP/E) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Information Privacy Professional (CIPP/E) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Data Protection OfficersData Protection ManagersAuditorsLegal Compliance OfficersSecurity ManagerInformation ManagersAnyone involved with data protection processes and programs Overview It will show the world that students know privacy laws and regulations and how to apply them, and that students know how to secure your place in the information economy. When students earn a CIPP credential, it means they?ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more. It will show the world that students know privacy laws and regulations and how to apply them, and that students know how to secure their place in the information economy. When students earn a CIPP credential, it means they've gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more. Common Principles and Approaches to Privacy This unit includes a brief discussion about the modern history of privacy, an introduction to types of information, an overview of information risk management and a summary of modern privacy principles. Jurisdiction and Industries This unit introduces the major privacy models employed around the globe and provides an overview of privacy and data protection regulation by jurisdictions and industry sectors. Information Security: Safeguarding Personal Information This unit presents introductions to information security, including definitions, elements, standards, and threats/ vulnerabilities, as well as introductions to information security management and governance, including frameworks, controls, cryptography and identity and access management (IAM). Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies This unit focuses on the web as a platform, as well as privacy considerations for sensitive online information, including policies and notices, access, security, authentication and data collection. Additional topics include children?s online privacy, email, searches, online marketing and advertising, social media, online assurance, cloud computing and mobile devices. Canadian Legal Framework This unit provides an introduction to the Canadian legal system. It includes enforcement agencies and their powers, privacy basics from a Canadian perspective and the underlying framework for Canadian privacy law and practice. Canadian Private-sector Privacy Laws This unit focuses on the Canadian legal system. It includes enforcement agencies and their powers, privacy basics from a Canadian perspective and the underlying framework for Canadian privacy law and practice. Canadian Public-sector Privacy Laws This unit highlights key concepts and practices related to the collection, retention, use, disclosure and disposal of personal information by federal, provincial and territorial governments. Health Information Privacy Laws This unit touches on the applicability and purpose of health information privacy laws. Private-sector Compliance Practices This unit delves into the components that make up compliance regulations, including Generally Accepted Privacy Principals and security breach notification, and also examines compliance track records and Federal Commissioner Findings. Public-sector Compliance Practices This unit presents the various methods that can be implemented for compliance in the public sector, such as privacy impact assessments and data sharing agreements. In addition, it discusses the challenges presented by digital information exchanges, as well as non-legislative considerations. Health-sector Compliance Practices This unit covers the issues presented with digital compliance in the health sector. Additional course details: Nexus Humans Certified Information Privacy Professional (CIPP/CAN) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Information Privacy Professional (CIPP/CAN) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

A flexible, modular-based, programme to heighten participants' awareness of ways in which their operations can affect the environment, the principles of environmental management and the practical steps they need to take as individuals and as an organisation to improve environmental performance. Depending on the course modules selected, this programme will give participants: Increased awareness of relevant environmental issues A greater understanding of, and commitment to, the organisation's environmental management programme Preparation for any responsibilities they may have under an Environmental Management System Further benefits according to options chosen 1 Environmental awareness Definition of 'the environment' Key environmental issuesGlobal warmingOzone depletionAcid rainAir qualityWater pollutionContaminated landLand take and green belt shrinkageResource usageHabitat destruction and species extinctions. Option: This module can be used to explain the key environmental issues related to the activities of your own organisation. Diagrams, photos, pictures, examples and statistics relevant to your own organisation are used where possible to illustrate the points being made. 2 Environmental legislation Key elements of environmental legislation affecting the activities of your organisation - including international, European and UK legislation. Legislation of particular relevance to your organisation - how it affects the operations of your organisation Option: Legislation can be dealt with according to which aspect of the environment it protects (eg, air, water, waste) or which part of your organisation's activities it affects Consequences of breaching legislation 3 Environmental management systems Overview of what an environmental management system isHow is an Environmental Management System (EMS) designed and put together?Key elements (emphasising Plan - Do - Check - Review cycle)The need to continually improve Pros and consReasons for having an EMSBenefits of an EMSConsequences of not managing the environmentCosts of installing an EMS Explanation of ISO 14001 and EMAS standards and guidance as applicable to the EMSs of your organisationOverview of your organisation's EMSHow it was set up / is being developed / operatesWho is responsible for itKey parts of system (eg, environmental policy, objectives and targets) identified and discussedEMS documentation - what and where it is. Workshop option: Brainstorm 'Pros and cons' with the participants, come up with all their ideas for good and bad things about EMS and demonstrate that the 'good' list is longer than the 'bad' 4 Environmental consequences Define what an environmental impact is and discuss how they are determined, with reference to the EMS Identify why we want to determine the environmental consequences of operations and activities; how they are used in the EMS for planning, and reducing the impact on the environment Establish key environmental consequences of construction and operational activities on the site; discuss significance ranking and the control measures in place in your organisation. Workshop option: In small groups, participants are asked to identify the impact on the environment of your organisation's activities or a part of their activities. They are then asked to rank these impacts in terms of their significance, using guidelines provided to help them be aware of the contributing factors (eg, frequency, severity). For a selected number of the impacts, the participants are asked to identify what control measures there are and which of these they play a part in. All stages can be discussed with trainers as a whole group at various stages during the workshop. 5 Protected species, nature conservation and invasive weeds Nature conservation, landscape and visual issues in the planning process - overview of key nature UK wildlife legislation, EIA, appropriate timing of surveys, Hedgerow regulations and landscape and visual impact issues Ecological issues - ecological legislation, significant species, hedgerows Archaeology in the development process - why archaeology is important, organisation in the UK, legislation and planning guidance Construction phase issues and consents - major environmental issues during construction, including water resources and land drainage consents, discharges to land or water, water abstraction, public rights of way, tree protection, waste management, Special waste, noise, good practice pollution control and Environmental Audits Identification and management of invasive weeds - including legal position regarding management 6 Chemicals and fuels handling and storage How health and safety management is closely linked to environmental management of materials Planning - what mechanisms are in place for planning materials use; legislation, guidance and policies which define how to manage materials Materials storage - what are the considerations for storing materials, covering:Labels: what are the different types and what do they tell us?Storage facilities: what are the requirements for safe storage of materials (eg, signs, secondary containment, access, segregation, lids/covers)Handling: safe handling for protecting the environment, organisational procedures, high risk situations (eg, decanting, deliveries), how to reduce the risks (eg, use of funnels, proper supervision, training)COSHH and MSDS: brief explanation of legislation and its role in environmental control of hazardous materials, how to use the information provided by COSHH assessments Option: These sessions can be illustrated with photographs/pictures and examples of good and bad storage and handling practices Workshop Options: Labelling Quiz - quick-fire quiz on what different labels tell us; Build a Storage Facility - participants are asked to consider all the environmental requirements for building a safe storage facility for their organisation 7 On-site control measures Overview of the legislation associated with nuisance issues on site and mitigating problems when they arise Examples of bad practice, including fuel storage tanks and mobile equipment - costs involved with prosecution of fuel spills, remediation costs, management costs, legal fees, bad PR coverage Identification and management of contaminated land and relevant legislation Workshop option: Participants are provided with a site plan containing information on site features, environmental conditions and indications of potential issues 8 Waste management Why worry about waste? - a look at how waste disposal can impact on the environment, illustrated by examples of waste-related incidents, statistics on waste production on national, industry-wide and organisational levels, landfill site space, etc Legislation - overview of the relevant legislation, what the main requirements of the regulations are, what penalties there are, and the associated documentation (waste transfer notes) Waste classification - a more in-depth look at how waste is classified under legislation according to hazardous properties, referring to Environment Agency guidance Handling and storage requirements - what are the requirements of the applicable waste legislation and how are they covered by organisational procedures? Examples of good and bad environmental practice associated with handling and storing waste. Workshop option: 'Brown bag' exercise - participants pass round a bag containing tags each with a different waste printed on. They are asked to pick out a tag and identify the classification and the handling, storage and disposal requirements for the waste they select Waste minimisation - overview of the waste minimisation 'ladder' and its different options (elimination, reduction, reuse and recycling), benefits of waste minimisation, examples of waste minimisation techniques Workshop option: Participants are asked to identify opportunities that actually exist within the organisation for minimising production of waste that are not currently being taken advantage of 9 Auditing Requirements for environmental auditing of operations Auditing the EMS Types of internal and external audits Requirements EMS standards (ISO 14001 and EMAS) Carrying out internal audits and being prepared for external audits Workshop options:Mock audit 'Brown Bag' - can be used either for trainers to test participants as if they were in an audit situation, or for the participants to test each other and practice their auditing technique. The bag contains tags each with a different topic printed on (eg, waste skips); participants pass the bag round and select a tag; they are then questioned by the trainer or another participant about that topic as if they were in an audit situation. If the participants are auditing each other, they will be provided with a set of guidelines to keep in mind during the workshop.Virtual auditing - a more practical workshop where participants review photographs of situations/activities relevant to the organisation's operations. They are asked to identify all the good and bad environmental practices that are occurring in the situations. 10 Incident response What should you do when an incident does happen? What should be in a spill kit? When should you call in the experts? When should you inform the Environment Agency or Environmental Health Officer? Workshop option: The participants are provided with some incident scenarios and asked to develop a response to the incident 11 Monitoring and reporting Environmental monitoring programmes and procedures Monitoring and reporting as control measures for environmental consequences Monitoring and environmental 'STOP' card systems - personal and behavioural monitoring and reporting