Booking options
Price on Enquiry
Price on Enquiry
Delivered Online
Two days
All levels
Duration
2 Days
12 CPD hours
This course is intended for
A prior understanding of EU Data Protection legislation is recommended. Candidates are typically management professionals and decision-makers who already have responsibility for data protection compliance within their organisation.Co-Requisite Subjects Candidates should have a good understanding of their own organisation?s data management activities through the life cycle from initial acquisition, through the various areas of processing and usage, to eventual removal or destruction.
Overview
To equip the learner with a foundational understanding of the principles of the General Data Protection Regulation (GDPR) and to provide constructive suggestions on implementing compliant processes.
The social, historical and legal background leading to the General Data Protection Regulation (GDPR)
The scope and global context of the GDPR
The key concepts within the GDPR
The definition of all key words and phrases relating to this Data Protection regulation
Principle One: The criteria governing fair, open and transparent processing of personal data
Principle Two: Purpose Limitation, the challenge of limiting the processing within the context of specified and lawful purposes
Principle Three: Minimisation of processing, and ensuring that only that data is processed which is necessary to achieve the purpose.
Principle Two: Purpose Limitation, the challenge of limiting the processing within the context of specified and lawful purposes
Principle Three: Minimisation of processing, and ensuring that only that data is processed which is necessary to achieve the purpose.
Principle Four: Ensuring that any personal data held by the organisation is kept accurate and current, and that any processing of such data is appropriate
Principle Five: Management and storage of personal data in a manner that meets regulatory obligations, while minimising the time that the individual remains identifiable
Principle Six: The criteria governing safe, secure and confidential processing of personal data in order to protect its integrity
Principle Seven: The key roles, responsibilities and accountabilities of those involved in Data Management within an organisation
Establishment within a single Member State
Joint Controllers
Privacy by Design and by Default
Nominated Representatives
Third-party Contracts and shared liability
Logging of data management processes
Data Breach Notification obligations
Privacy Impact Assessments
Overseas transfer of personal data
L2.8 The Data Subject Rights, and their implications for the Data Controller and the Data Processor
L2.8.1 The ?right to be forgotten?
L2.8.2 The right to restriction of processing
L2.8.3 The right to object to certain processing
L2.8.4 The right to have inaccurate data amended or erased
L2.8.5 The right to data portability
L2.8.6 The right of access to one?s personal data
L2.8.7 Rights in relation to automated decision-making and profiling
The role of the Data Protection Officer (DPO)
The role of the Data Protection Officer (DPO)
Criteria for designating a DPO
Tasks of the DPO
Position of the DPO within the organisation
The role of the Supervisory Authority within the Member State
The Lead Supervisory Authority and independence
Investigative, corrective and advisory powers
Independence of the Supervisory Authority
Collaboration with other Supervisory Authorities
Codes of Conduct and Certification
The role, powers and tasks of the European Data Protection Board (EDPB)
The remedies, liabilities and penalties available under the GDPR
Right to raise a complaint
Right to representation
Right to effective judicial remedy
Right to compensation and liability
Administrative fines of up to ?10m or 2% of GAT
Administrative fines of up to ?20m or 4% of GAT
Provisions for specific processing situations
Freedom of Expression
Processing of official documents
Processing of National Identification Numbers
Processing regarding employment
Processing for archiving purposes
Processing under obligations of official secrecy
Processing of data by religious organisations
Preparing for implementation of the GDPR
Review of data management policies and procedures
Review of data assets and security structures
Training and Awareness-raising
Data management governance structures
Embedding Privacy By Design and Default
Codes of Conduct and Certification against standards
Breach detection and notification procedures
Review of third-party agreements, contracts
Nexus Human, established over 20 years ago, stands as a pillar of excellence in the realm of IT and Business Skills Training and education in Ireland and the UK....