SEMINAR ON DATA PROTECTION OFFICER (DPO) TRAINING AND CERTIFICATION WORKSHOP
The General Data Protection Regulative (GDPR)and related global mandates on data Privacy, Protection, IT and Cyber security execution, essentially creates a new position of the data protection officer in public and many private organizations. Data Protection Officers will be empowered to independently ensure compliance with the new data protection regime. Even for private organizations not obliged to formally appoint a DPO, there will be a need to develop an experienced and knowledgeable privacy professional to manage Privacy compliance and IT security risks.
The GDPR brings many new and stricter requirements challenging the skills of all privacy professionals. DPOs will gain rapid visibility and career opportunities since they are required to report directly to top management. These new roles will be very active in passing the message of controlling privacy risks and monitoring compliance with the requirements (and the benefits) of the new GDPR throughout the organization
- Be certified after intensive training
- Independent qualification by the EU GDPR Institute
- No jargons: suitable for data protection officers, privacy and security professionals, IT specialists, compliance officers, auditors and consultants
EU GDPR Institute methodology;
- Holistic approach: Legal + IT + change management
- Based on real business scenarios, discussion cases and practical experiences
- Provide tools, templates and other giveaways
- Quality learning and networking time
- Introduction to privacy and data protection
- The “GDPR Institute Roadmap”: practicalities, steps and tips for setting and implementing the GDPR project governance
- GDPR legal basics: cases and examples, principles, penalties, responsibilities of data processor and controller, privacy by design and default
- Privacy program: risk-based approach, design and build privacy in HR, marketing, IT, legal and procurement departments
- Transfers of personal data: to third countries, third parties and the cloud, binding corporate rules, standard contractual clauses;
- Standard privacy controls: good practices, avoiding sources of risks, protecting information assets, encrypting and anonymizing, reducing soft and hardware vulnerabilities, evaluating privacy solutions and tools
- Privacy control accountability framework
GDPR IN PRACTICE;
- Data protection impact assessment, the DPIA “EUGDPR Institute Roadmap”, need, timing, process, internal/external consultation, flows, standard risks, approvals, communication and ISO for DPIA.
- Codes of conduct and certification mechanisms
- Data privacy audits and monitoring: e-discovery, data audits, activity tracking
- Privacy awareness training: examples of initiatives
- Data subjects’ rights in practice: dealing with request, complaints and access to personal data by data subjects.
- Incidence response: contingency plan for a data breach: responding to investigations
- Scenario based-case for a data breach
THE DATA PROTECTION OFFICER
Role, functions, skillsets, requirements, tasks, position, resources
- Designation of the Data Protection Officer: mandated and voluntary DPO’s, independence, conflicts of interests, liability, etc.
- Relationship with the board, IT, HR and other departments, communication
DEMONSTRATE COMPLIANCE WITH THE GDPR (ARTICLE BY ARTICLE)
Detailed list of standard documents and examples to prove GDRP compliance, including for certifications will be provided to the participants.
AN ON-LINE CERTIFICATION IS CONDUCTED IS CONDUCTED AT THE END OF THE SECOND DAY
- Exam 50 questions (multiple choice)
The EU GDPR Institute DPO Professional Certification Training & Examination
The certification is offered in cooperation with our partners for consultants, managers and administrators in the field of GDPR, Data Privacy and Protection. Individuals wishing to obtain the EUGDPR Institute’s professional certificate must
- Study the course materials provided when registration is accepted.
- Complete 3.0 days of classroom training including DPO certification
- Register for the optional certification workshop ‘DPO Certification’.
The GDPR DPO and Practitioners certification seminar will give participants the opportunity to get complete guidance, ask questions and group discussion on specific critical GDPR issues. The examination consists of a multiple-choice test covering a broad range of relevant GDPR knowledge and topics that are dealt with, in this advanced GDPR DPO training course.
To pass the exam participants must have basic GDPR knowledge and a good understanding of data privacy and protection mandates and issues. We will provide you with the necessary course materials. Candidates must be prepared to read the curriculum for the exam in advance. The validity of the certification is two years.
TOPICS COVERED IN THE TRAINING AND EXAMINATION
- The current EU legal framework including the GDPR and national legislation in practice; Data protection principles and central concepts;
- Actors and roles; data subject’s rights;
- Transfers of personal data, contractual clauses,
- Access to documents and data protection;
- Data protection supervisory authorities;
- Cloud computing, Data security;
- IT and Cybersecurity;
- Privacy by design/default;
- Privacy impact assessment;
- Data protection audit.
- Case law on personal data protection;
- Binding Corporate Rules, Standard clauses
- Seals and Certification
TAKING DATA PROTECTION REGIME INTO THE 21ST CENTURY AND THE ROLE AND RESPONSIBILITY OF THE DPO
The new GDPR framework and need for data protection officer can be useful instruments to implement the fundamental changes many organizations need to streamline their IT and data processes and get full control over their IT platforms and databases. The role of the DPO is vital to facilitate;
- Adherence by all parties concerned to an approved code of conduct to achieve GDPR compliance
- Demonstrate compliance with the obligations of all stakeholders including the data controller and allow data subjects to evaluate the level of data protection of products and services
- Implement controls for the exchange of information by electronic means between stakeholders (controllers, processors and supervisory authorities) for binding corporate rules and mutual assistance
- Enhance transparency and compliance with GDPR to ensure adequate standards of protection to and by a third party, country or territory or a specified sector within standard GDPR protection clauses; formats and procedures