Microsoft Power BI

GDPR Advanced

Course Duration: One Day

Target Audience:

The course is offered to those who are responsible for ensuring that their organisation is compliant with data protection and privacy law. Course attendees are expected to have a basic understanding of the current data protection legal requirements under the Irish Data Protection Acts 1988 and 2003 and to have attended the Olas GDPR Essentials Course.

Course Background:

The General Data Protection Regulation (the “GDPR”) came into effect on 25 May 2018. The GDPR will be directly effective in each EU member state, with the aim that the same rules will be applied uniformly within the EU. This marks a shift in the approach to data protection at a European level, which until 25 May 2018 will rely on national implementing legislation in each EU member state.

Course Objectives:

This one-day course will provide participants with a wealth of knowledge into the main provisions of the GDPR, as well as knowledge and help on what you can do to become compliant.

Benefit:

Avoid heavy fines and reputation loss, resulting from non-compliance; learn from our expert on how the GDPR will affect your organisation.

Course Outline:

Introduction to GDPR

  • Review the core principals of the General Data
  • Protection Regulation (GDPR)

Processing, Consent, Legitimate interest

  • Legal ground for processing personal data
  • The use of Legitimate Interests as a lawful basis for processing personal data

Review of Roles and Responsibilities under GDPR

  • What are the Data Protection Officers (DPO) role and do you need one
  • Understand the practical implications of the Data Subject Rights contained within the Regulation
  • Understand the responsibilities for the Data Controller and Processor under the Regulation

Internal Data Operations with GDPR

  • Look at how Privacy Impact Assessments may affect your business
  • Privacy by Design and Default
  • Third-party Contracts and shared liability
  • Maintaining data management processes
  • Data Profiling, Anonymization and Pseudonymisation
  • Data Breach Notification and response obligations
  • Restrictions regarding overseas transfer of personal data

Data Subject Rights

  • Overview of individual rights and examples
  • Right of access
  • Right to be forgotten
  • Right to restrict processing
  • Right to object
  • Automated decision making and profiling
  • Portability
  • Transparency

Codes of Conduct and Certification

  • Prepare templates for Data Management Logs
  • Review of data management policies and procedures

Infringements and Penalties

  • Circumstances giving rise to fines and factors to be considered.
  • Remedies and sanctions
  • Two “tier” structure

Planning and Preparation

  • Planning for implementation of GDPR
  • Continual Staff training and awareness
  • Consideration of suitable tools and systems
  • Available support mechanisms

Discussion and Question Time