General Data Protection Regulation (GDPR)

The EU General Data Protection Regulation (GDPR) 4 day training course provides a comprehensive introduction to the requirements of the EU GDPR, and a practical guide to planning, implementing and maintaining an EU GDPR compliance programme. It also enables delegates to fulfil the mandatory role of data protection officer (DPO) under the EU GDPR. The Knowledge Academy's GDPR certification consists of the EU General Data Protection Regulation Foundation (one day) and Practitioner (three day) training courses.

The Role of a Data Protection Officer (DPO)

This EU General Data Protection Regulation (GDPR) training course will guide you through the actions and responsibilities of a Data Protection Officer so you can be fully prepared for the new role. The important part of this new role is the staff can be a staff member or contractor, shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability to fulfil the tasks referred to in Article 39. These are:

• Inform and advise the controller or the processor and the employees who are ?processing personal data of their obligations pursuant to this Regulation;
• Monitor compliance with this Regulation, including the assignment of responsibilities, awareness- raising and training of staff involved in the processing operations, and the related audits;
• Provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;
• Cooperate with the supervisory authority (the ICO)
• Act as the contact point for the supervisory authority on issues related to the processing of personal data

EU General Data Protection Regulation Foundation

This General Data Protection Regulation (GDPR) Foundation course provides a complete introduction to the EU GDPR, and an overview of the key implementation and compliance activities.

• Essential EU GDPR background and terminology.
• Key differences between the Data Protection Act and the EU GDPR.
• Data subjects and their rights.
• Dealing with subject access requests.
• Marketing requirements.
• The implementation path to EU GDPR compliance:
• Privacy by design.
• Data privacy impact assessments (DPIA).
• Data audits.
• Training and competence requirements.
• Incident response and breach reporting.
• Updating policies and procedures.
• International data transfers.
• Replacing Safe Harbour – the new requirements.

EU General Data Protection Regulation Practitioner

The General Data Protection Regulation (GDPR Practitioner) course is focused on enabling delegates to fulfil the role of data protection officer (DPO) under the EU GDPR, and covers the Regulation in depth, including implementation requirements, the necessary policies and processes, as well as important elements of effective data security management.

• Setting up a privacy compliance framework.
• The role of the DPO.
• Common data security failures, consequences and lessons to be learnt.
• GDPR privacy principles.
• Data privacy impact assessments.
• Developing a risk management framework.
• Data mapping.
• The rights of data subjects.
• Consent rules.
• Subject access requests.
• The roles of and relationships between controllers and processors.
• Dealing with third parties and data in the Cloud.
• Demonstrating compliance with the GDPR.
• Data breach reporting requirements.
• Range of enforcement, regulatory and compensatory aspects of the GDPR.

The course is intended for:

• Information Security Professionals
• Compliance Officers
• Risk Managers
• Privacy Managers
• IT Security Professionals
• Individuals with little experience but who wish to enter the field of data protection with a professional qualification.

This course is open to anyone and there is no pre-requisites.

• Information Security or IT Security
• Compliance Officers
• Risk Managers
• Privacy Managers