Getting started as a Data Protection Officer


icon

Getting started as a Data Protection Officer

Information Security Privacy and Data Protection

What problem does this training solve?

Due to the rapid development of new technologies and the constantly growing scale on which personal data are processed, the need for more restrictive protection of the rights of natural persons has arisen. On 25 May 2018, the Regulation of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, i.e. the General Data Protection Regulation, came into force.

The training is intended for people who plan to undertake the function of a data protection officer. The aim of the training is to prepare participants to conduct internal audits of processing compliance, support the data controller in keeping records, personal data protection documentation, implement data protection impact assessments and reporting and coordinating the internal compliance process in the area of personal data protection.

The training is intended for both employees of private and public entities. The training will consist of several thematic blocks and within each of the blocks short practical exercises will be carried out, the aim of which is to build skills related to the interpretation of legal provisions and the proper application of the provisions of the General Data Protection Regulation as a data protection officer.

Agenda


Day 1

1. Introduction to the new data protection regulations.

  • Why was it necessary to introduce changes in the legal system regarding the protection of personal data?
  • What is the territorial scope of application of the provisions of the General Data Protection Regulation?
  • Who is affected by the General Data Protection Regulation?

2. Discussion of basic issues related to the protection of personal data:

  • What is personal data and what are the types of personal data?
  • What is the meaning of the concept of personal data processing?
  • What is a personal data controller and a joint controller?
  • When do we deal with biometric data?
  • Sharing personal data and entrusting personal data.
  • Grounds for the processing of personal data.

3. General obligations of the controller of personal data.

  • What does the new data processing documentation look like?
  • How to fulfill information obligations towards persons whose data is processed?
  • Protection of personal data.
  • Obligation to report personal data breaches.
  • Rights of data subjects – right to access data, right to erasure, right to data portability.
  • Profiling of natural persons.
  • Data protection impact assessment.

4. Exercise of the functions of the Data Protection Officer.

  • When is the appointment of a Data Protection Officer mandatory?
  • What are the differences between the role of Information Security Administrator and Data Protection Officer?
  • What are the duties of the Data Protection Officer?
  • How to conduct a data protection compliance audit?

5. Other areas of personal data protection.

  • Discussion of the draft of the new law on the protection of personal data.
  • Discussion of the draft labour code from the point of view of the provisions on the protection of personal data.
  • System for imposing financial penalties for data protection breaches.
  • Data protection by design ("Privacy by Design")
  • Processing of children's personal data.
  • Codes of conduct and certification in the field of personal data protection.
  • Transfer of data to third countries.

Day 2

3. Documenting the processing of personal data.

  • What does the new data processing documentation look like?
  • How to fulfill information obligations towards persons whose data is processed?
  • Protection of personal data.
  • Obligation to report personal data breaches.
  • Rights of data subjects – right to access data, right to erasure, right to data portability.
  • Profiling of natural persons.
  • Data protection impact assessment.

4. Personal data breaches.

  • When is the appointment of a Data Protection Officer mandatory?
  • What are the differences between the role of Information Security Administrator and Data Protection Officer?
  • What are the duties of the Data Protection Officer?
  • How to conduct a data protection compliance audit?

5. Processing of children's personal data.

  • Discussion of the draft of the new law on the protection of personal data.
  • Discussion of the draft labour code from the point of view of the provisions on the protection of personal data.
  • System for imposing financial penalties for data protection breaches.
  • Data protection by design ("Privacy by Design")
  • Processing of children's personal data.
  • Codes of conduct and certification in the field of personal data protection.
  • Transfer of data to third countries.

3. General obligations of the controller of personal data.

  • What does the new data processing documentation look like?
  • How to fulfill information obligations towards persons whose data is processed?
  • Protection of personal data.
  • Obligation to report personal data breaches.
  • Rights of data subjects – right to access data, right to erasure, right to data portability.
  • Profiling of natural persons.
  • Data protection impact assessment.

4. Exercise of the functions of the Data Protection Officer.

  • When is the appointment of a Data Protection Officer mandatory?
  • What are the differences between the role of Information Security Administrator and Data Protection Officer?
  • What are the duties of the Data Protection Officer?
  • How to conduct a data protection compliance audit?

5. Transfer of data to third countries.

  • Discussion of the draft of the new law on the protection of personal data.
  • Discussion of the draft labour code from the point of view of the provisions on the protection of personal data.
  • System for imposing financial penalties for data protection breaches.
  • Data protection by design ("Privacy by Design")
  • Processing of children's personal data.
  • Codes of conduct and certification in the field of personal data protection.
  • Transfer of data to third countries.

Details


Available as on-line course
This training is available as live on-line course
Available as Video on Demand
30 lipca 2019 22:36
Target groups
Programmers
Price
-

Relevant services


Relevant training sessions