GDPR Advanced Training Course

Overview

This is more in-depth and would be for those working a great deal with the GDPR and who may be appointed to the GDPR team. This would be ideal for IT, human resources and marketing employees, and they will deal extensively with the GDPR.

Course Outline

Data privacy impact assessment

• What this is and why you need to do this

• Examining existing data

• The role of the DPO and do you need one.

• Key legislation

• Risk management framework

• Data mapping

• Dealing with cloud providers

• Demonstrating compliance

• Developing data collection policies and procedures

• Developing permission policies and procedures.

• Developing data loss prevention and data breach strategies and management programs

• How to proceed and how to address individuals’ requests and complaints

• Employees’ training and awareness program

• Anonymizing and pseudo-anonymizing data

Maintenance

• Data inventory and data transfer mechanism

• Track legislation changes etc.

• Monitor data handling practices

• Internal audits and assessments – also ad-hoc in case of an event

• Documentations, certifications, accreditations etc.

Security risks

• Look at existing security measures

• Integrate the new GDPR with security measures (intrusion detection, firewalls)

• Maintain human resources security (pre-screening, referencing paper-based files)

• Implement data protection into information security policy

• Establish data loss prevention strategy

• Conduct regular tests

Data Breach management program

• What to do if you have a data breach

• Create a data privacy incident / breach response plan

• Maintain a log of incidents

• Create a policy for a data breach

• Appoint a forensic investigation team.