GDPR Live! Masterclass (Incl. DPIA and workshop)

With the entering into force of the GDPR, an EU-wide regulation is set for the processing of personal data. Designing and implementing sufficient controls to ensure continuous compliance with this regulation however, is quite a challenge. Moreover, the flood of interpretations, guidelines, frameworks etc., makes a complex subject even less transparent. It is essential for management to get a clear overview, and to practice how to deal with this major change in regulation, which has impact on all levels of the organization.

During this three day course we will guide you through the GDPR and pay attention to some specific items in day two and three:

  • The role of the Data Protection Officer (DPO)
  • Performing a Data Protection Impact Assessment (DPIA)
  • Privacy by design and default
  • Demonstrating compliance

After the training you will gain an understanding of the main topics within the GDPR, and how these interact with each other. You will have a idea on how to determine the impact the GDPR has on your organization, the risks involved, and guidelines on how to address these risks.

Furthermore you will get a basic understanding of the responsibilities of the DPO and you will practice how to implement such a function. You will be familiar with the DPIA’s, be able to perform such a PIA and have an understanding of privacy by design and how to operationalize this concept. In the end you have gained valuable skills regarding the demonstration of compliance.

A certificate of attendance will be presented at the end of the training.

Intended Audience

This training is suitable for:

  • Managers or consultants involved in GDPR compliance;
  • Experts involved in GRC (Governance Risk Compliance) that need a better understanding of the impact and rule setting by the GDPR;
  • Individual responsible for processing of personal data and complying with the GDPR accordingly;
  • Employees involved in the implementation of measures stipulated by the GDPR.

Required skills & expertise

An initial understanding of the GDPR.

Program

The duration of this training course is three days.

Day 1: a GDPR overview
The training starts with a short introduction of the goals, history and main context of the GDPR and relevant additional standards and regulation regarding the processing of personal data. We will discuss the following topics:

  • Course objectives and structure;
  • Goals and history of the GDPR;
  • Additional standards and regulation;
  • Personal data processing, controllers and processors;
  • The role of the Data Protection Officer;
  • Performing Privacy Impact Assessments;
  • The rights of the data subject;
  • Preparing for, and dealing with data breaches;
  • Demonstrating compliance;
  • Fines and Supervisory Authority.

Day 2: DPO and DPIA
The training on day two starts with a short introduction of the GDPR articles and guidances regarding the DPO and DPIA. After an example of a DPIA aworkshop will be held to become familiar with performing a DPIA yourself. This will be concluded with an evaluation.

Day 3: Privacy by design and demonstrating compliance
The training on day three starts with a short summary of the DPIA, the starting point of Privacy by Design. Then we will provide you with examples of best practice and recent developments in regulation. In a workshop you will be able to investigate and design data protection measures. At the end of the day we will explain how to demonstrate compliance and give a short introduction of a privacy audit and the NOREA Privacy Control framework.

Learning objectives

  • Recognize the domain of the GDPR and be able to place relevant guides, opinions and local implementations into context;
  • A basic understanding of the concepts, approaches, methods and techniques available to effectively comply with the GDPR;
  • Learn how the GDPR and UAVG (Uitvoeringswet AVG) might be interpreted in the specific context of an organization;
  • Learn how to determine the priority issues;
  • Being able to address the organizational function of the Data Protection Officer;
  • Hands-on experience in how to perform a DPIA;
  • Being able to use the DPIA for Privacy by Design;
  • Initial understanding on how to demonstrate compliance and how to check and audit this.

When it comes to training and awareness, Secura has a solid track record. The GDPR Masterclass can be given in-house or, depending on the interest, open for public application.

Would you like to enquire about the possibility of hosting an interactive tailor made session in your company? Please contact us via the contact form, by telephone + 31 40 23 77 990 or email sales@secura.com.

@Secura 2018
Webdesign Studio HB / webdevelopment Medusa