GDPR Live! Masterclass (Incl. DPIA and workshop)
With the entering into force of the GDPR, an EU-wide regulation is set for the processing of personal data. Designing and implementing sufficient controls to ensure continuous compliance with this regulation however, is quite a challenge. Moreover, the flood of interpretations, guidelines, frameworks etc., makes a complex subject even less transparent. It is essential for management to get a clear overview, and to practice how to deal with this major change in regulation, which has impact on all levels of the organization.
During this three day course we will guide you through the GDPR and pay attention to some specific items in day two and three:
- The role of the Data Protection Officer (DPO)
- Performing a Data Protection Impact Assessment (DPIA)
- Privacy by design and default
- Demonstrating compliance
After the training you will gain an understanding of the main topics within the GDPR, and how these interact with each other. You will have a idea on how to determine the impact the GDPR has on your organization, the risks involved, and guidelines on how to address these risks.
Furthermore you will get a basic understanding of the responsibilities of the DPO and you will practice how to implement such a function. You will be familiar with the DPIA’s, be able to perform such a PIA and have an understanding of privacy by design and how to operationalize this concept. In the end you have gained valuable skills regarding the demonstration of compliance.
A certificate of attendance will be presented at the end of the training.
This training is suitable for:
- Managers or consultants involved in GDPR compliance;
- Experts involved in GRC (Governance Risk Compliance) that need a better understanding of the impact and rule setting by the GDPR;
- Individual responsible for processing of personal data and complying with the GDPR accordingly;
- Employees involved in the implementation of measures stipulated by the GDPR.
Required skills & expertise
An initial understanding of the GDPR.
The duration of this training course is three days.
Day 1: a GDPR overview
The training starts with a short introduction of the goals, history and main context of the GDPR and relevant additional standards and regulation regarding the processing of personal data. We will discuss the following topics:
- Course objectives and structure;
- Goals and history of the GDPR;
- Additional standards and regulation;
- Personal data processing, controllers and processors;
- The role of the Data Protection Officer;
- Performing Privacy Impact Assessments;
- The rights of the data subject;
- Preparing for, and dealing with data breaches;
- Demonstrating compliance;
- Fines and Supervisory Authority.
Day 2: DPO and DPIA
The training on day two starts with a short introduction of the GDPR articles and guidances regarding the DPO and DPIA. After an example of a DPIA aworkshop will be held to become familiar with performing a DPIA yourself. This will be concluded with an evaluation.
Day 3: Privacy by design and demonstrating compliance
The training on day three starts with a short summary of the DPIA, the starting point of Privacy by Design. Then we will provide you with examples of best practice and recent developments in regulation. In a workshop you will be able to investigate and design data protection measures. At the end of the day we will explain how to demonstrate compliance and give a short introduction of a privacy audit and the NOREA Privacy Control framework.
- Recognize the domain of the GDPR and be able to place relevant guides, opinions and local implementations into context;
- A basic understanding of the concepts, approaches, methods and techniques available to effectively comply with the GDPR;
- Learn how the GDPR and UAVG (Uitvoeringswet AVG) might be interpreted in the specific context of an organization;
- Learn how to determine the priority issues;
- Being able to address the organizational function of the Data Protection Officer;
- Hands-on experience in how to perform a DPIA;
- Being able to use the DPIA for Privacy by Design;
- Initial understanding on how to demonstrate compliance and how to check and audit this.
- Date: to be determined