fbpx
IT képzések és szoftvertesztelési szolgáltatások
IT képzések és szoftvertesztelési szolgáltatások
Masterfield Oktatóközpont
Virtuális séta
E-learning hossza:
E-learning nyelve:
32 tanóra
Angol
E-learning díja:
1 085 500 Ft + Áfa
Megrendelem
Egyedi ajánlatot kérek
Milyen ismereteket szerezhetsz meg az e-learninggel?

Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner

  • Become a EU General Data Protection (GDPR) Data Protection Officer (DPO).
  • GDPR training course includes Courseware, Exams, and Certificates.
  • Learn how to plan, implement, and maintain an EU GDPR Compliance Programme.
Kiknek ajánljuk ezt az e-learninget?

The Certified EU GDPR Foundation and Practitioner Course aims to educate professionals about the details of the GDPR and how to implement and comply with its provisions. This GDPR Training Course can be beneficial for the professionals, including:

  • Data Protection Officers
  • Data Privacy Lawyers
  • IT Security Professionals
  • Compliance Officers
  • Privacy Professionals
  • Legal Professionals
  • Risk and Compliance Managers
Az e-learning részletes ismertetése és tematikája

 

FOUNDATION

Module 1: Introduction to the GDPR​

  • GDPR in a Nutshell​
  • Generate Customer Confidence​
  • Focus of GDPR​
  • What is Personal Information? ​
  • Who has PII? ​
  • Lawful Processing of Personal Data​

Module 2: Binding Corporate Rules

  • Introduction
  • Scope​
  • ICO’s View of the Scope​
  • Processing GDPR Definition​
  • Who Processes PII? ​
  • What is Special Data? ​
  • Legal Framework​
  • Timeline​ and Derogations​
  • Some Key Areas for Derogation​
  • Data Breaches/Personal Data Breach​
  • Consequences of Failure​
  • Governance Framework​

Module 3: GDPR Terminology and Techniques

  • Key Roles​
  • Data Set​
  • Subject Access Request (SAR)​
  • Data Protection Impact Assessments (DPIA) ​
  • What Triggers a Data Protection Impact Assessment? ​
  • DPIA is Not Required
  • Processes to be Considered for a DPIA​
  • Responsibilities​
  • DPIA Decision Path​
  • DPIA Content​
  • How Do I Conduct a DPIA? ​
  • Signing Off the DPIA​
  • Mitigating Risks Identified by the DPIA​
  • Privacy by Design and Default​
  • External Transfers​
  • Profiling​
  • Pseudonymisation​
  • Principles, User Rights, and Obligations​
  • One Stop Shop​


Module 4: Structure of the Regulation

  • Parts of the GDPR​
  • Format of the Articles​
  • Articles​


Module 5: Principles and Rights​

  • Introduction
  • Legality Principle​
  • How the Permissions Work Together​?
  • Lawfulness of Processing Conditions​
  • Lawfulness for Special Categories of Data
  • Criminal Offence Data​
  • Consent
  • Transparency Principle​
  • Fairness Principle​
  • Rights of Data Subjects​
  • Purpose Limitation Principle​
  • Minimisation Principle​
  • Accuracy Principle​
  • Storage Limitation Principle​
  • Integrity and Confidentiality Principle​
  • Accountability Principle​


Module 6: Demonstrating Compliance​

  • Demonstrating Compliance with the GDPR ​
  • Impact of Compliance Failure​
  • Administrative Fines​
  • What Influences the Size of an Administrative Fine?
  • Joint Controllers​
  • Processor Liability Under GDPR​
  • Demonstrating Compliance
  • Protecting PII is Only Half the Job
  • What must be Recorded? ​
  • Additional Ways of Demonstrating Compliance​
  • Demonstrating a Robust Process​
  • PIMS (Personal Information Management System) ​
  • Cyber Essentials​
  • ISO 27017 Code of Practice for Information Security Controls​
  • Risk Management​


Module 7: Incident Response and Data Breaches​

  • What is a Personal Data Breach? ​
  • Notification Obligations​
  • What Breaches Do I Need to Notify the Relevant Supervisory Authority About? ​
  • What Information Must Be Provided to the SA? ​
  • How do I Report a Breach to the SA? ​
  • Notifying Data Subjects​
  • What Should I do to Prepare for Breach Reporting? ​
  • Updating Policies and Procedures​
  • Breach Reporting and Responses ​
  • Ways to Minimize the Breach Impact​


Module 8: Understanding the Principle Roles

  • What does the GDPR Makes Businesses Responsible For?
  • Difference Between a Data Controller and a Data Processor
  • How the Roles Split?
  • Controllers and Processors
  • Main Obligations of Data Controllers
  • Demonstrate Compliance
  • Joint Controllers and EU Representative
  • Controller-Processor Contract
  • Maintain Records and Keeping Records for Small Businesses
  • Cooperation with Supervisory Authorities
  • Keeping PII Secure
  • Data Breach Transparency
  • Role of the Data Processor
  • Controller-Processor Contract
  • Main Obligations of the Processor
  • Perform Only the Data Processing Defined by the Data Controller
  • Update the Data Controller
  • Sub-Process or Appointment
  • Keep PII Confidential
  • Maintaining Records
  • Cooperate with Supervisory Authorities
  • Security
  • Appoint a DPO – If Necessary
  • Transferring Data Outside the EU


Module 9: Role of the DPO

  • Role of a Data Protection Officer
  • Involvement of the DPO
  • Main Responsibilities of the DPO
  • Working Environment for the DPO
  • Must We Have A DPO?
  • Public Body
  • What does Large Scale mean?
  • Systematic Monitoring
  • Who Can Perform the Role of DPO?
  • Skills Required
  • Monitoring Compliance
  • Training and Awareness
  • Data Protection Impact Assessments (DPIAs)
  • Risk-Based Approach
  • Business Support for the DPO
  • DPO Independence
  • DPO – Conflict of Interest


Module 10: Implementations

  • Key Differences Between the Data Protection Act and the GDPR
  • Highlights from the Data Protection Bill
  • Definition of Controller
  • Health, Social Work, Education, and Child Abuse
  • Age of Consent
  • Exemptions for Freedom of Expression
  • Research and Statistics
  • Archiving in the Public Interest


Module 11: Key Features

  • Specific Permission
  • Privacy by Design
  • Data Portability
  • Right to be Forgotten
  • Definitive Consent
  • Information in Clear Readable Language
  • Limits on the Use of Profiling
  • Everyone Follows the Same Law
  • Adopting Techniques


Module 12: Subject Access Requests and How to Deal with them?

  • Subject Access Requests (SAR)
  • Dealing with SAR
  • Recognize the Request
  • Understand the Time Limitations
  • Dealing with Fees and Excessive Requests
  • Identify, Search, and Gather the Requested Data
  • Learn about What Information to Withhold
  • Developing and Sending a Response

 

 

PRACTITIONER

Module 1: Data Subject Rights

  • Must I Always Obey a Right?
  • Rights and Third Parties
  • Requests Made on Behalf of Other Data Subjects
  • Guidelines for Children's Maturity
  • Responding to a Rights Request
  • What is a Month?
  • Rights Request Flow Chart
  • Right to be Informed
    • When Should Information Be Provided?
    • Best Practice Guidance
  • Right of Access
  • Right to Rectification
  • Right to Erasure
    • When can I Refuse to Comply with a Request for Erasure?
    • Erasing Children's Data
  • Right to Restrict Processing
    • When Processing Should be Restricted?
    • Protecting PII
    • Other Issues about Restricting Processing
  • Right to Data Portability
  • Right to Object
    • Complying with the Right to Object
    • Rejecting the Right to Object
    • Processing for Direct Marketing Purposes
    • Processing for Research Purposes
  • Rights Related to Automated Decision Making and Profiling
    • When does the Right not apply?


Module 2: Subject Access Requests

  • Provenance
  • Overview: SARs
  • SAR is an Activity, Not a Title
  • How can a SAR be Submitted?
  • What Information Should the Response to a SAR Contain?
  • Additional Information
  • Replying to a SAR
  • Confirming a Data Subject’s Identity
  • Scope
  • Electronic Records
  • Non-Electronic Records
  • SARs Involving 3rd Party PII
  • Fees
  • Refusing a Subject Access Request
  • Access Requests from Employees
  • Credit Reference Agencies
  • Best Practice for SARs


Module 3: Lawful Processing

  • Lawful Processing: A Reminder
  • User Rights Change Depending on the Justification
  • Lawfulness of Processing Conditions
  • Lawfulness for Special Categories of Data
  • ICO Tool
  • Consent
  • Key Points About Consent
  • Affirmative Action and Explicit Consent
  • Introduction of Affirmative Action
  • What is Not Affirmative Action?
  • Examples of Affirmative Action from the ICO
  • Introduction of Explicit Consent
  • Explicit Statement
  • Obtaining Explicit Consent
  • ICOs View of a Poor Form of Explicit Consent
  • Obtaining Consent for Scientific Research Purposes
  • Getting Consent
  • What Should Go into the Consent Request?
  • Consent Granularity
  • Right to Withdraw Consent
  • Children
  • Consent Records
  • ICOs Examples of Record Keeping
  • Key Points When Establishing Consent
  • Legitimate Interests
  • Getting the Balance Right
  • Consent or Legitimate Interest?
  • What Lawful Basis Can be Used for Processing Marketing PII?


Module 4: Third Country Data

  • Cross Border Transfers
  • Transfer Mechanisms
  • Derogations
  • Adequacy
  • Adequate Ways to Safeguard Transfers of PII
  • Consent
  • One-Off or Infrequent Transfers
  • Who is Responsible?
  • Transferring PII Between EEA Members
  • Adequate Countries Outside of the EEA
  • Binding Corporate Rules (BCR)
  • What a BCR Must Cover?
  • Authorization for BCRs
  • EU-US Privacy Shield
  • Privacy Shield Overview
  • Privacy Shield: Mechanics
  • Model Clauses
  • Public Authority Agreements


Module 5: Introduction to Protecting Personal Data

  • Need to Secure
  • What is Appropriate?
  • Protecting PII – 3 Key Areas
  • Coverage
  • Defensive Design
  • Single Point of Failure (SPOF)
  • Incident Response
  • Data Breach Reporting Requirements
  • Incident Response Team


Module 6: Data Protection Impact Assessments (DPIA)

  • Introduction
  • What Triggers a Data Protection Impact Assessment?
  • Cases Where DPIA is Not Required
  • Benefits of DPIA
  • Processes to be Considered for a DPIA
  • Responsibilities
  • DPIA Decision Path
  • DPIA Content
  • How Do I Conduct A DPIA?
  • Signing Off the DPIA
  • Mitigating Risks Identified by the DPIA


Module 7: Need Want Drop

  • Overview
  • Need-Want-Drop: Concept Diagram
  • Need-Want-Drop: Categorizing Data
  • Need/Want/Drop Methodology


Module 8: Dealing with Third Parties and Data in the Cloud

  • What is Cloud Computing?
  • Myths of Cloud
  • Cloud Challenges
  • Controller-Processor Contract
  • Checklist
  • Data Controller - Summary


Module 9: Practical Implications: GDPR

  • Brexit and its Impact on the GDPR
  • Adequacy
  • What does this Mean in Practice?
  • EU and UK Representatives
  • Exemption Rule
  • One-Stop Shop

 

Module 10: Legal Requirements of the GDPR

  • Lawful, Fair, and Transparent Processing
  • Limitation of Purpose, Data and Storage
  • Data Subject Rights
  • Consent
  • Personal Data Breaches
  • Privacy by Design
  • Data Protection Impact Assessment
  • Data Transfers
  • Data Protection Officer
  • Awareness and Training


Module 11: Privacy Principles in GDPR

  • Lawfulness, Fairness, and Transparency
  • Purpose Limitation
  • Data Minimization
  • Accuracy
  • Storage Limitation
  • Integrity and Confidentiality


Module 12: Common Data Security Failures, Consequences, and Lessons to be Learnt

  • Common Data Security Failures
  • Consequences
    • Fines Relating to Data Breaches
    • Litigation from Customers Relating to Data Breaches
    • Directors, Officers, and Professional Advisors
    • Reputational Damage
  • Lesson Learned
    • Knowing When and How to Communicate with Affected Individuals is Not Easy
    • GDPR is Important, as are Other Legal Frameworks
Kapcsolódó vizsgák

To achieve the Certified EU General Data Protection Regulation (EU GDPR) Foundation, candidates will need to sit for an examination. The exam format is as follows:

Question Type: Multiple Choice
Total Questions: 45
Total Marks: 45 Marks
Pass Mark: 65%, or 29/45 Marks
Duration: 60 Minutes
Open Book/ Closed Book: Closed Book

To achieve the Certified EU General Data Protection Regulation (EU GDPR) Practitioner, candidates will need to sit for an examination. The exam format is as follows:

Question Type: Multiple Choice
Total Questions: 30
Total Marks: 30 Marks
Pass Mark: 57%, or 17/30 Marks
Duration: 90 Minutes
Open Book/ Closed Book: Closed Book

Kérdésed van az e-learninggel kapcsolatban?

education organizer

Juhász Ágnes

Oktatásszervező

juhasz.agnes@masterfield.hu

+3618009864

Kérdezz oktatásszervezőnktől

Megrendelem

Hallgatóink mondták

Ezek a tanfolyamok és e-learningek is érdekelhetnek

Tekintsd meg néhány további képzésünket a témában


Certified General Data Protection Regulation (GDPR) Foundation vizsgafelkészítő e-learning vizsga voucherrel
(MFGDPRFE)
Ár:
845 500 Ft + Áfa
An EU GDPR Foundation Course provides a fundamental understanding of the General Data Protection Regulation (GDPR) set forth by the European Union. This GDPR Training Course offers a comprehensive introduction to the key principles, requirements, and implications of GDPR for businesses and individuals. Participants gain insights into data protection principles, consent mechanisms, data subject rights, and obligations of data controllers and processors under GDPR.
További részletek
Certified General Data Protection Regulation (GDPR) Practitioner vizsgafelkészítő e-learning vizsga voucherrel
(MFGDPRPE)
Ár:
845 500 Ft + Áfa
Certified EU General Data Protection Regulation (EU GDPR) Practitioner Become familiar with principles of data protection and how they apply to personal data. Understand how to manage third-party processors and how to conduct due diligence. Learn how to develop data retention policies and ensure compliance with GDPR
További részletek