Course Outline

Data privacy impact assessment

  • What this is and why you need to do this
  • Examining existing data
  • The role of the DPO and do you need one.
  • Key legislation
  • Risk management framework
  • Data mapping
  • Dealing with cloud providers
  • Demonstrating compliance
  • Developing data collection policies and procedures
  • Developing permission policies and procedures.
  • Developing data loss prevention and data breach strategies and management programs
  • How to proceed and how to address individuals’ requests and complaints
  • Employees’ training and awareness program
  • Anonymizing and pseudo-anonymizing data


  • Data inventory and data transfer mechanism
  • Track legislation changes etc.
  • Monitor data handling practices
  • Internal audits and assessments – also ad-hoc in case of an event
  • Documentations, certifications, accreditations etc.

Security risks

  • Look at existing security measures
  • Integrate the new GDPR with security measures (intrusion detection, firewalls)
  • Maintain human resources security (pre-screening, referencing paper-based files)
  • Implement data protection into information security policy
  • Establish data loss prevention strategy
  • Conduct regular tests

Data Breach management program

  • What to do if you have a data breach
  • Create a data privacy incident / breach response plan
  • Maintain a log of incidents
  • Create a policy for a data breach
  • Appoint a forensic investigation team. 


You must have completed the one day GDPR workshop, or have basic knowledge of the GDPR

 21 Hours

Testimonials (1)

Related Categories