Course Outline
Data privacy impact assessment
- What this is and why you need to do this
- Examining existing data
- The role of the DPO and do you need one.
- Key legislation
- Risk management framework
- Data mapping
- Dealing with cloud providers
- Demonstrating compliance
- Developing data collection policies and procedures
- Developing permission policies and procedures.
- Developing data loss prevention and data breach strategies and management programs
- How to proceed and how to address individuals’ requests and complaints
- Employees’ training and awareness program
- Anonymizing and pseudo-anonymizing data
Maintenance
- Data inventory and data transfer mechanism
- Track legislation changes etc.
- Monitor data handling practices
- Internal audits and assessments – also ad-hoc in case of an event
- Documentations, certifications, accreditations etc.
Security risks
- Look at existing security measures
- Integrate the new GDPR with security measures (intrusion detection, firewalls)
- Maintain human resources security (pre-screening, referencing paper-based files)
- Implement data protection into information security policy
- Establish data loss prevention strategy
- Conduct regular tests
Data Breach management program
- What to do if you have a data breach
- Create a data privacy incident / breach response plan
- Maintain a log of incidents
- Create a policy for a data breach
- Appoint a forensic investigation team.
Requirements
You must have completed the one day GDPR workshop, or have basic knowledge of the GDPR
Testimonials
The variety of the information shared and the clarity to explain terms in plain English.
Arisbe Mendoza - Fairtrade International
The training was very informative and relevant to the realities of what we are dealing with. It was very eye-opening to understand how to deal with data of UE residents. The trainer was very informed and prepared on the subject.
Isaac Rewa - Fairtrade International
The preparation and knowledge of the trainer.
Fairtrade International
Knowledge of the trainer.
Eddyfi Technologies
Calm, thoughtful and structured way of conducting. The instructor's English is very good. The trainer was very well prepared substantively.