Tailored for stakeholders with low or none of the experience in the field of GDPR Compliance or General Data Protection Compliance. Educational Session / Workshop is not industry specific.
- Applicable Data Protection Regulation/Legislation: Extraterritorial Application of the GDPR, Local Specifics
- Personal Data Protection Fundamentals: What is Personal Data, Examples, Pseudonymization vs Anonymization, Categories of Personal Data, Special Categories of Personal Data, Common misconception, Data Subjects
- Processing Roles Allocation: Data Controller vs Data Processor
- Data Protection Officer vs EU GDPR Representative
- Data Processing Principles: Fairness, lawfulness and transparency; Restriction to a specific purpose; Data reduction and data economy; Deletion and storage; Factual accuracy; up-to-date data; Confidentiality and data security
- Legal Basis for Processing and Purpose
- Consent
- Records of Processing Activities: Obligation to maintain RoPA; Responsibilities; Characteristics of RoPA
- Data Breach Management: Personal Data Breach Management, Confidentiality Breach Management, Security Breach Mangement
- Data Subject Requests Management: the right to be informed; the right of access; the right to rectification; the right to erasure; the right to restriction of processing; the right to data portability; the right to object; rights related to automated decision making and profiling
- International Transfers: Intracompany International Transfers, International Transfers outside of the Company
- Data Retention
- Vendor Management
- Security of Data: Technical and Organizational Measures
- Data Protection By Design: Accountability
- Data Protection Non-Compliance Consequences