The General Data Protection Regulation (the “GDPR”) came into effect on 25 May 2018. The GDPR is directly effective in each EU member state, with the aim that the same rules will be applied uniformly within the EU. This marks a shift in the approach to data protection at a European level, which until 25 May 2018 relied on national implementing legislation in each EU member state.
Avoid heavy fines and reputation loss, resulting from non-compliance; learn from our expert on how the GDPR will affect your organisation.
One Day Course Price: €500 per person
Click here to view the upcoming Virtual Live Training 1.5 hour session schedule.
To book onto a Virtual Live Training 1.5 hour session, or series of sessions, please click here.
The course is offered to those who are responsible for ensuring that their organisation is compliant with data protection and privacy law. Course attendees are expected to have a basic understanding of the current data protection legal requirements under the Irish Data Protection Acts 1988 and 2003 and to have attended the Olas GDPR Essentials Course.
Goals and Objectives
This one-day course will provide participants with a wealth of knowledge into the main provisions of the GDPR, as well as knowledge and help on what you can do to become compliant.
Introduction to GDPR
Review the core principals of the General Data Protection Regulation (GDPR)
Processing, Consent, Legitimate interest
Legal ground for processing personal data
The use of Legitimate Interests as a lawful basis for processing personal data
Review of Roles and Responsibilities under GDPR
What are the Data Protection Officers (DPO) role and do you need one
Understand the practical implications of the Data Subject Rights contained within the Regulation
Understand the responsibilities for the Data Controller and Processor under the Regulation
Internal Data Operations with GDPR
Look at how Privacy Impact Assessments may affect your business
Privacy by Design and Default
Third-party Contracts and shared liability
Maintaining data management processes
Data Profiling, Anonymization and Pseudonymisation
Data Breach Notification and response obligations
Restrictions regarding overseas transfer of personal data
Data Subject Rights
Overview of individual rights and examples
Right of access
Right to be forgotten
Right to restrict processing
Right to object
Automated decision making and profiling
Codes of Conduct and Certification
Prepare templates for Data Management Logs
Review of data management policies and procedures
Infringements and Penalties
Circumstances giving rise to fines and factors to be considered.
Remedies and sanctions
Two “tier” structure
Planning and Preparation
Planning for implementation of GDPR
Continual Staff training and awareness
Consideration of suitable tools and systems
Available support mechanisms
Discussion and Question Time