EU GDPR Foundation and Practitioner
Learn how to implement the EU GDPR and qualify for the role of data protection officer (DPO).
The EU General Data Protection Regulation (EU GDPR) is new legislation that provides a single, harmonised data privacy law for the European Union. With the increasing risk of data breaches from cyber attack, the EU GDPR aims to prevent the loss of personal data by improving data security for all individuals living in EU member states. UK organisations have until May 2018 to comply with the new law, or potentially face fines of up to 4% of annual turnover or €20 million.
The Certified EU General Data Protection Regulation (GDPR) Foundation and Practitioner Combination course consists of the Certified EU General Data Protection Regulation Foundation (one-day) and Practitioner (four-day) training courses. This unique training programme provides a comprehensive introduction to the requirements of the EU GDPR, and a practical guide to planning, implementing and maintaining an EU GDPR compliance programme. It also enables delegates to fulfil the mandatory role of data protection officer (DPO) under the EU GDPR.
The course also supports professional development: delegates who pass the included exams are awarded the ISO 17024-accredited EU GDPR Foundation (EU GDPR F) and EU GDPR Practitioner (EU GDPR P) qualifications by IBITGQ.
Who should attend this course?
- Managers who are already involved in data protection with either an information security or data protection background.
- Individuals with little experience but who wish to enter the field of data protection with a professional qualification.
Certified EU General Data Protection Regulation Foundation (1 day)
This Foundation-level course provides a complete introduction to the EU GDPR, and an overview of the key implementation and compliance activities.
- Essential EU GDPR background and terminology
- Key differences between the Data Protection Act and the EU GDPR
- Data subjects and their rights
- Dealing with subject access requests
- Marketing requirements
- The implementation path to EU GDPR compliance:
- Privacy by design
- Data privacy impact assessments (DPIA)
- Data audits
- Training and competence requirements
- Incident response and breach reporting
- Updating policies and procedures
- International data transfers
- Replacing Safe Harbour – the new requirements
Certified EU General Data Protection Regulation Practitioner (4 days)
This Advanced-level course is focused on enabling delegates to fulfil the role of data protection officer (DPO) under the EU GDPR, and covers the Regulation in depth, including implementation requirements, the necessary policies and processes, as well as important elements of effective data security management.
- Setting up a privacy compliance framework
- The role of the DPO
- Common data security failures, consequences and lessons to be learnt
- GDPR privacy principles
- Data privacy impact assessments
- Developing a risk management framework
- Data mapping
- The rights of data subjects
- Consent rules
- Subject access requests
- The roles of and relationships between controllers and processors
- Dealing with third parties and data in the Cloud
- Demonstrating compliance with the GDPR
- Data breach reporting requirements
- Range of enforcement, regulatory and compensatory aspects of the GDPR
"A well-presented course with first class delivery that will successfully prepare you for the introduction of the GDPR in May 2018. I recommend any business that deals with personal data to attend."
Garry Fusellier, Head of Information Assurance (States of Guernsey)
IT Governance is a professional services company, founded in 2002, with a wealth of consultancy skills that originally focused on information security/cybersecurity standards, notably ISO27001. Their consultants have extensive practical experience of designing and implementing management systems and help to develop the skills needed to deliver best practice and compliance in an organisation.
The company has an impressive track record having helped well over 130 clients over the years to successfully gain the coveted ISO27001 certificate, proving their compliance with one of the most demanding management system standards. They have since developed their offerings into various other management disciplines and now provide a comprehensive single source of information, advice, books, tools, consultancy and training for IT governance, risk management, compliance and IT security objectives.