Data Protection Officer – Preparing for the GDPR


Price Qty
Members €400.40 (EUR)  
Non-Members €614.25 (EUR)  

Online event registration and ticketing powered by Event Espresso

  • September 13, 2017
    9:00 am - 6:00 pm

Data Protection Officer – Preparing for the GDPR

Pre-requisites;  The course is offered to nominated DPO’s.

The objective is to provide an overview of the new General DP Regulation, and to offer pragmatic suggestions on how to prepare for compliance with the new legislation.

Candidates are typically nominated DPO’s for their own organisations, and are already familiar with the challenges of implementing compliant data management solutions under the 1995 Data Protection Directive.
Co-Requisite Topics Candidates should also have a good understanding of their own organisation’s data processing activities, through the life cycle from initial acquisition, through the various areas of processing and usage, to eventual removal or destruction.

Number of days 1
Subject Aims To provide the candidate with the basic overview of new General Data Protection Regulation and to outline pragmatic suggestions on organisational, technological and procedural solutions to ensure compliance under the new Regulation.

Learning Outcomes; On completion of this module, Candidates will

Overview of Regulation

L1.1 Review the core principals of the General Data Protection Regulation (GDPR)

L1.2 Understand newly-defined terms and concepts relevant to the DPO

Role and responsibilities

L2.1 Understand the tasks set out for the DPO

L2.2 Understand the practical implications of the Principles and Rights contained within the Regulation

L2.3 Understand the obligations for the Data Controller and Processor under the Regulation

L3.1 Consider the requirement regarding Privacy Impact Assessments

L3.2 Third-party Contracts and shared liability

L3.3 Logging of data management processes

L3.4 Data Breach Notification obligations

L3.5 Restrictions regarding overseas transfer of personal data

L4.1 Preparing for the ‘Right to be Forgotten’

L4.2 Implementing ability to enable restriction of processing

L4.3 Enabling the Data Subject to object to certain processing

L4.4 Implement processes to amend or erase inaccurate data

L4.5 Preparing to enable data portability

L4.6 Enabling the Data subject’s right to access their personal data

L4.7 Review of automated decision-making and profiling

L5.1 Prepare templates for Data Management Logs

L5.2 Embedding Breach Notifications procedures

L5.3 Review of data management policies and procedures

L6.1 Planning for implementation of GDPR

L6.2 Nomination of Data Protection ‘Champions’

L6.3 Staff training and awareness

L6.4 Adoption of appropriate Codes of Conduct, Certification

L6.5 Consideration of suitable tools and systems

L6.6 Available support mechanisms

Assessment Criteria There is no exam accompanying this module.

The trainer will follow up with Candidates in the weeks following the course to ensure that they are comfortable with the requirements of the Regulation

Required Reading will be circulated to candidates on registration for the course

Course Material DPO Document templates – these will be issued on the day of the course
The Slide Deck – these will be handed out to each candidate following the course

Supplementary Reading General Data Protection Regulation – final published draft 2016
Article 29 Working Party definitions (Personal Data, Data Controller)
Article 29 Working Party guidance on GDPR (various)
Supervisory Authority guidance on preparing for GDPR (various)