GDPR for DPOs
The GDPR entered in effect on 25 May 2018, putting emphasis on the Data Protection Officer (DPO) as a key person to ensure personal data are kept and managed safely.
During that 1-day training session, DPO as well as other staff coordinating data protection will gain knowledge as to the key concepts underlying the GDPR as well as to their roles in an organisation.
While this training session does not support a DPO certification, it aims at providing a comprehensive and solid ground for DPO and alike in their day-to-day activities.
By the end of this training, the participants will be able to:
- Have a proper understanding of the Luxembourg and EU regulatory framework as to data privacy.
- Understand their role and function as a key person in charge of data privacy.
- Explain the key concepts of the GDPR and how they apply to their respective organisation, whether locally or a group level.
- Define their action and monitoring plans for compliance with the regulation.
- Interact with the data protection authorities.
1. Introduction: overview of the Regulation
- Purpose, Territorial scope, Material scope, General principles, Controller/Processor, Data privacy by design and by default, Register of processing
2. Role and position of a DPO
- Mission and role of the DPO, Typical tasks of a DPO, Management of conflict of interest, Criteria leading to the appointment of a DPO
3. Lawfulness of processing
- Different lawful bases as per the regulation, Attention areas applicable to each base, Case study
4. Consent as a lawful base
- Valid consent, Balancing test vs the data subject rights, Case study
5. Management of personal data of special category
- Children, Criminal convictions, Special category of data, Case study
6. Data subject rights
- Different rights, Limitations and conditions to the exercise of rights, Role of the DPO, Case study
7. Requirements for data controllers and data processors
- Information security, DPIA, Incident and breach management, Training, Case study
8. Transfer of personal data in/ou the EEA
- Conditions for transfer incl BCR, Case study
- Organisation, Approach, Certification
10. When it goes wrong
- Fines, Practical examples
11. Q&A and closing
A qui s'adresse la formation?
Data Protection Officers and GDPR leaders
An attendance certificate will be sent to participants.