Description
The seminar covers all three aspects of the new GDPR Regulation, Legal, Technical and Organizational. The General Data Protection Regulation (GDPR - 2016/679) will apply in all member states from 2018 and must be applied by all companies and organizations without requiring the corresponding National legislation. It should be noted that the fines provided for in cases of non-compliance amount to 4% of the Turnover of the Enterprise (or of the Group of Companies, regardless of which undertaking is the infringement). However, beyond the issue of fines, an Integrated Privacy System covers the business from Dissatisfaction, Loss of Business Secrets, Leakage of Business Know - How and Loss of Reliability in Commercial Transactions. Analytical measures (plans, policies, practices, etc.) that ensure the Confidentiality, Integrity and Availability of Personal Data that are collected, processed, transmitted and used by each Organization will be presented. The evaluation methodology will then be presented, as well as corresponding Impact Reporting Tools to identify Gap Analysis points. Finally, we will present the methodology and the individual steps that are being taken in order to design a Personal Data Management System in a credible way. At the same time, a qualified lawyer will also cover the Legal Dimension of the Regulation, analyzing the main points, recognizing flexibility and responding to questions. Participants will have the option of Online Advisory Support on Implementation of the Rules, at no extra cost, for one year after the seminar.Course Content
1. Introduction – Basic Needs and Reasons
- Why is Data Protection needed
- What is Data Protection
- Basic terms of Data Protection
- How Data Protection operates
- Reasons for Data Protection in Companies and Organizations
2. European General Data Protection Regulation (GDPR)
- Data subjects rights (consent, erase, etc.)
- Data breach notification
- International Data Transfers
- Fines for non-compliance
- Data Quality Principles
- Data Protection Officer
3. Data Protection and Privacy System
- Personal Data Protection Governance Model
- Data Protection and Privacy System Summary
- Data Protection and Privacy System Milestones
- Data Protection and Privacy System Phases
4. Phase A: Data Protection and Privacy Preparation
- Step A1: Conduct Privacy Analysis
- Step A2: Collect Privacy Laws
- Step A3: Analyze Privacy Impact
- Step A4: Perform Initial Data Audits and Assessments
- Step A5: Establish Data Governance Organization
- Step A6: Establish Data Flows and Personal Data Inventory
- Step A7: Establish Data Protection and Privacy Program
- Step A8: Craft DP& P Implementation Action Plans
- Products and Results
5. Phase B: Data Protection and Privacy Organization
- Step B1: Maintain Data Privacy Program, Policy and Governance Controls
- Step B2: Assign and maintain Data Protection and Privacy responsibility
- Step B3: Maintain Senior Management engagement in Data Protection and Privacy
- Step B4: Maintain Data Protection and Privacy Commitment
- Step B5: Maintain regular communication for Data Protection and Privacy issues
- Step B6: Maintain stakeholder engagement in Data Protection and Privacy matters
- Step B7: Implement and Operate the Data Protection and Privacy Computerized System
- Products and Results
6. Phase C: Data Protection and Privacy Development and Implementation
- Step C1: Develop and implement Data Protection and Privacy Strategies, Plans and Policies
- Step C2: Develop and implement A Data Classification System
- Step C3: Implement Approval Procedure for Processing Personal Data
- Step C4: Register Databases of Personal Data
- Step C5: Develop and Implement a Cross-Border Data Transfer System
- Step C6: Execute DP &P integration activities
- Step C7: Execute DP &P training plan
- Step C8: Implement Data Security controls
- Products and Results
7. Phase D: Data Protection and Privacy Governance
- Step D1: Implement Practices for Managing the uses of data
- Step D2: Maintain Data Privacy Notices
- Step D3: Implement Data Quality for personal data
- Step D4: Implement Data minimization for personal data
- Step D5: Implement Data storage and deletion for personal data
- Step D6: Execute a Requests, Complaints and Rectification Plan
- Step D7: Execute a Data Protection Risk Assessment
- Step D8: Issue Data Protection and Privacy Reports
- Step D9: Maintain Data Privacy Documentation
- Step D10: Establish and Maintain a Data Privacy Breach Response Plan
- Products and Results
8. Phase E: Data Protection and Privacy Evaluation and Improvement
- Step E1: Perform Internal Audits of Data Protection and Privacy
- Step E2: Engage an external party to perform Data Protection and Privacy assessments
- Step E3: Perform privacy assessments and benchmarks
- Step E4: Execute Data Protection Impact Assessments
- Step E5: Resolve Data Protection and Privacy (DP&P) Risks
- Step E6: Report DP&P Risk Analysis and Results
- Step E7: Monitor Data Privacy Laws and Regulations
- Products and Results
- Understand the basic principles of Data Protection
- Will be able to prepare their company to comply with the requirements of the new General Data Protection Regulation (GDPR – 2016/679)
- They will be able to effectively control, evaluate and implement the operation of a Personal Data Protection System (with roles, plans, policies and practices, etc.)
- Use a set of practical data protection case studies to identify their company failures and take improvement measures
- Will be able to design Data Protection measures for all Corporate Data (unstructured, structured, financial, personal, etc.), choosing among alternatives the most appropriate for their business
- Be able to implement techniques for improving Data Quality and Assessing the adequacy of the Data Protection and Computing System that have been installed
- They will have the possibility of free online support for one year at the subject of the seminar
To whom it is addressed to:
The seminar is addressed to those executives who are involved in the collection, processing, transmission, use and storage of Corporate Data (customers, production, staff, etc.) to the Executives of Management (top, accountants, personnel management, marketing, Control, compliance, legal service, etc.), IT Executives and all Executives involved in the design, control and evaluation of Data Protection and Security and the operation of the IT Systems of the company.
Seminars material includes:
- Presentation of the seminar in electronic form
- Incident Management System – IT Security Issues
- Risk Assessment & Management Tools
- Attestation of Attention
- Access codes to the iBcl website for downloading the seminar material
Christos Koziaris
Pavlos Aspiotis
THESSALONIKI
Date: 2020Venue & Hall: ,
ATHENS
Date: 2020Venue & Hall: ,
Discount analysis:
20% discount for the 3rd and every subsequent.
- Live Online Training:
24/01/2025
ESPA Programmes Management
- Live Online Training:
31/01/2025
Emotional Intelligence in Business
- Live Online Training:
03/02/2025
The Training of Warehouse Executives
- Live Online Training:
06/02/2025