Course Objectives
Certified Data Protection Officer
Course Methodology
This course is highly interactive with facilitator-led presentations, group discussion and real current case studies.
Course Objectives
By the end of the course, participants will be able to:
Define data protection principles and rights of data subjects
Determine the lawful basis for processing data
Demonstrate how to deal with subject access requests, data breaches and internal investigations
Apply appropriate transfer mechanisms for cross border transfer of personal data
Create and implement a privacy framework for their organization
Target Audience
This course is suitable for anyone who handles sensitive personal or company data. This includes compliance officers and managers, auditors, IT managers, human resources, database professionals and any information security, incident management, and business continuity professionals whose responsibilities include the secure handling of data.
This course is also suitable for current Data Protection Officers who are seeking to become certified or update their knowledge with the latest laws.
Target Competencies
Operational compliance
Decision making
Communication with stakeholders
Information Governance
Policy Creation
Course Outline
Introduction to Data Protection
General Data Protection Regulation (GDPR) and DIFC Data Protection Laws 2020
Other relevant Data Protection laws
Data Protection terminology
Personal Data and special categories of data
Data Protection principles
Role of Controllers and Processors
Data Processing Agreements
Legal Basis
Lawful basis for processing Personal Data
Processing special category Personal Data
Conditions of consent
Understand the reliance on legitimate interests
Data Subjects
Privacy Notices
Rights of Data Subjects
Subject Access Requests (SARs)
Data Breaches and Complaints
Obligations of the Processor
Notification to the Commissioner
Notification to Data Subjects
Breach procedure
Remedies, liabilities and sanctions
Complaints and mediation
Fines
Security
Security of data
Pseudonymization
Encryption
The Data Protection Officer (DPO) Role
The duties and obligations of the DPO
High Risk Processing
Communicating with Data Subjects
Cooperating with the Commissioner
Consider the Annual Risk Assessment
Cross border transfers
Transfers outside of jurisdiction in absence of adequate protection
Countries that have adequate level of protection
Schrems II case
Standard Contractual Clauses
Binding Corporate Rules
Derogations
Governance
Understand concept of accountability to demonstrate compliance
How to achieve compliance
Understand concept of Records of Processing Activities (RoPA)
How to mitigate risk
Monitoring compliance
Understand concept of Data Protection Impact Assessments (DPIAs)