Course Objectives
Certified Data Protection Officer - Virtual Learning
Course Objectives
By the end of the course, participants will be able to:
Define data protection principles and rights of data subjects
Determine the lawful basis for processing data
Demonstrate how to deal with subject access requests, data breaches and internal investigations
Apply appropriate transfer mechanisms for cross border transfer of personal data
Create and implement a privacy framework for their organization
Target Audience
This course is suitable for anyone who handles sensitive personal or company data. This includes compliance officers and managers, auditors, IT managers, human resources, database professionals and any information security, incident management, and business continuity professionals whose responsibilities include the secure handling of data.
This course is also suitable for current Data Protection Officers who are seeking to become certified or update their knowledge with the latest laws.
Target Competencies
Operational compliance
Decision making
Communication with stakeholders
Information Governance
Policy Creation
Course Outline
Introduction to Data ProtectionGeneral Data Protection Regulation (GDPR) and DIFC Data Protection Laws 2020Other relevant Data Protection lawsData Protection terminologyPersonal Data and special categories of dataData Protection principlesRole of Controllers and ProcessorsData Processing Agreements
Legal BasisLawful basis for processing Personal DataProcessing special category Personal DataConditions of consentUnderstand the reliance on legitimate interests
Data SubjectsPrivacy NoticesRights of Data SubjectsSubject Access Requests (SARs)
Data Breaches and ComplaintsObligations of the ProcessorNotification to the CommissionerNotification to Data SubjectsBreach procedureRemedies, liabilities and sanctionsComplaints and mediationFines
SecuritySecurity of dataPseudonymizationEncryption
The Data Protection Officer (DPO) RoleThe duties and obligations of the DPOHigh Risk ProcessingCommunicating with Data SubjectsCooperating with the CommissionerConsider the Annual Risk Assessment
Cross border transfersTransfers outside of jurisdiction in absence of adequate protectionCountries that have adequate level of protectionSchrems II caseStandard Contractual ClausesBinding Corporate RulesDerogations
GovernanceUnderstand concept of accountability to demonstrate complianceHow to achieve complianceUnderstand concept of Records of Processing Activities (RoPA)How to mitigate riskMonitoring complianceUnderstand concept of Data Protection Impact Assessments (DPIAs)