Course Outline

Privacy and data protection fundamentals & regulation

• Definitions
• Personal data
• Legitimate grounds and purpose limitation
• Further requirements for legitimate processing of personal data
• Rights of data subjects
• Data breach and related procedures

Organizing data protection

• Importance of data protection for the organization
• Supervisory authority1
• Personal data transfer to third countries
• Binding Corporate rules and data protection in contracts

Practice of data protection

• Data protection by design and by default related to information security
• Data protection impact assessment (DPIA)

Practice related applications of the use of data, marketing and social media

Learning Objectives

• GDPR and its purpose
• Identify the difference between personal and sensitive data and how to process each type of data
• Know the role of the ICO – The UK’s national regulator
• The role and responsibilities of the data officer, data controller and data processor and how each can keep data safe through their day to day practices
• 7 principles for storing and processing of data
• Know what constitutes a data breach and the potential action that could be taken

Target Audience

All employees who need to have an understanding of data protection and European legal requirements as defined in the GDPR. More specific the following roles could be interested: Data Protection Officer, Privacy Officer, Legal Officer / Compliance Officer, Security Officer, Business Continuity Manager.

Exam Details

Examination type: Computer-based or paper-based multiple-choice questions

Duration: 60 Mins

Number of questions: 40

Pass mark: 65 % (min 26 from 40)