GDPR Implementation Course

This online GDPR course is for any individual assigned to implementation of the GDPR into an organisation. Our step by step approach guides you towards compliance and away from fines and reputational damage.

For €100 discount enter at Checkout

349.00

This online GDPR course is for any individual assigned to implementation of the GDPR into an organisation. Our step by step approach guides you towards compliance and away from fines and reputational damage.

Module 1

Introduction to the GDPR Implementation Course 

Here we discuss the background to the GDPR which was came into law on May 25th 2018, an overview of what it means to you and your business and the financial and reputational cost of non-compliance.

 

Module 2

Personal Data & Special Categories of Personal Data

In this module we discuss what personal data and special categories of personal data are and outline what kinds of personal data you may be processing.  By the end of this module, you will have begun the initial stage of identifying the personal data you process and be able to identify if any of that personal data is special category data (for example, health data). We will also discuss what extra safeguards can be put in place to protect that data.

Module 3

The GDPR Principles

The GDPR Principles sets out the conditions under which personal data must be processed. We discuss in detail how you apply each principle to the personal data that you process.

This module forms a large part of modules later on, including conducting data audits, producing a privacy notice and Data Protection & Privacy Policy and Procedures.

*Template Data Protection & Privacy Policy and Procedures provided with the GDPR Toolkit of Policies and Procedures.

Module 4

Data Controller & Data Processor 

Determining whether you are a data controller or processor for different aspects of your business is key to understanding your responsibilities under the GDPR. In this module, we go through what a data controller and data processor is along with many common examples that you will encounter within your own business. 

Module 5

Lawful basis for processing personal data

In this module we discuss the legal basis for processing that must exist for you to process personal data under the GDPR. By the end of this module you will be able to begin identifying the legal basis for processing personal data that you process. Also examined will be how to conduct a Legitimate Interests Assessment (LIA).

This module forms a large part of modules later on, including conducting data audits and producing a privacy notice.

*Legitimate Interest Assessment template included.

Module 6

Data Protection Officer (DPO ) and Compliance Officer

Many businesses will need to appoint a DPO. If a DPO is not required, a Compliance Officer should be appointed. In this module, we will go through instances that your business would need to appoint a DPO along with the roles and responsibilities  of a DPO and Compliance Officer. This will include tips on how to increase GDPR awareness throughout the whole organisation and the training required to do this effectively.

Module 7

Rights of the Data Subject

The GDPR strengthens the currents rights of the Data Subject (i.e. your employees, your customers and any individual who is the subject of personal data) and also creates new rights. We will discuss how these rights affect operations and the steps you must take to ensure that each can be adhered to.

Module 8

Privacy by Design and Default

This module describes what privacy by design and default means in the GDPR, how you can achieve it through your own business functions and the benefits of using technology, new procedures and paperless systems to create greater levels of privacy for your customers and employees.

Module 9

Data Breach

A data breach can have a devastating impact on a business. Here we discuss common causes of data breaches, the potential financial cost and reputation damage of a data breach, how to put a data breach procedure in place,  how to document a data breach, how to reduces the likely hood of a data breach occurring and when it is mandatory to notify the supervisory authority in the event of one.

*Data Breach Procedure template and Data Breach Incident Form template included in the GDPR Toolkit of Policies and Procedures.

Module 10

Marketing under the GDPR

Significant changes have occurred under the GDPR in relation to marketing. In this module, we discuss how to examine your current marketing list to determine whether marketing would be compliant under the GDPR. We also discuss the different legal bases that exist for marketing under the GDPR and the requirements for each. 

Module 11

Data Audit

It is a requirement of the GDPR that you document the personal data collected through all processes and outline how you process that information. In this module we discuss in detail each section that must be answered and also use examples that are relevant to your organisation.  This module includes a practical demonstration of how to complete a data audit.

*Data Audit template included in GDPR Toolkit of Policies and Procedures.

 

Module 12

Privacy Notice 

Follow our instructions and design your own GDPR compliant Privacy Notice to meet your business  obligations under GDPR to provide a privacy notice in easily understand language.

Here we discuss what is a Privacy Notice is and what must be displayed in one to abide by the GDPR.

Our instructor leads the demonstration in designing a GDPR compliant Privacy Notice and also outlines how it can be customised to suit your business.

*Privacy notice template included in GDPR Toolkit of Policies and Procedures

 

Module 13

Subject Access Requests

Subject access requests are an increasingly common occurrence today for businesses and this trend will continue under the GDPR.

In this module we discuss what  a Subject Access Request (SAR) means under GDPR, what the rights of an individual are in relation to an SAR, when can you refuse to grant a SAR, how to handle a SAR within 30 days and how to manage SAR complaints.

*Subject Access Request Procedure template and  SAR letter templates included in the GDPR Toolkit of Policies and Procedures.

 

 

Module 14

Data Protection Impact Assessment (DPIA)

In this module, you will learn what a DPIA is how to use the DPIA assessment tool to identify risks to the privacy of individuals when processing personal data to ensure that if it is possible, you can put the necessary measures and controls in place to mitigate those risks to allow processing to take place.

*DPIA template provided with your GDPR Toolkit of Policies and Procedures 

 

Module 15

Data Processor Agreement

Under the GDPR you are required by law to have a contract or other legal act in place with an Data Processor that processes personal data on your behalf.

By the end of this module, you will be able to begin designing a customised data processor agreement for all data processors that process personal data on behalf of your organisation.

*Data Processor Agreement Template provided in your GDPR Toolkit.

 

Module 16

Policies and Procedures

It is a mandatory requirement under the GDPR that the controller implements appropriate data protection policies and procedures to demonstrate the technical and organisation measures taken to comply with the GDPR.

In this instructor lead module you will learn how to design and implement the following policies and procedures:

  • Comprehensive Data Protection and Privacy Policy and Procedures
  • Information Security Policy
  • Data Retention and Erasure Policy
  • Clear Desk Policy
  • BYOD and Remote Access Policy

 

Module 17

GDPR Staff training and awareness

Article 39. of the GDPR states that a Data Protection Officer’s responsibilities include awareness-raising and training of staff involved in processing operations. It is key that your staff are aware of and can adhere to the GDPR and the policies and procedures your business sets out in relation to it. In this module, we discuss how to implement an effective GDPR training and development policy and recommend activities to create GDPR staff awareness in your business that creates a lasting affect towards compliance.

* Training and Development Policy provided in your GDPR toolkit

 

Module 18

GDPR Implementation Plan

Instructor lead demonstration leads you through how to complete your GDPR Implementation plan and set deadlines for each requirement

You will be given access to the Format:Data learning platform to enrol on the GDPR Implementation Course. This gives you access to over 4 hours of video content of a step by step practical guide to GDPR compliance. Also included is our policy and procedure templates which we will customise throughout the online GDPR course to suit your business requirements.

It is a requirement of the GDPR that organisations adhere to it’s requirements. Non-compliance with the GDPR can lead to large fines and risks reputational damage for your organisation. There is a growing expectation from consumers and employees that personal data should be handled correctly and in a transparent manner. 

Data (Information ) Audit

Privacy Notice

Data Protection Impact Assessment

Legitimate Interest Assessment

Subject Access request Procedure

Data Breach Policy and Procedures

Data Breach Register

Data Protection and Privacy Policy and Procedures

Data Retention and Erasure Policy

Staff Training and Development Policy

Information Security Policy

BYOD and Remote Access Policy

Clear Desk Policy

Record of Processing Activity

Data Processor Agreement Template