Library

Course: Build EU GDPR Data Protection Compliance from scratch

Build EU GDPR Data Protection Compliance from scratch

  • Life Time Access
  • Certificate on Completion
  • Access on Android and iOS App
About this Course

**** Updated**** 10+ hours of GDPR content and 60+ templates !!!!

No prior GDPR knowledge is needed.

We have added new content related to GDPR for HR, GDPR for Cloud Service Providers, DPO role and how to initiate it, PSD 2 and GDPR relationship + more EXAMPLES

************************************************************************

Learn what GDPR regulation is and what is needed in order to achieve GDPR compliance.

The course starts with GDPR foundations, explains data privacy concepts and what GDPR compliance means and also offers documents, policies and procedures that can be reused and adapted for your own organization in order to start GDPR programme.

Part of the documents include GDPR assessment tool, GDPR Data Privacy Impact, GDPR Implementation Guide, GDPR Data Breach Procedure etc

Learn how to hire a DPO (Data Privacy Officer) and what are the needed skills for the job. Also learn how to initiate the role.

You will be able to analyze a company GDPR compliance programme and to think properly by step by step examples. You will be able to use our templates and provide step by step recommendations.

We have included new topics related to GDPR for HR, GDPR for Cloud Service Providers and the DPO role in an organization + how to initiate it.

The course is a complete A to Z GDPR training, so we will cover everything that you need to know. In this way, we will first create the GDPR implementation plan as a first outcome, then I will teach you the basic theory you need to know for being successful in front of clients or management and also that will help you in achieving your CIPT certification.

What is CIPT certification you may ask. So, for the ones that do not heard about it, CIPT is the only technology related certification related to GDPR, developed by IAPP – International Association of Privacy Professionals.

In the end, you will learn how to pass all IAPP certifications, CIPT, CIPM and CIPP/E, not only CIPT, by practicing on real questions!

Every report will end up with recommendations that usually involve technology that can solve GDPR challenges. In this way I will demonstrate some security concepts by using different cloud technologies and we will use Azure cloud as a matter of experiment for this course.

The course is delivered in a mix of over the shoulder lessons and powerpoint presentations. So, either I show you clicks on the screen and how exactly you do different actions, or I present you the full concept using slides. On top of that, you will get downloadable resources that will help you in your journey.

I strongly recommend that you go through every lecture one time and then go back to the beginning and start to take action – in this way everything will get much more sense.

As a student of this course, you will also get regular updates and access to new additional lectures as they are added.

Basic knowledge
  • You should have basic IT Security knowledge
  • You should have basic audit and compliance knowledge
  • You should have basic risk management knowledge
What you will learn
  • Will have a GDPR implementation guide
  • Will have a list of templates/documents that will help them start GDPR programme
  • Understand what GDPR needs in order to achieve compliance
Curriculum
Number of Lectures: 106
Total Duration: 08:59:09
Introduction
  • Set your expectations  

    Set your expectations about what you will get from this GDPR training course

  • Welcome and Intro  

    Understand what you can learn in this GDPR training course

  • A 1st touch of what you will really get in this course  

    Get a view about documents you will get access to in this GDPR training course

GDPR Implementation - short intro guide
  • GDPR short overview  
  • Format and Definitions  
  • Principles  
  • Lawfulness  
  • Consent and right of the data subject  
  • Data Privacy Officer and Data Protection Impact Assessments (DPIA)  
  • Codes of conduct and international transfers  
  • Fines and Penalties  
  • Secure Management Commitment  
  • Plan your project  
  • Define roles and responsibilities  
  • Communication, Awareness and Training  
  • Personal Data Inventory  
  • Right of the Data Subject  
  • DPIA, Breaches and Record Processing  
  • Conclusion  

    GDPR training course - section 2 conclusion

Understanding the need for privacy in IT environment
  • Evolving compliance requirements  
  • Major risks to a company's IT framework  
  • Stakeholder expectations for privacy  
  • Privacy vs Security  
  • IT Governance vs Data Governance  
Core Privacy Concepts
  • Foundational elements for embedding privacy in IT (1)  
  • Foundational elements for embedding privacy in IT (2)  
  • Common Privacy Principles  
Privacy Considerations & Techniques
  • Collection  
  • Use  
  • Disclosure  
  • Retention  
  • Destruction  
  • Authentication techniques  
  • Identifiability  
  • Privacy by Design & Redesign  
Privacy in Systems and Applications
  • Identity and Access Management (IAM)  
  • Credit card information & processing  
  • Remote access, telecommuting and bridging devices to work  
  • Data Encryption  
  • Other Privacy enhancing technologies  
GDPR documentation - how to start?
  • Intro - what we will use and how to get full templates  
  • Gap Assessment  
  • How a message from the management should look like  
  • How to plan your project - preparation!  
  • GDPR Roles  
  • How to Capture Personal Data in a Form  
  • GDPR Privacy Data Protection Policy  
  • Data Subject Request Procedure  
  • Data Protection Impact Assessment (DPIA)  
  • How to treat international transfers  
  • How to treat data breaches  
  • ISO 27K and GDPR mapping  
GDPR compliance for Human Resources
  • Legitimate interests  
  • Changes to employee data management under GDPR  
  • DPOs and DPIAs from HR perspective  
  • Data Breaches & what to take away from that  
  • GDPR terms and how they relate to recruiting?  
  • Source candidates online with care  
  • Ensure you job application process complies with GDPR  
GDPR for Cloud Service Providers (CSPs)
  • Controllers and Processors  
  • CSP as a processor and GDPR  
  • Technical and Organisational measures  
  • Subcontracting  
  • Detailed impact on cloud contracts  
  • Clauses between a processor and a sub-processor  
  • Codes of conduct, certifications and compliance  
  • Important steps to compliance  
Introduction to the Data Privacy Officer (DPO) role
  • Mandatory and Voluntary DPO  
  • GDPR's Requirements for DPOs (skills)  
  • A brief summary of DPOs needed skills  
  • DPO Certification  
  • DPO Professions  
  • DPO Hiring Errors  
Initiating the Data Privacy Officer (DPO) role
  • Defining the Role - Scope  
  • Resources  
  • Outsourcing  
  • Contracting - DPO contract considerations  
  • First Tasks of the DPO  
  • Data Protection Policy  
  • Data and Processing Inventory  
GDPR and Payment Services Directive (PSD2)
  • What is PSD 2 and main objectives  
  • Benefits for consumers  
  • Scope of PSD2 directive  
  • New rules on authorisation and supervision  
  • Security of Payments  
  • New types of service providers - TPPs  
  • Impact of PSD2 to financial services industry  
  • New risks associated with the TPPs  
  • Banks are caught between GDPR and PSD2  
  • Other challenges - GDPR and PSD2  
  • What is Open Banking Consent Model  
  • Consent Step  
  • Authentication Step  
  • Authorisation Step  
  • Redirection  
  • Data Minimisation & Permissions  
How Technology can help in achieving GDPR compliance
  • What you will going to see in this section  
  • Identity Protection demo (AAD IP)  
  • Privileged Identity Management demo (PIM)  
  • Mobile Productivity policies demo (Intune)  
  • Classification, Labelling and Protection of Information demo (AIP)  
  • Cloud application visibility and security demo (Cloud App Sec)  
  • Security in cloud infrastructure environment demo  
  • Defending and remediating endpoints from cloud demo  
Conclusion
  • Final Conclusion  
  • Resource Files  
Reviews (0)