3 day GDPR: The role and responsibilities of the Data Protection Officer
The General Data Protection Regulation sets out the requirements for the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Included in the requirements of the GDPR is the need for a Data Protection Officer. Article 39 sets out the responsibilities of the Data Protection Officer.
The data protection officer shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.
This 3 day course provides delegates with a general understanding of the General Data Protection Regulation and specific guidance on the role and responsibilities of the Data Protection Oficcer. Delegates will benefit from the practical experience of a practicing data protection officer with over 20 years experience working for international companies in Europe.
Participants will learn more about:
- Overview of the General Data Protection Regulation (GDPR)
- Understanding the principles for the lawful processing of personal data
- What are the privacy management objectives
- The role of the Data Protection Officer
- Tasks and support tools for the Data Protection Officer
- Why the data protection impact assessment is important?
- Tools that support the Data Protection Officer (live demonstration)
- Handling data subject requests
- Verification of operator assertions - measuring compliance
- When is certification acceptable
- Monitoring and evaluating effectiveness - selecting performance measures
- Monitoring by competent authorities
- Frameworks and standards that will assist with addressing the GDPR obligations (ISO, COBIT)
- Designing and implementing a Privacy Management System
- Monitoring continuous improvement and encouraging compliance.