Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Fundamental Principles of Personal Data Processing
- Sources of national and international law
- Scope of application for personal data protection laws
- Powers and authorities of the data protection authority
- Judicial protection regarding the right to personal data protection
- GDPR - Essential information and definitions - Key issues
- Sector-specific GDPR applications
- Definition of Personal Data
- Processes involved in data processing
- Legal bases for processing personal data
- Responsibilities of the Data Controller
- Rights of data subjects
- Administrative fines and penalties
- Personal Data Protection Act of 10 May 2018 - Scope of regulations
- Procedures for appointing a Data Protection Officer
- Proceedings related to violations of personal data protection laws
- Monitoring compliance with personal data protection regulations
- Civil, criminal, and administrative liability
- Conditions for lawful processing of personal data (general and sensitive data)
- Legal requirements for entrusting personal data processing to third parties
- Data Protection Impact Assessment (DPIA)
- Data protection by design and by default
- Legal bases for transferring personal data to third countries
- Protection of personal data within employment relationships
Appointment of a Data Protection Officer
- Mandatory criteria for appointing a Data Protection Officer
- Optional appointment scenarios
Eligibility Criteria for a Data Protection Officer
- Required qualifications for the role
- Employment arrangements for the DPO
Status and Role of the Data Protection Officer
- Direct reporting lines to top management
- Ensuring adequate support for the DPO
- Involvement in all matters pertaining to personal data protection
- Prohibition of directives regarding how duties are performed
- Avoiding conflicts of interest - Key responsibilities
- Protection against dismissal and sanctions
- Duty to maintain confidentiality regarding performed tasks
Information Security Management
- Discussion of organizational security management systems based on Polish standards, among others
- Identification of privacy risks and their legal implications
- Principles of risk assessment and evaluating the impact of security solutions
- Understanding and applying a risk-based approach - Practical completion of the Risk Analysis template
- Personal Data Lifecycle Management
Fulfilling the Duties of the Data Protection Officer (DPO)
- Legal basis for DPO appointment
- Who must appoint a DPO, when, and how the appointment is executed
- DPO status and required qualifications
- DPO tasks and rules for planning their execution
- Conducting compliance reports for data processing in traditional and IT systems
- Documenting DPO activities
- Preparation of inspection reports
- Rules for supervising personal data processing documentation
- Powers of the Office for Personal Data Protection (UODO) concerning DPOs
Practical Guidance on Inspections by the Office for Personal Data Protection
- Requirements for audited entities
- How to prepare for an inspection
- Case study analysis
Practical Exercises
- Development of an exemplary Information Security Policy
- Drafting management instructions
- Development of a Register of Processing Activities
- Preparation of basic personal data protection documentation
- Case study
- Review of common documentation errors
Additional Materials for Course Participants:
Useful Forms and Templates:
- Consent for image use and dissemination
- Event newsletter enrollment form
- Consent to receive a service offer
- Template for sending offer emails
- Template for general correspondence emails
- Example of a Personal Data Protection Policy
- Template for preparing the information obligation notice in accordance with GDPR, including instructions
- Risk analysis template
- Register of personal data processing activities - Template
- Register of processing activity categories - Template
- GDPR Breach Register - Template
- GDPR Compliance Checklist Template
- Instructions for handling personal data protection breaches
- Data Protection Breach Report Template
- Register of security incidents and corrective/preventive actions
- Register of corrections
- Register of restorations
- Model correction template
- Restoration pattern template
- Model objection form
- Model contract excluding further personal data processing
- Sample consents for competitions, marketing, and publications
- Information obligation for ferry crossings
- Information obligation for meeting monitoring
- Information obligation regarding recruitment
- Information obligation for the National Revenue Administration
- Information obligation for LES entities
- Public Procurement Law (UCoC) information obligation
- Information obligation: Labour Code
- Tax information obligation
- Authorization to process employee personal data: Template with example
- Notification of breach to data subjects - Template
- Personal Data Processing Agreement for the Controller - Template
- Personal Data Processing Agreement for the Processor
- And many more resources
Requirements
Target Audience
- Individuals who are newly appointed or beginning to act as Data Protection Officers.
- Individuals who are expected to be appointed to this role in the future.
21 Hours
Testimonials (1)
The variety of the information shared and the clarity to explain terms in plain English.
