Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Basic principles of personal data processing
- Sources of national and international law
- The scope of application of personal data protection laws
- The scope of powers of the data protection authority
- Judicial protection of the right to the protection of personal data
- GDPR - basic information and definitions - selected issues
- Sector-specific GDPR
- Personal data
- Processing of personal data
- Legal bases for processing personal data
- Administrator's Responsibilities
- Rights of data subjects
- Administrative fines
- Personal Data Protection Act of 10 May 2018 – scope of regulations
- appointing a Data Protection Officer
- Proceedings for infringement of personal data protection laws
- Monitoring compliance with personal data protection regulations
- Civil, criminal and administrative liability
- Conditions for the admissibility of the processing of personal data (ordinary and sensitive data)
- Legal requirements for the institution of entrusting the processing of personal data to other entities
- Data Protection Impact Assessment
- Data protection by design, data protection by default
- Legal bases for the transfer of personal data to a third country
- Protection of personal data in employment relations
Appointment of a Data Protection Officer
- Mandatory appointment of a Data Protection Officer
- Optional appointment of an Inspector
Who can be a Data Protection Officer?
- Qualifications to act as an Inspector
- Form of employment of the Inspector
Status of the Data Protection Officer
- Direct reporting of the Inspector to the top management
- Arranging support for the Supervisor
- Participation of the Inspector in all matters related to the protection of personal data
- Prohibition of giving instructions to the Supervisor as to how he or she shall carry out his or her duties
- Avoiding conflicts of interest in the organization - tasks of the Supervisor
- Prohibition of dismissal and punishment of the Inspector
- The duty of the Inspector to maintain the secrecy or confidentiality of the tasks performed
Information Security Management
- Discussion of the security management system in the organization based on the m.in Polish standards
- Identification of privacy risks and their legal implications
- Principles of risk assessment and assessment of the impact of the application of specific solutions in the field of effectiveness of safety management
- How to understand and apply a risk-based approach – practical completion of the Risk Analysis template
- Personal Data Lifecycle Management
Performing the tasks of the Data Protection Officer (DPO)
- Legal basis for the appointment of the DPO
- Who and when must appoint a DPO and how they will be appointed
- DPO status and qualifications
- DPO's tasks and the rules for planning their performance
- Conducting reports on the compliance of data processing with the provisions on the protection of personal data in traditional and IT systems
- Documenting the activities carried out by the DPO
- Preparation of inspection reports
- Rules for supervising the documentation of personal data processing
- Scope of UODO's powers in relation to DPOs
Practical information on the inspection of the Office for Personal Data Protection
- Requirements of the Office for auditees
- How to prepare for the inspection
- Case study
Hands-on activities
- Development of an exemplary Information Security Policy
- development of management instructions
- Development of a Register of Processing Activities
- Preparation of the so-called Small Personal Data Protection Documentation
- Case study
- The most common errors in the preparation of documentation
Additional materials for course participants:
Useful forms and templates:
- Consent to the use and dissemination of the image
- Event- newsletter entry
- Consent to send you an offer
- Sending offer emails
- Sending general emails
- Example of a personal data protection policy
- Template for the preparation of the information obligation, in accordance with the GDPR, together with the instructions
- Risk analysis template
- Register of personal data processing activities – template
- Register of categories of processing activities – template
- GDPR Breach Register – Template
- GDPR Compliance Checklist Template
- Instructions on how to proceed in the event of a breach of personal data protection regulations
- Data Protection Breach Report Template
- Register of security incidents and corrective and preventive actions
- Register of corrigenda
- Register of restorations
- Model corrigendum
- Restoration pattern
- Model Objection
- A model contract excluding further processing of personal data
- Sample consents for competitions, marketing, publications
- Obligation to provide information to ferry crossing
- Obligation to provide information monitoring of the meeting
- Obligation to provide information on recruitment
- Obligation to provide information to the National Revenue Administration
- Information obligation of the LES
- Public Procurement Law (UCoC) information obligation
- Information obligation: Labour Code
- Tax information obligation
- Authorization to process personal data for employees: a template to be filled in with an example
- Notification of a breach to data subjects – template
- Personal Data Processing Agreement for the Controller – template
- Personal Data Processing Agreement for the Processor
- And many more
Requirements
Audience
- Individuals who are starting to act as a Data Protection Officer
- Individuals who will be appointed to this position in the future
21 Hours
Testimonials (1)
I generally enjoyed the knowledge of the trainer.
