ΠΕΡΙΓΡΑΦΗ

One of the new obligations introduced by the General Data Protection Regulation (GDPR) is the requirement to conduct a Data Protection Impact Assessment (DPIA) for the processing activities that are likely to pose a high risk to the data subjects’ rights and freedoms. 

The DPIA is a key risk assessment process outlined in the requirements of the General Data Protection Regulation (GDPR), as it helps organisations make an early evaluation of the impact a business process might have on the privacy of the individuals involved. 

This workshop provides participants with the practical knowledge needed to complete a data protection impact assessment (DPIA) that will reduce privacy risks as early as possible and identify the various risks arising from processing personal data. 

ΣΚΟΠΟΣ ΣΕΜΙΝΑΡΙΟΥ

• Understand the principles and basics of GDPR  
• Learn how to develop a DPIA 
• Master how to implement a DPIA project  
• Apprehend how to monitor the results and take required action  
• Outline the impact assessment applicable to their organisation 
• Identify the need to conduct a data protection impact assessment 
• Lead and participate in data protection impact assessments 
• Identify and assess the risks to which data subjects are exposed 
• Prepare a report which includes all the necessary information

ΣΕ ΠΟΙΟΥΣ ΑΠΕΥΘΥΝΕΤΑΙ

The programme is ideal for: 

• Data Protection Officers (DPOs) 
• Data Privacy/Protection Specialists 
• Data Controllers  
• Data Protection Auditors (internal and external)  
• Individuals who will be assigned as DPOs 
• Internal Auditors and People working in IT Audits 
• Risk Managers and Business Process Managers  
• HR Managers 
• Project Managers 
• Business Continuity Managers 
• IT Security Officers 
• Compliance Officers 
• Risk Managers / Officers 
• Anyone participating in the data protection impact assessment within their own organisation 

ΠΕΡΙΣΣΟΤΕΡΕΣ ΠΛΗΡΟΦΟΡΙΕΣ

Training Outline

GDPR Overview  

• Introduction about GDPR 
• Purpose of the GDPR 
• GDPR Terminology & Techniques 
• The 7 Principles of DPIA  

Data Protection Impact Assessment (DPIA) 

• Definition of a DPIA 
• Legal Requirements for a DPIA 
• Objectives of a DPIA 
• Benefits of a DPIA 
• Four Stages of a DPIA 
• Content of DPIA and Indicative Questions When Conducting a DPIA 
• Processes Considered for a DPIA 
• DPIA Decision Path 
• How to develop and Conduct a DPIA 
• Signing Off a DPIA 
• How to Implement a DPIA Project  
• How to Monitor the Results and Take Required Action  
• Responsibilities Regarding DPIA 
• What Triggers a DPIA  
• When Should a DPIA be Carried Out? 
• When is a DPIA Not Required? 
• Is There an Obligation to Publish the DPIA? 
• When Must Supervisory Authority Be Consulted? 
• Mitigating Risks Identified by a DPIA 
• Why and How to Conduct a Data Flow Mapping Exercise 
• Two Case Studies 

Regulatory Fines Resulting from Inappropriate DPIAs 

National Regulators Recommendations and Guidance 

Conclusion and Recommendations

Training Style 

The programme is designed to deliver knowledge and enhance participants’ skills via short lectures, case-studies and practical examples. Participants will be able to engage in discussions surrounding the principles of Data Protection Impact Assessment and understand all the practical knowledge needed to perform a data protection impact assessment (DPIA). They will also benefit from feedback at the end of the programme and take away the knowledge gained to be transferred at their workplace.  

CPD Recognition

This programme may be approved for up to 7 CPD units in GDPR. Eligibility criteria and CPD Units are verified directly by your association, regulator or other bodies which you hold membership.

In-house Training

For groups within the same organisation, this course may be customized to meet any specific needs and delivered in-house.