1
Type Speaker CPD Hours Level
Webinar
5 IntroductionInformation
Accreditation Information
SRA Competency B

Introduction

This webinar series of 10 x 30 minute modules presented by Robert Bond will explore in detail the GDPR.

The modules will consider lawful grounds for processing through to international data transfers.

Module 1 - Introduction to the GDPR

Over 2 years ago the EU General Data Protection Regulation (GDPR) came into force. Impacting EU controllers and processors and having an extra territorial application, and with increased data subject rights and greater enforcement and fines, businesses rushed to put compliance programmes in place. Businesses of all sizes are still grappling with that practical aspects of compliance.

This module will examine key aspects of the GDPR and will include:

  • Definitions
  • Applicability
  • Principles
  • Grounds for processing
  • Data subject rights
  • Enforcements and fines

Module 2 - Data Protection Principles

The GDPR reflected the usual data protection principles in a slightly new way, introducing concepts of ‘transparency’ and ‘accountability’. Failure to follow the principles is a breach of the GDPR and can lead to enforcement, fines and claims for compensation. Understanding how the principles need to be followed and promulgated through policies, procedures and training is important.

This module will cover:

  • Overview of the principles
  • Fair and lawful processing and transparency
  • Accountability
  • International data transfer
  • Data subject rights
  • Data security

Module 3 - Lawful Grounds for Processing

In order to legally process personal data the business needs to establish one or more lawful grounds for processing. Whilst the GDPR raised the bar regarding consent, it is not the only ground for processing personal data.

This module will look at the six grounds for processing and highlight:

  • The six lawful grounds for processing
  • Consent vs the other grounds
  • How to use legitimate interest legitimately
  • When to inform individuals of the grounds for processing
  • Where to record the lawful grounds
  • The interface between the lawful grounds and data subject rights

Module 4 - Data Subject Rights

Under the GDPR individuals have a range of rights from information and access to portability and erasure and to rectification and objection and compensation. There are strict timelines in which to respond to data subject requests and a limited but important number of exemptions.

This module will cover:

  • Right to information
  • Right of access
  • Right of erasure and restriction
  • Right to object
  • Right to compensation
  • Right to exemptions

Module 5 - Managing Data Incidents

It is not a matter of if but when a data breach will happen. Not all data incidents are reportable data breaches but they are all an issue to be planned for. Data incidents may be the result of internal or external actions or inactions. Preparing for and responding to data incidents as are important as preventing them.

This module will cover:

  • Examples of internal and external threats
  • How to minimise risks
  • Internal and external due-diligence
  • Reporting an incident
  • The cost of non-compliance

Module 6 - International Data Transfers

The GDPR restricts transfer of personal data from the EU (and the EEA) to countries that do not adequately protect the rights of individuals. Apart from consent, contractual necessity and other limited exceptions, transfers have to be controlled by provisions such as the Privacy Shield for the USA, Binding Corporate Rules (BCR) and Standard Contractual Clauses (SCC).

This module will address the latest news on:

  • SCC
  • BCR
  • Privacy Shield
  • Codes of Conduct
  • Seals and certifications
  • Post Brexit issues

Module 7 - Data Protection Impact Assessments and Data Protection by Default

Data Protection Impact Assessments (DPIA) and Data Protection by Default are key requirements of the GDPR. DPIA are mandatory in a number of cases. Data Protection by default and design is a pre-requisite to compliance with the GDPR.

This module will advise on how to adhere to data protection by default and how and when to use a DPIA and will cover:

  • Implementing Data Protection by Design and Default
  • What is a DPIA
  • When to use a DPIA
  • Who should be involved in a DPIA
  • How to develop a DPIA

Module 8 - Data Processing and Data Sharing Agreements

Although processors are subject to certain aspects of the GDPR, it is the controller that bears most responsibility and liability for compliance - in particular the contractual requirements when using a processor. When there are joint controller situations both parties need to contractually control their respective duties.

This module will discuss:

  • Processor obligations
  • Controller obligations
  • Joint controller agreement
  • Due diligence issues

Module 9 - ePrivacy and Cookies

The ePrivacy Directive, PECR and the draft ePrivacy Regulation are an important issue when addressing data protection compliance. The use of first party and third party cookies as well as location data are a key component of the digital world but data protection authorities have been focussing their attention on the topics of transparency and permissions when cookies and tracking are used.

This module will cover:

  • The current legal regime
  • Cookies are similar technology
  • The advice from the regulators
  • Recent case law
  • Future developments

Module 10 - GDPR vs Other Global Data Protection Laws

Since the GDPR came into force other jurisdictions have been either upgrading their data protection laws or creating new data protection regimes.

This module will examine global data protection laws and compare them with the GDPR and will cover:

  • Developments in the USA
  • Developments in South America
  • Developments in Africa
  • Developments in the Middle East
  • Developments in the APEC region

This webinar was recorded on 19th October 2020

New: Enjoy unlimited 24/7 access to over 983 webinars with an MBL Annual Webinar Subscription. Email webinarsubscription@mblseminars.com for details.

Book now Information

Added to basket

Webinar | On Demand

Unlimited Viewers | 4.75hr


GDPR & Data Protection - 10 Essential Online Modules

Checkout
Continue Shopping
ON DEMAND
4.75hr
Unlimited viewers
at your organisation
Prices (ex VAT)
Smart
Plan Information
Season
Ticket Information
Standard
Unlimited User Licence
£250
£500
£1000
New: Enjoy unlimited 24/7 access to over 983 webinars with an MBL Annual Webinar Subscription. Email webinarsubscription@mblseminars.com for details.

Related Events