GDPR Training

Online Instructor-led (4 days)

Online Self-paced (32 hours)

Official EU General Data Protection Regulation (EU GDPR) Foundation Exam

Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner

Module 1: Introduction to the GDPR 

  • GDPR in a Nutshell
  • Generate Customer Confidence
  • Focus of GDPR
  • What is Personal Information?
  • Who has PII?
  • Lawful Processing of Personal Data

Module 2: Binding Corporate Rules 

  • Introduction
  • Scope
  • UK ICO’s View of the Scope
  • Processing GDPR Definition
  • Who Processes PII?
  • What is Special Data?
  • Legal Framework
  • Timeline and Derogations
  • Some Key Areas for Derogation
  • Data Breaches/Personal Data Breach
  • Consequences of Failure
  • Governance Framework

Module 3: GDPR Terminology and Techniques 

  • Key Roles
  • Data Set
  • Subject Access Request (SAR)
  • Data Protection Impact Assessments (DPIA)
  • What Triggers a Data Protection Impact Assessment?
  • DPIA is Not Required
  • Processes to be Considered for a DPIA
  • Responsibilities
  • DPIA Decision Path
  • DPIA Content
  • How Do I Conduct a DPIA?
  • Signing Off the DPIA
  • Mitigating Risks Identified by the DPIA
  • Privacy by Design and Default
  • External Transfers
  • Profiling
  • Pseudonymization
  • Principles, User Rights, and Obligations
  • One Stop Shop

Module 4: Structure of the Regulation 

  • Parts of the GDPR
  • Format of the Articles
  • Articles

Module 5: Principles and Rights 

  • Introduction
  • Legality Principle
  • How the Permissions Work Together?
  • Lawfulness of Processing Conditions
  • Lawfulness for Special Categories of Data
  • Criminal Offence Data
  • Consent
  • Transparency Principle
  • Fairness Principle
  • Rights of Data Subjects
  • Purpose Limitation Principle
  • Minimization Principle
  • Accuracy Principle
  • Storage Limitation Principle
  • Integrity and Confidentiality Principle
  • Accountability Principle

Module 6: Demonstrating Compliance 

  • Demonstrating Compliance with the GDPR
  • Impact of Compliance Failure
  • Administrative Fines
  • What Influences the Size of an Administrative Fine?
  • Joint Controllers
  • Processor Liability Under GDPR
  • Demonstrating Compliance
  • Protecting PII is Only Half the Job
  • What must be Recorded?
  • Additional Ways of Demonstrating Compliance
  • Demonstrating a Robust Process
  • PIMS (Personal Information Management System)
  • Cyber Essentials
  • ISO 27017 Code of Practice for Information Security Controls
  • Risk Management

Module 7: Incident Response and Data Breaches 

  • What is a Personal Data Breach?
  • Notification Obligations
  • What Breaches Do I Need to Notify the Relevant Supervisory Authority About?
  • What Information Must Be Provided to the SA?
  • How do I Report a Breach to the SA?
  • Notifying Data Subjects
  • What Should I do to Prepare for Breach Reporting?
  • Updating Policies and Procedures
  • Breach Reporting and Responses
  • Ways to Minimize the Breach Impact

Module 8: Understanding the Principle Roles

  • What does the GDPR Makes Businesses Responsible For?
  • Difference Between a Data Controller and a Data Processor
  • How the Roles Split?
  • Controllers and Processors
  • Main Obligations of Data Controllers
  • Demonstrate Compliance
  • Joint Controllers and EU Representative
  • Controller-Processor Contract
  • Maintain Records and Keeping Records for Small Businesses
  • Cooperation with Supervisory Authorities
  • Keeping PII Secure
  • Data Breach Transparency
  • Role of the Data Processor
  • Controller-Processor Contract
  • Main Obligations of the Processor
  • Perform Only the Data Processing Defined by the Data Controller
  • Update the Data Controller
  • Sub-Process or Appointment
  • Keep PII Confidential
  • Maintaining Records
  • Cooperate with Supervisory Authorities
  • Security
  • Appoint a DPO – If Necessary
  • Transferring Data Outside the EU

Module 9: Role of the DPO

  • Role of a Data Protection Officer
  • Involvement of the DPO
  • Main Responsibilities of the DPO
  • Working Environment for the DPO
  • Must We Have A DPO?
  • Public Body
  • What does Large Scale mean?
  • Systematic Monitoring
  • Who Can Perform the Role of DPO?
  • Skills Required
  • Monitoring Compliance
  • Training and Awareness
  • Data Protection Impact Assessments (DPIAs)
  • Risk-Based Approach
  • Business Support for the DPO
  • DPO Independence
  • DPO – Conflict of Interest

Module 10: UK Implementation

  • Key Differences Between the Data Protection Act and the GDPR
  • Highlights from the Data Protection Bill
  • Definition of Controller
  • Health, Social Work, Education, and Child Abuse
  • Age of Consent
  • Exemptions for Freedom of Expression
  • Research and Statistics
  • Archiving in the Public Interest

Module 11: Key Features

  • Specific Permission
  • Privacy by Design
  • Data Portability
  • Right to be Forgotten
  • Definitive Consent
  • Information in Clear Readable Language
  • Limits on the Use of Profiling
  • Everyone Follows the Same Law
  • Adopting Techniques

Module 12: Subject Access Requests and How to Deal with them?

  • Subject Access Requests (SAR)
  • Dealing with SAR
  • Recognize the Request
  • Understand the Time Limitations
  • Dealing with Fees and Excessive Requests
  • Identify, Search, and Gather the Requested Data
  • Learn about What Information to Withhold
  • Developing and Sending a Response

Module 13: Data Subject Rights

  • Must I Always Obey a Right?
  • Rights and Third Parties
  • Requests Made on Behalf of Other Data Subjects
  • Guidelines for Children's Maturity
  • Responding to a Rights Request
  • What is a Month?
  • Rights Request Flow Chart
  • Right to be Informed
  • When Should Information Be Provided?
  • Best Practice Guidance
  • Right of Access
  • Right to Rectification
  • Right to Erasure
  • When can I Refuse to Comply with a Request for Erasure?
  • Erasing Children's Data
  • Right to Restrict Processing
  • When Processing Should be Restricted?
  • Protecting PII
  • Other Issues about Restricting Processing
  • Right to Data Portability
  • Right to Object
  • Complying with the Right to Object
  • Rejecting the Right to Object
  • Processing for Direct Marketing Purposes
  • Processing for Research Purposes
  • Rights Related to Automated Decision Making and Profiling
  • When does the Right not apply?

Module 14: Subject Access Requests

  • Provenance
  • Overview: SARs
  • SAR is an Activity, Not a Title
  • How can a SAR be Submitted?
  • What Information Should the Response to a SAR Contain?
  • Additional Information
  • Replying to a SAR
  • Confirming a Data Subject’s Identity
  • Scope
  • Electronic Records
  • Non-Electronic Records
  • SARs Involving 3rd Party PII
  • Fees
  • Refusing a Subject Access Request
  • Access Requests from Employees
  • Credit Reference Agencies
  • Best Practice for SARs

Module 15: Lawful Processing

  • Lawful Processing: A Reminder
  • User Rights Change Depending on the Justification
  • Lawfulness of Processing Conditions
  • Lawfulness for Special Categories of Data
  • UK ICO Tool
  • Consent
  • Key Points About Consent
  • Affirmative Action and Explicit Consent
  • Introduction of Affirmative Action
  • What is Not Affirmative Action?
  • Examples of Affirmative Action from the ICO
  • Introduction of Explicit Consent
  • Explicit Statement
  • Obtaining Explicit Consent
  • ICOs View of a Poor Form of Explicit Consent
  • Obtaining Consent for Scientific Research Purposes
  • Getting Consent
  • What Should Go into the Consent Request?
  • Consent Granularity
  • Right to Withdraw Consent
  • Children
  • Consent Records
  • ICOs Examples of Record Keeping
  • Key Points When Establishing Consent
  • Legitimate Interests
  • Getting the Balance Right
  • Consent or Legitimate Interest?
  • What Lawful Basis Can be Used for Processing Marketing PII?

Module 16: Third Country Data

  • Cross Border Transfers
  • Transfer Mechanisms
  • Derogations
  • Adequacy
  • Adequate Ways to Safeguard Transfers of PII
  • Consent
  • One-Off or Infrequent Transfers
  • Who is Responsible?
  • Transferring PII Between EEA Members
  • Adequate Countries Outside of the EEA
  • Binding Corporate Rules (BCR)
  • What a BCR Must Cover?
  • Authorization for BCRs
  • EU-US Privacy Shield
  • Privacy Shield Overview
  • Privacy Shield: Mechanics
  • Model Clauses
  • Public Authority Agreements

Module 17: Introduction to Protecting Personal Data

  • Need to Secure
  • What is Appropriate?
  • Protecting PII – 3 Key Areas
  • Coverage
  • Defensive Design
  • Single Point of Failure (SPOF)
  • Incident Response
  • Data Breach Reporting Requirements
  • Incident Response Team

Module 18: Data Protection Impact Assessments (DPIA)

  • Introduction
  • What Triggers a Data Protection Impact Assessment?
  • Cases Where DPIA is Not Required
  • Benefits of DPIA
  • Processes to be Considered for a DPIA
  • Responsibilities
  • DPIA Decision Path
  • DPIA Content
  • How Do I Conduct A DPIA?
  • Signing Off the DPIA
  • Mitigating Risks Identified by the DPIA

Module 19: Need Want Drop

  • Overview
  • Need-Want-Drop: Concept Diagram
  • Need-Want-Drop: Categorizing Data
  • Need/Want/Drop Methodology

Module 20: Dealing with Third Parties and Data in the Cloud

  • What is Cloud Computing?
  • Myths of Cloud
  • Cloud Challenges
  • Controller-Processor Contract
  • Checklist
  • Data Controller - Summary

Module 21: Practical Implications: GDPR

  • Brexit and its Impact on the GDPR
  • Adequacy
  • What does this Mean in Practice?
  • EU and UK Representatives
  • Exemption Rule
  • One-Stop Shop

Module 22: Legal Requirements of the GDPR

  • Lawful, Fair, and Transparent Processing
  • Limitation of Purpose, Data and Storage
  • Data Subject Rights
  • Consent
  • Personal Data Breaches
  • Privacy by Design
  • Data Protection Impact Assessment
  • Data Transfers
  • Data Protection Officer
  • Awareness and Training

Module 23: Privacy Principles in GDPR

  • Lawfulness, Fairness, and Transparency
  • Purpose Limitation
  • Data Minimization
  • Accuracy
  • Storage Limitation
  • Integrity and Confidentiality

Module 24: Common Data Security Failures, Consequences, and Lessons to be Learnt

  • Common Data Security Failures
  • Consequences
  • Fines Relating to Data Breaches
  • Litigation from Customers Relating to Data Breaches
  • Directors, Officers, and Professional Advisors
  • Reputational Damage
  • Lesson Learned
  • Knowing When and How to Communicate with Affected Individuals is Not Easy
  • GDPR is Important, as are Other Legal Frameworks

Show moredown

Who should attend this Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Course?

The Certified EU GDPR Foundation and Practitioner Course in the United States aims to educate professionals about the details of the GDPR and how to implement and comply with its provisions. This GDPR Training Course can be beneficial for the professionals, including:

  • Data Protection Officers
  • Data Privacy Lawyers
  • IT Security Professionals
  • Compliance Officers
  • Privacy Professionals
  • Legal Professionals
  • Risk and Compliance Managers
  • IT Consultants

Prerequisites of the Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Course

There are no formal prerequisites required for the Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Course.

Certified EU General Data Protection Regulation Foundation and Practitioner Course Overview

This Data Protection is paramount, and the Certified EU General Data Protection Regulation (GDPR) Foundation and Practitioner Course in the United States provides a comprehensive understanding of the GDPR, which is a critical regulation to be aware of when organizations work across countries. With an increasing focus on privacy and data security, mastering GDPR is essential for professionals dealing with personal data.

Proficiency in GDPR Training in the United States is vital for professionals such as Data Protection Officers, Compliance Officers, and IT professionals. The course equips individuals with the knowledge and skills needed to ensure compliance with GDPR requirements, fostering a data protection culture within organizations.

This intensive 4-day GDPR Training in the United States delegates with a deep understanding of the GDPR framework. It covers both foundational principles and practical applications, enabling delegates to navigate the complexities of GDPR compliance. The course enhances practical skills, ensuring delegates can effectively implement and manage data protection measures within their organizations.

Course Objectives:

  • To comprehend the key principles and concepts of the GDPR
  • To understand the rights of data subjects and the obligations of data controllers and processors
  • To gain practical insights into conducting Data Protection Impact Assessments (DPIAs)
  • To develop proficiency in managing data breaches and incident responses
  • To acquire the skills needed for effective GDPR compliance audits
  • To establish comprehensive data protection policies and procedures
  • To grasp the intricacies of international data transfers and third-party relationships

After completing this GDPR Course in the United States, delegates will receive a Certified EU GDPR Foundation and Practitioner Certification. This GDPR Training Certification enhances career prospects and demonstrates a commitment to the highest data privacy and security standards.

Show moredown

What’s included in this Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Course?

  • Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Examination
  • World-Class Training Sessions from Experienced Instructors
  • Certified EU General Data Protection Regulation (EU GDPR) Foundation and Practitioner Certificates
  • Digital Delegate Pack

Show moredown

EU GDPR Foundation Exam Information

To achieve the Certified EU General Data Protection Regulation (EU GDPR) Foundation, candidates will need to sit for an examination. The exam format is as follows: 

  • Question Type: Multiple Choice 
  • Total Questions: 45 
  • Total Marks: 45 Marks 
  • Pass Mark: 65%, or 29/45 Marks 
  • Duration: 60 Minutes 
  • Open Book/ Closed Book: Closed Book

EU GDPR Practitioner Exam Information

To achieve the Certified EU General Data Protection Regulation (EU GDPR) Practitioner, candidates will need to sit for an examination. The exam format is as follows: 

  • Question Type: Multiple Choice 
  • Total Questions: 30 
  • Total Marks: 30 Marks 
  • Pass Mark: 57%, or 17/30 Marks 
  • Duration: 90 Minutes
  • Open Book/ Closed Book: Closed Book

Show moredown

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Dealing with Subject Access Requests (SAR) Course Outline

Module 1: Introduction

  • Data Subject Access Request
  • GDPR
  • 8 Rights of Data Subjects

Module 2: Recognizing Subject Access Requests

  • What is a SAR?
  • SAR Parameters
  • SAR Formats
  • Requests on Behalf of Others
  • Verifying Identity
  • Requests on Behalf of Children
  • Recording SARs

Module 3: Responding to Subject Access Requests

  • What Information is Needed?
  • How Should we Provide it?
  • Fees
  • Timeframes

Module 4: Extenuating Circumstances

  • Extending the Response Time
  • Refusing to Comply
  • Special Category Data

Module 5: Further Considerations

  • Fines
  • Changes from the Data Protection Act (1998)
  • The Role of the Supervisory Authority

Show moredown

Who should attend this Dealing with Subject Access Requests (SAR) Course?

This Dealing with Subject Access Requests (SAR) Course is ideal for professionals and individuals within organizations in the United States who handle personal data and are tasked with managing compliance with data protection regulations, particularly the General Data Protection Regulation (GDPR). This GDPR Training Course is particularly beneficial for the following professionals:

  • Data Protection Officers (DPOs)
  • Compliance & Risk Officers
  • Legal Professionals & Corporate Lawyers
  • HR Professionals
  • IT Managers and Data Managers
  • Customer Support & Service Managers
  • Information Officers
  • Privacy Officers

Prerequisites of the Dealing with Subject Access Requests (SAR) Course

There are no formal prerequisites for attending the Dealing with Subject Access Requests (SAR) Course.

Dealing with Subject Access Requests (SAR) Course Overview

Dealing with Subject Access Requests (SAR) is crucial to data protection and privacy compliance. SARs grant individuals the right to access the data held by organizations, making it essential for businesses to have a clear and efficient process for responding to these requests. Understanding how to navigate SARs is fundamental for organizations aiming to uphold data subject rights and comply with data protection regulations, such as the General Data Protection Regulation (GDPR). 

Proficiency in GDPR Training in the United States is pivotal for professionals navigating the realms of data protection, privacy, and compliance. Legal experts, Data Protection Officers, and professionals in Human Resources will find mastering SAR essential. As safeguarding personal information becomes paramount, individuals with expertise in SAR play a pivotal role in ensuring organizational compliance with privacy regulations.

This intensive 1-day GDPR Training in the United States delegates with a comprehensive understanding of SAR processes, empowering them to navigate the complexities of data access requests effectively. Through interactive sessions and real-world case studies, participants will gain practical skills, enabling them to respond to SARs accurately and efficiently.

Course Objectives:

  • To provide a foundational understanding of Subject Access Requests (SAR)
  • To explore the legal and ethical implications of SAR and its intersection with data protection
  • To equip delegates with practical skills for managing and responding to SAR in compliance with regulations
  • To delve into real-world case studies, fostering a contextual understanding of SAR scenarios
  • To empower professionals to develop proactive strategies for SAR handling within their organizations
  • To ensure delegates comprehend the intricacies of SAR documentation and record-keeping

After completing this GDPR Course, delegates will receive a certification validating their proficiency in handling Subject Access Requests. This GDPR Certification signifies a deep understanding of the EU data protection regulations, which is a critical bit of information that helps professionals in the United States work better.

Show moredown

What’s included in this Dealing with Subject Access Requests (SAR) Course?

  • World-Class Training Sessions from Experienced Instructors
  • Dealing with Subject Access Requests (SAR) Certificate
  • Digital Delegate Pack

Show moredown

Online Instructor-led (2 days)

Online Self-paced (16 hours)

Dealing with Subject Access Requests (SAR) - An Executive Briefing Course Outline

Module 1: Recognizing SARs

  • Defining Data Subjects
  • Rights of Data Subjects
  • What is a SAR?
  • Purpose of SAR
  • Complying with an SAR
  • SAR Parameters

Module 2: Recording SARs

  • SAR Formats
  • Steps to Make SAR
  • Verifying Identity
  • How to Verify the Identity?
  • Requests on Behalf of Others

Module 3: Responding to SARs

  • What Information is Needed?
  • How Should We Provide It?
  • Fees
  • Timeframes
  • Extending the Response Time

Module 4: Refusing SARs

  • Special Category Data
  • Information for Special Category Data
  • Unfounded or Excessive Requests
  • Excessive Requests
  • Refuse to Comply with a Request
  • Fines

Show moredown

Who should attend this Dealing with Subject Access Requests (SAR) - An Executive Briefing Course?

The Dealing with Subject Access Requests (SAR) - An Executive Briefing Course in the United States is designed to enlighten attendees about the procedures and legal obligations concerning Subject Access Requests under data protection laws This GDPR Training Course can be beneficial for a variety of professionals, including:

  • C-Level Executives and Business Leaders
  • Chief Privacy Officers (CPOs)
  • Risk Managers
  • Data Protection Officers (DPOs)
  • Compliance Officers
  • Information Security Officers
  • HR Directors
  • IT Leaders

Prerequisites of the Dealing with Subject Access Requests (SAR) - An Executive Briefing Course

There are no formal prerequisites for attending the Dealing with Subject Access Requests (SAR) - An Executive Briefing Course.

Dealing with Subject Access Requests (SAR) - An Executive Briefing Course Overview

Embark on a comprehensive exploration of the EU General Data Protection Regulation (EU GDPR) in our Certified Foundation Course. In an era dominated by digital transactions and data-driven operations, understanding GDPR in the United States is crucial for businesses to navigate the complex data protection and privacy landscape. This training covers GDPR principles, legal requirements, and practical implications for compliance in the digital age.

Proficiency in GDPR Training in the United States is paramount for professionals dealing with personal data, including Data Protection Officers, IT Managers, Legal Professionals, and Compliance Officers. Individuals seeking a career in data protection and privacy management will find this GDPR Course instrumental in enhancing their expertise.

This intensive 2-day GDPR Training in the United States delegates with a deep understanding of GDPR's intricacies, fostering a proactive and compliance-oriented mindset. Through interactive sessions, real-world case studies, and expert-led discussions, delegates gain practical insights into implementing GDPR principles within their organizations. The course provides actionable knowledge that enables professionals to navigate the evolving regulatory landscape confidently.

Course Objectives:

  • To comprehend the core principles and legal requirements of EU GDPR
  • To identify and assess data protection risks within organizational processes
  • To implement effective data protection measures and controls
  • To understand individuals' rights and obligations concerning personal data
  • To create and maintain GDPR compliance documentation
  • To develop incident response strategies for data breaches
  • To cultivate a privacy-focused culture within the organization

After completing this GDPR Course in the United States, delegates will receive the Certified EU GDPR Foundation designation, validating their knowledge and commitment to data protection best practices. This GDPR Training Certification not only enhances professional credibility but also opens doors to advanced GDPR Courses and specialized roles in data protection.

Show moredown

What’s included in this Dealing with Subject Access Requests (SAR) - An Executive Briefing Course?

  • World-Class Training Sessions from Experienced Instructors
  • Dealing with Subject Access Requests (SAR) - An Executive Briefing Certificate
  • Digital Delegate Pack

Show moredown

Online Instructor-led (2 days)

Online Self-paced (16 hours)

Official EU General Data Protection Regulation (EU GDPR) Foundation Exam

Certified EU General Data Protection Regulation (EU GDPR) Foundation Course Outline

Module 1: Introduction to the GDPR 

  • GDPR in a Nutshell
  • Generate Customer Confidence
  • Focus of GDPR
  • What is Personal Information?
  • Who has PII?
  • Lawful Processing of Personal Data

Module 2: Binding Corporate Rules 

  • Introduction
  • Scope
  • UK ICO’s View of the Scope
  • Processing GDPR Definition
  • Who Processes PII?
  • What is Special Data?
  • Legal Framework
  • Timeline and Derogations
  • Some Key Areas for Derogation
  • Data Breaches/Personal Data Breach
  • Consequences of Failure
  • Governance Framework

Module 3: GDPR Terminology and Techniques 

  • Key Roles
  • Data Set
  • Subject Access Request (SAR)
  • Data Protection Impact Assessments (DPIA)
  • What Triggers a Data Protection Impact Assessment?
  • DPIA is Not Required
  • Processes to be Considered for a DPIA
  • Responsibilities
  • DPIA Decision Path
  • DPIA Content
  • How Do I Conduct a DPIA?
  • Signing Off the DPIA
  • Mitigating Risks Identified by the DPIA
  • Privacy by Design and Default
  • External Transfers
  • Profiling
  • Pseudonymization
  • Principles, User Rights, and Obligations
  • One Stop Shop

Module 4: Structure of the Regulation 

  • Parts of the GDPR
  • Format of the Articles
  • Articles

Module 5: Principles and Rights 

  • Introduction
  • Legality Principle
  • How the Permissions Work Together?
  • Lawfulness of Processing Conditions
  • Lawfulness for Special Categories of Data
  • Criminal Offence Data
  • Consent
  • Transparency Principle
  • Fairness Principle
  • Rights of Data Subjects
  • Purpose Limitation Principle
  • Minimization Principle
  • Accuracy Principle
  • Storage Limitation Principle
  • Integrity and Confidentiality Principle
  • Accountability Principle

Module 6: Demonstrating Compliance 

  • Demonstrating Compliance with the GDPR
  • Impact of Compliance Failure
  • Administrative Fines
  • What Influences the Size of an Administrative Fine?
  • Joint Controllers
  • Processor Liability Under GDPR
  • Demonstrating Compliance
  • Protecting PII is Only Half the Job
  • What must be Recorded?
  • Additional Ways of Demonstrating Compliance
  • Demonstrating a Robust Process
  • PIMS (Personal Information Management System)
  • Cyber Essentials
  • ISO 27017 Code of Practice for Information Security Controls
  • Risk Management

Module 7: Incident Response and Data Breaches 

  • What is a Personal Data Breach?
  • Notification Obligations
  • What Breaches Do I Need to Notify the Relevant Supervisory Authority About?
  • What Information Must Be Provided to the SA?
  • How do I Report a Breach to the SA?
  • Notifying Data Subjects
  • What Should I do to Prepare for Breach Reporting?
  • Updating Policies and Procedures
  • Breach Reporting and Responses
  • Ways to Minimize the Breach Impact

Module 8: Understanding the Principle Roles

  • What the GDPR Makes Businesses Responsible For?
  • Difference Between a Data Controller and a Data Processor
  • How the Roles Split?
  • Controllers and Processors
  • Main Obligations of Data Controllers
  • Demonstrate Compliance
  • Joint Controllers and EU Representative
  • Controller-Processor Contract
  • Maintain Records and Keeping Records for Small Businesses
  • Cooperation with Supervisory Authorities
  • Keeping PII Secure
  • Data Breach Transparency
  • Role of the Data Processor
  • Controller-Processor Contract
  • Main Obligations of the Processor
  • Perform Only the Data Processing Defined by the Data Controller
  • Update the Data Controller
  • Sub-Process or Appointment
  • Keep PII Confidential
  • Maintaining Records
  • Cooperate with Supervisory Authorities
  • Security
  • Appoint a DPO – If Necessary
  • Transferring Data Outside the EU

Module 9: Role of the DPO

  • Role of a Data Protection Officer
  • Involvement of the DPO
  • Main Responsibilities of the DPO
  • Working Environment for the DPO
  • Must We Have A DPO?
  • Public Body
  • What does Large Scale mean?
  • Systematic Monitoring
  • Who Can Perform the Role of DPO?
  • Skills Required
  • Monitoring Compliance
  • Training and Awareness
  • Data Protection Impact Assessments (DPIAs)
  • Risk-Based Approach
  • Business Support for the DPO
  • DPO Independence
  • DPO – Conflict of Interest

Module 10: UK Implementation

  • Key Differences Between the Data Protection Act and the GDPR
  • Highlights from the Data Protection Bill
  • Definition of Controller
  • Health, Social Work, Education, and Child Abuse
  • Age of Consent
  • Exemptions for Freedom of Expression
  • Research and Statistics
  • Archiving in the Public Interest

Module 11: Key Features

  • Specific Permission
  • Privacy by Design
  • Data Portability
  • Right to be Forgotten
  • Definitive Consent
  • Information in Clear Readable Language
  • Limits on the Use of Profiling
  • Everyone Follows the Same Law
  • Adopting Techniques

Module 12: Subject Access Requests and How to Deal with them?

  • Subject Access Requests (SAR)
  • Dealing with SAR
  • Recognize the Request
  • Understand the Time Limitations
  • Dealing with Fees and Excessive Requests
  • Identify, Search, and Gather the Requested Data
  • Learn about What Information to Withhold
  • Developing and Sending a Response

Show moredown

Who should attend this Certified EU General Data Protection Regulation (EU GDPR) Foundation Course?

The Certified EU GDPR Foundation Training Course in the United States is designed to provide professionals with a fundamental understanding of the European Union's General Data Protection Regulation (GDPR). This GDPR Training Course can be beneficial to a variety of professionals, including:

  • Data Protection Officers
  • IT Security Analysts
  • HR Managers
  • IT Project Managers
  • Customer Relationship Managers (CRM)
  • Database Administrators
  • Data Privacy Lawyers

Prerequisites of the Certified EU General Data Protection Regulation (EU GDPR) Foundation Course

There are no formal prerequisites for attending the Certified EU General Data Protection Regulation (EU GDPR) Foundation Training Course.

Certified EU General Data Protection Regulation Foundation Course Overview

The Certified EU General Data Protection Regulation (GDPR) Foundation Course in the United States is designed to provide a comprehensive understanding of the GDPR, a crucial legislation governing data protection in the European Union. In an increasingly data-driven world, knowledge of GDPR is indispensable for businesses and professionals globally. This GDPR Course delves into the principles, requirements, and implications of GDPR, offering a vital foundation for navigating the complex data protection landscape.

Proficiency in GDPR Training in the United States is vital for Data Management, Compliance, and Privacy Professionals. Organizations handling EU citizens' data must comply with GDPR, making it essential for Data Protection Officers, Compliance Officers, and IT professionals to master this subject. Acquiring GDPR expertise ensures adherence to legal requirements, safeguards data, and enhances professional credibility in the evolving data governance landscape.

This intensive 2-day GDPR Training equips delegates with practical insights into GDPR compliance. Delegates will gain a thorough understanding of the GDPR framework, data protection principles, and how to implement compliance measures within their organizations in the United States.

Course Objectives:

  • To understand the key principles and legal requirements of the EU GDPR
  • To identify the roles and responsibilities of data controllers and processors
  • To comprehend the rights of data subjects and how to address their requests
  • To learn how to conduct a Data Protection Impact Assessment (DPIA)
  • To grasp the essentials of data breaches and incident response under GDPR
  • To develop strategies for ensuring ongoing compliance with GDPR
  • To gain insights into international data transfers and their implications

After completing this GDPR Course in the United States, delegates will receive a Certified EU GDPR Foundation Training certificate. This GDPR Training Certification validates their understanding of GDPR principles and demonstrates their commitment to ensuring robust data protection practices within their organizations.

Show moredown

What’s included in this Certified EU General Data Protection Regulation (EU GDPR) Foundation Course?

  • Certified EU General Data Protection Regulation (EU GDPR) Foundation Examination
  • World-Class Training Sessions from Experienced Instructors
  • Certified EU General Data Protection Regulation (EU GDPR) Foundation Certificate
  • Digital Delegate Pack

Show moredown

EU GDPR Foundation Exam Information

To achieve the Certified EU General Data Protection Regulation (EU GDPR) Foundation, candidates will need to sit for an examination. The exam format is as follows: 

  • Question Type: Multiple Choice 
  • Total Questions: 45 
  • Total Marks: 45 Marks 
  • Pass Mark: 65%, or 29/45 Marks 
  • Duration: 60 Minutes 
  • Open Book/ Closed Book: Closed Book

Show moredown

Online Instructor-led (2 days)

Online Self-paced (16 hours)

Official EU General Data Protection Regulation (EU GDPR) Practitioner Exam

Certified EU General Data Protection Regulation (EU GDPR) Practitioner Course Outline

Module 1: Data Subject Rights

  • Must I Always Obey a Right?
  • Rights and Third Parties
  • Requests Made on Behalf of Other Data Subjects
  • Guidelines for Children's Maturity
  • Responding to a Rights Request
  • What is a Month?
  • Rights Request Flow Chart
  • Right to be Informed
  • When Should Information Be Provided?
  • Best Practice Guidance
  • Right of Access
  • Right to Rectification
  • Right to Erasure
  • When can I Refuse to Comply with a Request for Erasure?
  • Erasing Children's Data
  • Right to Restrict Processing
  • When Processing Should be Restricted?
  • Protecting PII
  • Other Issues about Restricting Processing
  • Right to Data Portability
  • Right to Object
  • Complying with the Right to Object
  • Rejecting the Right to Object
  • Processing for Direct Marketing Purposes
  • Processing for Research Purposes
  • Rights Related to Automated Decision Making and Profiling
  • When does the Right not apply?

Module 2: Subject Access Requests

  • Provenance
  • Overview: SARs
  • SAR is an Activity, Not a Title
  • How can a SAR be Submitted?
  • What Information Should the Response to a SAR Contain?
  • Additional Information
  • Replying to a SAR
  • Confirming a Data Subject’s Identity
  • Scope
  • Electronic Records
  • Non-Electronic Records
  • SARs Involving 3rd Party PII
  • Fees
  • Refusing a Subject Access Request
  • Access Requests from Employees
  • Credit Reference Agencies
  • Best Practice for SARs

Module 3: Lawful Processing

  • Lawful Processing: A Reminder
  • User Rights Change Depending on the Justification
  • Lawfulness of Processing Conditions
  • Lawfulness for Special Categories of Data
  • UK ICO Tool
  • Consent
  • Key Points About Consent
  • Affirmative Action and Explicit Consent
  • Introduction of Affirmative Action
  • What is Not Affirmative Action?
  • Examples of Affirmative Action from the ICO
  • Introduction of Explicit Consent
  • Explicit Statement
  • Obtaining Explicit Consent
  • ICOs View of a Poor Form of Explicit Consent
  • Obtaining Consent for Scientific Research Purposes
  • Getting Consent
  • What Should Go into the Consent Request?
  • Consent Granularity
  • Right to Withdraw Consent
  • Children
  • Consent Records
  • ICOs Examples of Record Keeping
  • Key Points When Establishing Consent
  • Legitimate Interests
  • Getting the Balance Right
  • Consent or Legitimate Interest?
  • What Lawful Basis Can be Used for Processing Marketing PII?

Module 4: Third Country Data

  • Cross Border Transfers
  • Transfer Mechanisms
  • Derogations
  • Adequacy
  • Adequate Ways to Safeguard Transfers of PII
  • Consent
  • One-Off or Infrequent Transfers
  • Who is Responsible?
  • Transferring PII Between EEA Members
  • Adequate Countries Outside of the EEA
  • Binding Corporate Rules (BCR)
  • What a BCR Must Cover?
  • Authorization for BCRs
  • EU-US Privacy Shield
  • Privacy Shield Overview
  • Privacy Shield: Mechanics
  • Model Clauses
  • Public Authority Agreements

Module 5: Introduction to Protecting Personal Data

  • Need to Secure
  • What is Appropriate?
  • Protecting PII – 3 Key Areas
  • Coverage
  • Defensive Design
  • Single Point of Failure (SPOF)
  • Incident Response
  • Data Breach Reporting Requirements
  • Incident Response Team

Module 6: Data Protection Impact Assessments (DPIA)

  • Introduction
  • What Triggers a Data Protection Impact Assessment?
  • Cases Where DPIA is Not Required
  • Benefits of DPIA
  • Processes to be Considered for a DPIA
  • Responsibilities
  • DPIA Decision Path
  • DPIA Content
  • How Do I Conduct A DPIA?
  • Signing Off the DPIA
  • Mitigating Risks Identified by the DPIA

Module 7: Need Want Drop

  • Overview
  • Need-Want-Drop: Concept Diagram
  • Need-Want-Drop: Categorizing Data
  • Need/Want/Drop Methodology

Module 8: Dealing with Third Parties and Data in the Cloud

  • What is Cloud Computing?
  • Myths of Cloud
  • Cloud Challenges
  • Controller-Processor Contract
  • Checklist
  • Data Controller - Summary

Module 9: Practical Implications: GDPR

  • Brexit and its Impact on the GDPR
  • Adequacy
  • What does this Mean in Practice?
  • EU and UK Representatives
  • Exemption Rule
  • One-Stop Shop

Module 10: Legal Requirements of the GDPR

  • Lawful, Fair, and Transparent Processing
  • Limitation of Purpose, Data and Storage
  • Data Subject Rights
  • Consent
  • Personal Data Breaches
  • Privacy by Design
  • Data Protection Impact Assessment
  • Data Transfers
  • Data Protection Officer
  • Awareness and Training

Module 11: Privacy Principles in GDPR

  • Lawfulness, Fairness, and Transparency
  • Purpose Limitation
  • Data Minimization
  • Accuracy
  • Storage Limitation
  • Integrity and Confidentiality

Module 12: Common Data Security Failures, Consequences, and Lessons to be Learnt

  • Common Data Security Failures
  • Consequences
  • Fines Relating to Data Breaches
  • Litigation from Customers Relating to Data Breaches
  • Directors, Officers, and Professional Advisors
  • Reputational Damage
  • Lesson Learned
  • Knowing When and How to Communicate with Affected Individuals is Not Easy
  • GDPR is Important, as are Other Legal Frameworks

Show moredown

Who should attend this Certified EU General Data Protection Regulation (EU GDPR) Practitioner Course?

The Certified EU GDPR Practitioner Training Course in the United States goes a step beyond the foundational principles provided in the GDPR Foundation course. It is designed to give professionals a more detailed insight into the GDPR. This GDPR Training Course can be beneficial to a variety of professionals, including:

  • Data Protection Officers
  • IT Security Managers
  • Legal Counsel & Compliance Lawyers
  • Senior HR Managers
  • Risk and Compliance Managers
  • Chief Information Officers (CIOs)
  • Digital Marketing Directors
  • Database and System Administrators

Prerequisites of the Certified EU General Data Protection Regulation (EU GDPR) Practitioner Course

There are no formal prerequisites required for the Certified EU General Data Protection Regulation (EU GDPR) Practitioner Training Course.

Certified EU General Data Protection Regulation (EU GDPR) Practitioner Course Overview

Implementing technical and organizational measures is crucial for data protection in the United States and GDPR compliance in organisations that require it. GDPR Training provides the necessary expertise to do so. This GDPR Training also enables learners to grasp the significance of assessing GDPR compliance and making adjustments to maintain ongoing adherence.

Proficiency in EU GDPR Training is essential for professionals navigating the complex realms of data privacy. IT professionals, legal experts, Compliance Officers, and anyone handling personal data in the United States must master GDPR to ensure adherence to stringent regulations, if needed for their projects or by their organization. Adept knowledge of GDPR is a legal requirement and a critical competency in the contemporary business landscape.

This intensive 2-day GDPR Training empowers delegates with practical insights into GDPR implementation. Through real-world case studies and interactive sessions, delegates will gain the skills to assess, implement, and maintain GDPR compliance within their organizations. The course is designed to provide a streamlined and effective learning experience, equipping professionals with the expertise needed for data protection challenges.

Course Objectives:

  • To understand the foundational principles and scope of the EU General Data Protection Regulation
  • To gain practical insights into conducting Data Protection Impact Assessments (DPIAs)
  • To develop proficiency in drafting GDPR-compliant documentation and policies
  • To acquire the skills needed for managing data breaches and responding to regulatory authorities
  • To comprehend the role of Data Protection Officers (DPOs) and their responsibilities
  • To interpret and apply GDPR requirements to various business scenarios
  • To navigate the intricacies of international data transfers and third-party relationships

After completing this GDPR Course, delegates will receive a completion certificate, validating their expertise in data protection. This GDPR Training Certification enhances individuals’ and organizations’ understanding of the regulations, to help them perform better in their professional objectives and endeavors concerning the EU.

Show moredown

What’s included in this Certified EU General Data Protection Regulation (EU GDPR) Practitioner Course?

  • Certified EU General Data Protection Regulation (EU GDPR) Practitioner Examination
  • World-Class Training Sessions from Experienced Instructors
  • Certified EU General Data Protection Regulation (EU GDPR) Practitioner Certificate
  • Digital Delegate Pack

Show moredown

EU GDPR Practitioner Exam Information

To achieve the Certified EU General Data Protection Regulation (EU GDPR) Practitioner, candidates will need to sit for an examination. The exam format is as follows: 

  • Question Type: Multiple Choice 
  • Total Questions: 30 
  • Total Marks: 30 Marks 
  • Pass Mark: 57%, or 17/30 Marks 
  • Duration: 90 Minutes
  • Open Book/ Closed Book: Closed Book

Show moredown

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Certified Data Protection Officer Exam

Certified Data Protection Officer (CDPO) Course Outline

This CDPO Training Course will explore the following areas:

Module 1: Role of a Data Protection Officer

  • Must We Have a DPO?
  • Who Can Perform the Role of DPO?
  • Involvement of the DPO
  • Main Responsibilities of the DPO
  • Role of a DPO: What to Expect?
  • DPO’s Place in the Business
  • What does the DPO Really Do?
  • Characteristics of Adult Learners
  • Common Learning Styles
  • Designing Your Training Event
  • Top Tips for Trainers

Module 2: Security Context

  • Incident Response Plan Overview
  • Developing an Incident Response Plan
  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned
  • Incidence Response: DPOs Role

Module 3: Performing a Personal Data Audit

  • Personal Data Audit Overview
  • TKA Data Protection and Compliance Audit
  • Sections of TKA Data Protection and Compliance Audit
  • Corporate Compliance and Privacy Awareness
  • Collecting and Handling PII
  • Record Retention
  • Security of Personal Data
  • Direct Marketing
  • Subject Access Requests
  • DPO
  • Incident Response
  • Contract(s)
  • Privacy by Design and Default/DPIAs
  • Road to Compliance (from GDPR Practitioner)
  • Privacy Notice Audit

Module 4: Performing a DPIA

  • Data Protection Impact Assessments
  • Is a DPIA Required?
  • DPIA Questionnaire
  • Performing DPIAs through the Lifecycle
  • Risk Assessment Method
  • Mitigating Risks Identified by the DPIA
  • Risk Assessment Activity
  • ICOs PIA – GDPR Compliant
  • Signing Off the DPIA

Show moredown

Who should attend this Certified Data Protection Officer (CDPO) Course?

The Certified Data Protection Officer (CDPO) Training Course in the United States is designed to equip professionals with the knowledge and skills required to perform the role of a Data Protection Officer (DPO) effectively, as mandated by the EU's GDPR. This GDPR Training Course can be beneficial for a wide range of professionals, including:

  • Information Security Consultants
  • Data Protection Officers
  • Compliance Managers
  • Privacy Officers
  • Legal Professionals
  • Risk Managers
  • Security Specialists

Prerequisites of the Certified Data Protection Officer (CDPO) Course

There are no formal prerequisites for attending the Certified Data Protection Officer (CDPO) Training Course.

Certified Data Protection Officer (CDPO) Course Overview

The Certified Data Protection Officer (CDPO) Course in the United States is a crucial gateway to understanding and implementing robust data protection practices. This comprehensive one-day course equips participants with the knowledge and skills to navigate the complex data security landscape, ensuring compliance with relevant regulations such as the General Data Protection Regulation (GDPR).

Proficiency in this GDPR Training in the United States is vital for professionals handling sensitive information, including IT Managers, Compliance Officers, and Privacy Advocates. Mastering data protection ensures compliance with regulations, instills customer trust, and mitigates the risk of data breaches. This GDPR Course is tailored for those aiming to excel in the dynamic field of data protection.

This intensive 1-day GDPR Training in the United States offers a focused and intensive learning experience. Delegates will gain practical insights into data protection laws, best risk management practices, and effective data breach prevention strategies. The course combines theoretical knowledge with real-world scenarios, providing delegates with valuable skills applicable to their professional roles.

Course Objectives:

  • To comprehend the fundamentals of data protection laws and regulations
  • To identify and assess potential risks associated with data processing
  • To implement robust data protection measures and strategies
  • To develop proficiency in handling data breaches and incident response
  • To understand the role and responsibilities of a Data Protection Officer (DPO)

After completing this GDPR Course in the United States, delegates will receive a recognized certification. This GDPR Training Certification validates their expertise in data protection laws and practices, making them valuable assets to organizations committed to maintaining the highest data security and privacy standards.

Show moredown

What’s included in this Certified Data Protection Officer (CDPO) Course?

  • Certified Data Protection Officer (CDPO) Examination
  • World-Class Training Sessions from Experienced Instructors
  • Certified Data Protection Officer (CDPO) Certificate
  • Digital Delegate Pack

Show moredown

Certified Data Protection Officer (CDPO) Training Exam Information

To achieve the Certified Data Protection Officer (CDPO), candidates will need to sit for an examination. The exam format is as follows: 

  • Question Type: Multiple Choice 
  • Total Questions: 40 
  • Total Marks: 40 Marks 
  • Pass Mark: 65%, or 26/40 Marks 
  • Duration: 60 Minutes
  • Open Book/ Closed Book: Closed Book

Show moredown

Online Instructor-led (1 days)

Online Self-paced (8 hours)

EU General Data Protection Regulation Awareness Course Outline

Module 1: Introduction to the GDPR

  • What is the GDPR?

Module 2: Key GDPR Terminology

  • Key GDPR Terminology
  • Personal Data
  • Data Controller
  • Data Processor
  • Data Subject
  • Consent
  • Right to Access
  • Right to Rectification
  • Right to Erasure
  • Right to Data Portability
  • Data Protection Officer (DPO)
  • Privacy by Design
  • Data Breach
  • Supervisory Authority

Module 3: GDPR’s Structure - the Articles and Recitals

  • Introduction
  • GDPR's Structure According to UK Law

Module 4: Differences between the Data Protection Act and the EU GDPR

  • Introduction
  • Data Protection Act Vs the EU GDPR
  • Geographic Reach and Scope
  • Definition of Personal Data
  • Consent Policies
  • Data Breach Policies
  • Accountability
  • Data Protection Governance
  • Penalties and Compensation

Module 5: Principles of the GDPR

  • Overview
  • Principles of the GDPR
  • Lawfulness, Fairness and Transparency
  • Purpose Limitation
  • Data Minimization
  • Accuracy
  • Storage Limitation
  • Integrity and Confidentiality
  • Accountability

Module 6: Key Roles and Features of the GDPR

  • Introduction
  • Some Key Roles and Features of the GDPR
  • Data Controller
  • Data Processor
  • Personal Data
  • Data Subject
  • Consent
  • Data Protection Officer (DPO)
  • Data Breach Notification

Module 7: The Rights of Data Subjects

  • Overview
  • Fundamental Rights of Data Subjects under GDPR

Module 8: Subject Access Requests and How to Deal with Them

  • Subject Access Requests and How to Deal with Them
  • Steps that Can Take to Deal with a Subject Access Request
  • Confirm the Identity of the Requester
  • Acknowledge the Request
  • Collect the Necessary Information
  • Review the Data
  • Respond to the Requester
  • Monitor Compliance

Module 9: Complying with the EU GDPR

  • Introduction of Complying with the EU GDPR

Module 10: Data Protection Impact Assessments (DPIA)

  • Introduction
  • DPIA is in Specific Need

Module 11: Breach Reporting and Responses

  • Breach Reporting
  • Operational Responses to GDPR
  • Data Inventory and Mapping
  • Establishing Lawful Basis for Processing
  • Building and Maintaining a Data Governance System
  • Transparency and Privacy Notices
  • Data Breach Response

Show moredown

Who should attend this EU General Data Protection Regulation (EU GDPR) Awareness Course?

The EU GDPR Awareness Training Course in the United States is designed to provide a high-level introduction to the fundamental concepts and principles of the EU's GDPR. This online GDPR Awareness Training Course is beneficial for a wide array of professionals, including:

  • Data Protection Officers
  • Compliance Officers
  • Privacy Officers
  • Legal Professionals
  • IT Professionals
  • Business Owners and Executives
  • HR Managers

Prerequisites of the EU General Data Protection Regulation (EU GDPR) Awareness Course

There are no formal prerequisites to attend the EU GDPR Awareness Training Course.

EU General Data Protection Regulation Awareness Course Overview

In an increasingly data-driven world, understanding GDPR is crucial in the United States. This one-day training equips participants with vital insights into data protection, ensuring they navigate the intricacies of privacy laws and compliance effortlessly.

Proficiency in this GDPR Training is indispensable for professionals handling sensitive information. Compliance Officers, Data Protection Officers, and IT professionals should aim to master GDPR in the United States, especially when they’re working with the EU. Stay ahead in your career by acquiring essential skills in data protection.

This intensive 1-day GDPR Training empowers delegates in the United States with practical knowledge and tools to navigate GDPR complexities efficiently. From fundamental principles to real-world scenarios, participants gain a deep understanding of GDPR, ensuring they can implement best practices in their professional roles.

Course Objectives:

  • To comprehend the foundational principles of GDPR
  • To interpret the rights and responsibilities of data subjects and controllers
  • To analyze the legal obligations for data processing and consent
  • To implement strategies for data breach detection and response
  • To understand the role of Data Protection Impact Assessments (DPIAs)
  • To master GDPR compliance in international data transfers
  • To navigate the intricacies of GDPR enforcement and penalties

After completing this GDPR Course in the United States, delegates will receive a CEU-certified GDPR Awareness certificate. This GDPR Training validates their expertise in data protection and positions them as valuable assets in the evolving landscape of privacy and compliance.

Show moredown

What’s included in this GDPR Awareness Training Course?

  • World-Class Training Sessions from Experienced Instructors
  • GDPR Awareness Certificate
  • Digital Delegate Pack

Show moredown

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Data Protection Act (DPA 2018) Course Outline

Module 1: Six Data Protection Principles

  • Introducing Data Protection
  • Six Data Protection Principles

Module 2: DPA’s Alignment with GDPR

  • What are the Penalties?
  • What can We Get an Administrative Fine for?
  • What Influences the Size of an Administrative Fine?
  • Staff Member Responsibilities
  • Personal Information
  • Sensitive Data

Module 3: Conditions for Sensitive Processing

  • Judicial and Statutory Purposes
  • Safeguarding of children and individuals at risk
  • Individual’s vital interests
  • Archiving
  • Preventing Fraud

Module 4: Safeguards for Sensitive Processing

  • Information Commissioner's Office (ICO)
  • Law Enforcement

Module 5: Individual Rights Under the DPA 2018

  • Right to Be Informed
  • Right to Be Informed: When Should Information Be Provided?
  • Best Practice Guidance: Selling/Sharing PII
  • Best Practice Guidance: Purchasing PII
  • Best Practice Guidance: Publicly Derived PII
  • Best Practice Guidance: Artificial Intelligence (AI)
  • Right of Access
  • Right to Rectification
  • Right to Erasure (The Right to Be Forgotten)
  • When Can I Refuse to Comply with a Request for Erasure?
  • Erasing Children's Data
  • Right to Restrict Processing
  • When Processing Should be Restricted
  • Other Issues about Restricting Processing
  • Right to Data Portability
  • Right to Object
  • Complying with the Right to Object
  • Rejecting the Right to Object
  • Right to Object: Processing for Direct Marketing Purposes
  • Right to Object: Processing for Research Purposes
  • Rights Related to Automated Decision Making and Profiling (1)
  • Rights Related to Automated Decision Making and Profiling (2)
  • Rights Related to Automated Decision Making and Profiling (3)
  • When does the Right not apply?

Module 6: Documenting and Logging Data

  • Documenting and Logging Data
  • What Must Be Recorded?
  • Maintaining Records

Module 7: Categorizing Individuals and Retaining Personal Data

  • What is Personal Information?
  • Who Has PII?
  • Who Processes PII?
  • Demonstrating Compliance
  • Protecting PII

Module 8: Appointing a Data Protection Officer

  • Role of a Data Protection Officer
  • Involvement of the DPO
  • Main Responsibilities of the DPO
  • Working Environment for the DPO
  • Must We Have a DPO?

Module 9: Reporting and Responding to Data Breaches

  • Overview: Incident Response Plan
  • Developing an Incident Response Plan
  • Preparation
  • Identification
  • Containment
  • Eradication
  • 5 Whys
  • How to Complete The 5 Whys
  • Fishbone Diagram
  • Recovery
  • Lessons Learned
  • Incidence Response: DPOs role

Module 10: International Data Transfers and Relevant Authorities

  • External Transfers
  • Cross Border Transfers
  • Transfer Mechanisms
  • Derogations
  • Adequacy
  • Adequate Ways to Safeguard Transfers of PII
  • One-Off or Infrequent Transfers
  • Transferring PII Between EEA Members
  • Adequate Countries Outside of the EEA
  • EU-US Privacy Shield
  • Privacy Shield Overview
  • Privacy Shield: Mechanics
  • Model Clauses
  • Public Authority Agreements

Show moredown

Who should attend this Data Protection Act Training (DPA 2018) Course?

The Data Protection Act Training (DPA 2018) Training Course in the United States aims to provide professionals with an in-depth understanding of the DPA 2018 Act, its key provisions, and how it interacts with the GDPR. This GDPR Course can be beneficial to a wide range of professionals, including:

  • Data Protection Officers
  • Data Privacy Lawyers
  • IT Security Professionals
  • Compliance Officers
  • HR Managers
  • Privacy Consultants
  • Marketing & Sales Professionals

Prerequisites of the Data Protection Act Training (DPA 2018) Course

There are no formal prerequisites for attending the Data Protection Act Training (DPA 2018) Training Course.

Data Protection Act (DPA 2018) Course Overview

The Data Protection Act (DPA) 2018 in the United States is a pivotal legislation ensuring the security and privacy of personal data. In an era dominated by digital transactions and information exchange, understanding the DPA 2018 is crucial. This GDPR Course provides an in-depth exploration of the Act, its origins, and its application in contemporary data-driven environments.

Proficiency in this GDPR Training in the United States is vital for professionals involved in Data Management, Cybersecurity, Legal Compliance, and those responsible for safeguarding sensitive information. Mastery of this subject ensures individuals can navigate complex data protection landscapes, mitigating risks and ensuring compliance with evolving regulations.

This intensive 1-day GDPR Training in the United States is designed to equip delegates with the knowledge to effectively implement the DPA 2018. Through interactive sessions, case studies, and real-world scenarios, participants will gain hands-on experience applying data protection principles. The course focuses on the practical aspects of compliance, empowering delegates to address challenges in their respective roles and contribute to creating a secure data environment within their organizations.

Course Objectives:

  • To comprehend the key provisions of the Data Protection Act (DPA) 2018
  • To interpret and apply data protection principles in real-world scenarios
  • To understand the legal and ethical implications of data processing
  • To assess and implement data security measures in compliance with the DPA 2018
  • To develop strategies for managing and responding to data breaches

After completing this GDPR Course in the United States, delegates will receive a certification recognizing their proficiency in the Data Protection Act (DPA) 2018. This GDPR Certification signifies their ability to navigate the intricacies of data protection, ensuring compliance and contributing to the safeguarding of sensitive information.

Show moredown

What’s included in this Data Protection Act Training (DPA 2018) Course?

  • World-Class Training Sessions from Experienced Instructors
  • Data Protection Act (DPA 2018) Certificate
  • Digital Delegate Pack

Show moredown

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Personal Data Protection Bill Training Course Outline

Module 1: Introduction to the Personal Data Protection Bill

  • Overview of the Bill and its Significance
  • Key Objectives of the Bill
  • Understanding the Scope and Application

Module 2: Categories of Personal Data

  • Types of Personal Data
  • Significance of Sensitive Personal Data
  • Data Classification According to the Bill

Module 3: Roles and Responsibilities

  • Role of the Data Fiduciary
  • Role of the Data Processor
  • Role of the Data Principal

Module 4: Data Processing Principles

  • Conditions for Lawful Data Processing
  • Transparency and Accountability Measures
  • Purpose and Data Minimization

Module 5: Consent Mechanisms

  • Importance of Informed Consent
  • Procedures for Obtaining and Revoking Consent
  • Special Provisions for Minors

Module 6: Data Storage and Localization

  • Storage Limitations and Data Retention Policies
  • Cross-Border Data Transfer Regulations
  • Localization Requirements under the Bill

Module 7: Data Security Measures

  • Security Standards and Encryption Requirements
  • Process for Reporting and Handling Data Breaches
  • Organizational Measures for Data Protection

Module 8: Rights of Data Principals

  • Right to Data Access and Correction
  • Right to Data Portability
  • Right to be Forgotten and Deletion of Data

Module 9: Regulatory Compliance and Penalties

  • Enforcement Bodies and their Jurisdiction
  • Penalties and Remedies for Non-Compliance
  • Compliance Auditing

Show moredown

Who should attend this Personal Data Protection Bill Training Course? 

The Personal Data Protection Bill Course in the United States is suitable for a diverse range of individuals and professionals who handle personal data and are keen on understanding the intricacies of data protection in accordance with the upcoming legislation. This GDPR Training Course can be beneficial for a variety of professionals, including:

  • Business Owners and Managers
  • Legal Professionals
  • Data Protection Officers
  • IT and Security Personnel
  • Human Resources Personnel
  • Marketing and Sales Professionals
  • Data Analysts and Researchers

Prerequisites of the Personal Data Protection Bill Training Course

There are no formal prerequisites for attending this Personal Data Protection Bill Course.

Personal Data Protection Bill Training Course Overview

The Personal Data Protection Bill Course in the United States delves into the critical aspects of data protection, addressing the growing importance of safeguarding personal information. This GDPR Course explores the Personal Data Protection Bill's implications for navigating the evolving data protection landscape.

Proficiency in this GDPR Training in the United States is crucial for professionals across diverse sectors, including IT, Legal, Compliance, and Data Management. Mastery of this subject empowers individuals to navigate the complexities of data governance, ensuring adherence to legal frameworks. Professionals handling sensitive information should know data protection laws to maintain privacy and organizational integrity.

This intensive 1-day GDPR Training in the United States equips delegates with a comprehensive understanding of the Personal Data Protection Bill, offering practical insights and actionable strategies. Through interactive sessions and case studies, participants will gain practical knowledge of compliance frameworks, risk mitigation, and ethical data handling.
Course Objectives:

  • To comprehend the key provisions and implications of the Personal Data Protection Bill
  • To identify potential risks and challenges associated with data processing and storage
  • To formulate and implement effective data protection policies within organizational contexts
  • To navigate the legal landscape surrounding data protection and privacy
  • To understand the role of technology in ensuring compliance with the bill's requirements
  • To assess and mitigate the impact of data breaches on individuals and organizations
  • To cultivate a culture of privacy awareness and ethical data-handling practices

After completing this GDPR Course in the United States, delegates will receive a certification acknowledging their proficiency in data protection. This GDPR Training Certification validates their understanding of the bill's intricacies and demonstrates their commitment to maintaining high privacy and security standards.

Show moredown

What’s included in this Personal Data Protection Bill Training Course?

  • World-Class Training Sessions from Experienced Instructors   
  • Personal Data Protection Bill Certificate
  • Digital Delegate Pack

Show moredown

Online Instructor-led (1 days)

Online Self-paced (8 hours)

Data Privacy Awareness Course Outline

Module 1: Introduction to Data Privacy

  • What is Data Privacy?
  • Physical Privacy
  • Social Privacy Norms
  • Privacy in a Technology-Driven Society
  • Doctrine of Information Privacy
  • Information Sharing Empowers the Recipient
  • Monetary Value of Individual Privacy
  • Model Data Economy
  • Notice and Choice Versus Privacy as Trust
  • Enforcement of Notice and Choice Privacy Laws
  • Broken Trust and FTC Enforcement
  • Notice and Choice Model Falls Short
  • Privacy as Trust: An Alternative Model
  • Additional Challenges in the Era of Big Data and Social Robots
  • What is a Social Robot?
  • Trust and Privacy
  • Legal Framework for Governing Social Robots
  • General Data Protection Regulation (GDPR)

Module 2: GDPR's Scope of Application

  • When Does GDPR Apply?
  • Processing of Data
  • Personal Data
  • Exempted Activities under GDPR
  • Key Players under GDPR
  • Territorial Scope of GDPR
  • Operation of Public International Law

Module 3: Technical and Organizational Requirements under GDPR

  • Accountability
  • Data Controller
  • Technical and Organizational Measures
  • Duty to Maintain Records of Processing Activities
  • Data Protection Impact Assessments
  • Data Protection Officer
  • Data Protection by Design and Default
  • Data Security During Processing
  • Personal Data Breaches
  • Codes of Conduct and Certifications
  • Data Processor

Module 4: Material Requisites for Processing under GDPR

  • Central Principles of Processing
  • Legal Grounds for Data Processing
  • International Data Transfers
  • Intragroup Processing Privileges
  • Cooperation Obligation on EU Bodies
  • Foreign Law in Conflict with GDPR

Module 5: Data Subjects Rights

  • Controller's Duty of Transparency
  • Digital Miranda Rights
  • Right of Access
  • Right of Rectification
  • Right of Erasure
  • Right of Restriction
  • Right to Data Portability
  • Rights to Automated Decision Making
  • Restrictions on Data Subject Rights

Module 6: GDPR Enforcement

  • In-House Mechanisms
  • Data Subject Representation
  • Supervisory Authorities
  • Judicial Remedies
  • Alternate Dispute Resolution

Module 7: Remedies

  • Allocating Liability
  • Compensation
  • Administrative Fines
  • Processing Injunctions
  • Specific Performance

Module 8: Creating a GDPR Compliance Department

  • Steps to Create a GDPR Compliance Department

Show moredown

Who should attend this Data Privacy Awareness Course?

The Data Privacy Awareness Training Course in the United States is tailored for professionals across industries who handle personal data or have a vested interest in data protection and privacy. This GDPR Training Course is particularly beneficial for the individuals who are aiming for a better understanding of data privacy regulations and best practices, including:

  • Data Protection Officers
  • Privacy Compliance Managers
  • Legal and Compliance Experts
  • Human Resources Personnel
  • Cybersecurity Analysts
  • Marketing Managers
  • CRM Managers

Prerequisites of the Data Privacy Awareness Course

There are no formal prerequisites for attending the Data Privacy Awareness Training Course. However, a basic knowledge of data handling practices can be beneficial more from the course.

Data Privacy Awareness Course Overview

Data privacy, a subset of data security, focuses on carefully managing data, including aspects like notification, consent, and regulatory compliance. Our Data Privacy Awareness Course in the United States is designed to address the critical need for understanding and upholding data privacy. With increasing cyber threats and regulatory frameworks, this GDPR Course equips professionals with the knowledge and skills to navigate the complex landscape of data privacy.

Proficiency in this GDPR Training in the United States is essential for professionals across industries, particularly those dealing with sensitive information. IT professionals, legal experts, Compliance Officers, and Business Executives should aim to master this subject. Understanding data privacy ensures legal compliance and fosters a culture of trust, transparency, and responsible data management within organizations.

This intensive 1-day GDPR Training in the United States empowers delegates with comprehensive insights into the principles and practices of data privacy. Through interactive sessions and real-world case studies, participants will gain practical knowledge on implementing robust data protection measures. From understanding regulations to implementing secure data handling procedures, this GDPR Course provides a holistic approach to data privacy.

Course Objectives:

  • To comprehend the fundamental principles of data privacy regulations
  • To identify and assess potential risks and vulnerabilities in data processing
  • To implement effective strategies for data encryption and secure storage
  • To cultivate a culture of data privacy within organizational frameworks
  • To understand the legal implications of data breaches and non-compliance
  • To develop proficiency in creating and implementing data privacy policies

After completing this GDPR Course in the United States, delegates will receive a Data Privacy Awareness Certification. This GDPR Certification demonstrates their commitment to upholding data privacy standards and enhances their professional credibility in an environment where data protection is of utmost importance.

Show moredown

What’s included in this Data Privacy Awareness Course?

  • World-Class Training Sessions from Experienced Instructors
  • Data Privacy Awareness Certificate
  • Digital Delegate Pack

Show moredown

Online Instructor-led (2 days)

Online Self-paced (16 hours)

Saudi Arabia Personal Data Protection Law (PDPL) Training Course Outline

Module 1: Introduction to PDPL

  • Overview of Personal Data Protection Law
  • Key Definitions and Scope of the Legislation
  • Importance of Data Privacy and Protection in Modern Business

Module 2: Principles of Data Protection

  • Fundamental Principles of PDPL
  • Lawfulness, Fairness, and Transparency in Data Processing
  • Purpose Limitation and Data Minimisation
  • Accuracy, Integrity, and Confidentiality

Module 3: Rights of Data Subjects

  • Right to Access Personal Data
  • Right to Rectification and Erasure
  • Right to Restrict Processing
  • Right to Data Portability
  • Right to Object and Rights Related to Automated Decision Making

Module 4: Responsibilities of Data Controllers

  • Duties of Data Controllers Under PDPL
  • Implementing Data Protection by Design and by Default
  • Keeping Records of Processing Activities
  • Notification and Communication of Data Breaches

Module 5: Responsibilities of Data Processors

  • Role and Duties of Data Processors
  • Processor Compliance Requirements
  • Contracts Between Controllers and Processors
  • Sub-processing and International Data Transfers

Module 6: Data Protection Impact Assessment

  • When to Conduct a Data Protection Impact Assessment
  • Methodology of Conducting Impact Assessments
  • Mitigating Risks Identified in Impact Assessments
  • Documenting and Reviewing Impact Assessments

Module 7: Data Protection Officer

  • Role of the Data Protection Officer (DPO)
  • Appointment and Position of the DPO
  • Tasks and Responsibilities of the DPO
  • DPO as a Key Stakeholder in Compliance

Module 8: Data Breaches

  • Types and Examples of Data Breaches
  • Legal Requirements for Handling Data Breaches
  • Steps to Manage and Mitigate Data Breaches
  • Notification Obligations under PDPL

Module 9: Consent Management

  • Obtaining Consent Under PDPL
  • Conditions for Valid Consent
  • Managing, Recording, and Withdrawing Consent
  • Special Categories of Data and Consent

Module 10: Data Subject Complaints

  • Handling Complaints from Data Subjects
  • Internal Procedures for Complaint Management
  • Escalation and Remediation Processes
  • Documentation and Reporting of Complaint Outcomes

Module 11: Enforcement and Penalties

  • Regulatory Authority and Its Powers
  • Enforcement of Actions and Procedures
  • Schedule of Penalties and Fines
  • Case Studies of Enforcement Actions

Module 12: International Data Transfers

  • Restrictions on International Data Transfers
  • Adequacy Decisions and Data Protection Equivalency
  • Use of Standard Contractual Clauses and Corporate Rules
  • Specific Requirements for Transfer to Third Countries

Module 13: Sector-Specific Compliance

  • Data Protection in Healthcare
  • Data Protection in Financial Services
  • Data Protection in the Public Sector

Show moredown

Who Should Attend this Saudi Arabia Personal Data Protection Law (PDPL) Training?

This Saudi Arabia Personal Data Protection Law (PDPL) Training is designed for anyone who wants to enhance professional skills in data protection law compliance. However, this training will be beneficial for:

  • Data Protection Officers
  • Compliance Managers
  • Information Security Analysts
  • Legal Counsels (Data Privacy)
  • IT Security Consultants
  • Risk Assessment Managers
  • Privacy Policy Analysts

Prerequisites of the Saudi Arabia Personal Data Protection Law (PDPL) Training

There are no formal prerequisites for attending this Saudi Arabia Personal Data Protection Law (PDPL) Training.

Saudi Arabia Personal Data Protection Law (PDPL) Training Course Overview

The Saudi Arabia Personal Data Protection Law (PDPL) is a critical framework regulating the collection, processing, and storage of personal data within the Kingdom. As data privacy concerns grow globally, the PDPL aims to ensure that organisations comply with robust standards of data protection, making it essential for professionals to understand its principles and requirements. This 1-day course offers an in-depth exploration of PDPL, helping delegates navigate its complexities with confidence.

Mastery of the PDPL is vital for professionals responsible for handling personal data, including Compliance Officers, Data Protection Officers, Legal Advisors, and IT Managers. Proficiency in this area ensures that organisations mitigate risks associated with non-compliance, including heavy penalties, and strengthens their data governance strategies. Individuals aiming to boost their careers in data privacy should prioritise gaining expertise in this law.

This 2-days training provides delegates with practical knowledge and the skills necessary to interpret, apply, and ensure compliance with PDPL. Through hands-on exercises and expert guidance, delegates will learn how to create compliant data handling policies, respond to breaches, and implement safeguards to protect personal data. The course is designed to build confidence in addressing the challenges associated with PDPL.

Course Objectives:

  • To understand the key provisions of the PDPL
  • To learn how to apply PDPL regulations in real-world scenarios
  • To develop effective data protection strategies
  • To ensure compliance with PDPL to avoid penalties
  • To identify the rights of data subjects under the PDPL
  • To create a breach response strategy
  • To manage data transfers across borders securely
  • To audit data protection practices for compliance

After completing the course, delegates will receive certification, demonstrating their expertise in Saudi Arabia’s PDPL. This certification enhances career prospects by verifying that they are capable of implementing compliant data protection policies in their organisations.

Show moredown

What’s included in this Saudi Arabia Personal Data Protection Law (PDPL) Training Course?

  • World-Class Training Sessions from Experienced Instructors 
  • Saudi Arabia Personal Data Protection Law (PDPL) Training Certificate
  • Digital Delegate Pack

Show moredown

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on +1 7204454674 or Inquire.

Package deals for GDPR Training

Our training experts have compiled a range of course packages on a variety of categories in GDPR Training, to boost your career. The packages consist of the best possible qualifications with GDPR Training, and allows you to purchase multiple courses at a discounted rate.

Swipe for more. Don’t miss out!

GDPR Training FAQs

The GDPR is an EU regulation that will protect EU citizens' personal data from all overreach of corporations. It will return control of the data to the individual and impose very strict requirements on compliance for organizations.
There are no prerequisites for attending the GDPR Foundation and Awareness Courses.
The benefits include being legally compliant (hence no fines), enhanced data protection, and new career opportunities.
The key principles include lawfulness, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity and confidentiality; and accountability, ensuring personal data is processed securely and lawfully.
Yes, 24/7 support by phone & email is offered before attending, during, and after attending the GDPR Training Course.
These GDPR Training Courses can span from 1-4 days.
Yes, GDPR Training provides basic awareness courses to all the staff and includes thorough specialized training of Data Protection Officers (DPOs) and IT professionals with regard to the various aspects and depths of the GDPR compliance.
Yes, The Knowledge Academy provides its students with self-paced training sessions, online instructor-led sessions, on-site training, and the classroom training sessions with respect to all its courses, including our GDPR Training Courses.
Upon completion of GDPR Courses, you will be able to secure jobs whereby the duties revolve around being a Data Protection Officer, Compliance Officer, Privacy Consultant, or Legal Advisor of an organization, specifically dealing with the enforcement of legislation in relation to data protection in organizations.
Yes, we provide corporate training for this GDPR Course, tailored to fit your organization's requirements.
This GDPR Online Training Course will teach you about data protection principles, legal requirements, and practical compliance strategies. Topics include data subject rights, consent, security measures, and the role of data protection officers.
This course is essential not only for the Data Protection Officers but also for IT professionals and Compliance Officers caring for personal data, as it assures full understanding of the data protection legislation and compliance.
In case you are experiencing any problem accessing these learning resources, feel very free to get in touch with our customer support so they can render help to you immediately.
GDPR Training prepares your staff to be able to recognize data breaches, know when it is necessary by law to make notifications about such occurrences, and take requisite protocols to limit their effects, ensuring that your responses to such incidents are both fast and compliant.
Following certification, practitioners may be responsible for establishing exercises in the field of GDPR compliance within the organization, such as data protection strategies, impact assessments, and acting as the point of contact for data subject and regulatory bodies.
Sectors wherein the personal data of EU residents are handled include the industry of healthcare, finance, technology, marketing, and other related industries in which the requirement for collection and processing of personal data is in place.
Among the requirements of GDPR that organizations will have to observe includes the privacy of personal data based on data protection principles and the need for organizations to be open on how they process personal data whenever consent is necessary.
Please see our GDPR Training courses available in the United States
The Knowledge Academy is the Leading global training provider for GDPR Training.
The training fees for GDPR Training in the United States starts from $2895
Show more down

Why we're the go to training provider for you

icon

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

icon

Trusted & Approved

We are accredited by PeopleCert on behalf of AXELOS

icon

Many delivery methods

Flexible delivery methods are available depending on your learning style.

icon

High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo

Looking for more information on GDPR Training

cross

BIGGEST
Christmas SALE!

red-starWHO WILL BE FUNDING THE COURSE?

close

close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

close

close

Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.