Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Fundamental Principles of Personal Data Processing
- Foundations of national and international legal frameworks.
- Scope of application for personal data protection laws.
- Authorities and powers of data protection regulators.
- Judicial remedies for the right to personal data protection.
- GDPR essentials: key definitions and selected issues.
- Sector-specific applications of the GDPR.
- Defining personal data.
- Principles of processing personal data.
- Legal grounds for processing personal data.
- Responsibilities of the data controller.
- Rights of data subjects.
- Administrative penalties.
- The Personal Data Protection Act of 10 May 2018: regulatory scope.
- Appointing a Data Protection Officer.
- Procedures for violations of personal data protection laws.
- Monitoring compliance with data protection regulations.
- Civil, criminal, and administrative liability.
- Conditions for lawful processing (ordinary and sensitive data).
- Legal requirements for engaging third-party processors.
- Data Protection Impact Assessments (DPIA).
- Data protection by design and by default.
- Legal bases for transferring data to third countries.
- Protecting personal data within employment relationships.
Appointment of a Data Protection Officer
- Mandatory appointment criteria.
- Optional appointment scenarios.
Eligibility for the Data Protection Officer Role
- Qualifications required for the role.
- Employment status and arrangements.
Status and Autonomy of the Data Protection Officer
- Direct reporting lines to senior management.
- Ensuring adequate resources and support.
- Involvement in all matters concerning personal data protection.
- Prohibition on receiving instructions regarding duty execution.
- Managing conflicts of interest within the organization.
- Protection against dismissal or disciplinary action.
- Duty of confidentiality regarding performed tasks.
Information Security Management
- Reviewing organizational security management systems, referencing Polish standards.
- Identifying privacy risks and their legal consequences.
- Risk assessment principles and evaluating the effectiveness of safety measures.
- Applying a risk-based approach through practical completion of risk analysis templates.
- Managing the lifecycle of personal data.
Executing DPO Responsibilities
- Legal basis for appointing the DPO.
- Determining who must appoint a DPO, when, and how.
- DPO status and necessary qualifications.
- Core tasks and planning execution strategies.
- Reporting on compliance in traditional and IT environments.
- Documenting DPO activities.
- Preparing inspection reports.
- Supervising documentation of processing activities.
- Powers of the Office for Personal Data Protection (UODO) regarding DPOs.
Practical Guidance on Inspections by the Office for Personal Data Protection
- Requirements for audited entities.
- Preparation strategies for inspections.
- Case study analysis.
Practical Exercises
- Drafting an exemplary Information Security Policy.
- Developing management directives.
- Creating a Register of Processing Activities.
- Preparing essential personal data protection documentation.
- Case study implementation.
- Analyzing common documentation errors.
Supplementary Materials for Participants:
Templates and Forms:
- Consent for image use and dissemination.
- Event newsletter subscription form.
- Consent to receive offers.
- Offer email consent template.
- General email consent template.
- Sample personal data protection policy.
- Template for GDPR information obligations with instructions.
- Risk analysis template.
- Register of Processing Activities template.
- Register of Processing Categories template.
- GDPR Breach Register template.
- GDPR Compliance Checklist template.
- Guidelines for handling personal data breaches.
- Data Protection Breach Report template.
- Security Incidents and Corrective Actions register.
- Corrections register.
- Restorations register.
- Model correction template.
- Restoration template.
- Model objection form.
- Model contract for excluding further processing.
- Sample consents for competitions, marketing, and publications.
- Information obligation for ferry crossings.
- Information obligation for meeting monitoring.
- Information obligation for recruitment.
- Information obligation for the National Revenue Administration.
- LES information obligation.
- Public Procurement Law (UCoC) information obligation.
- Labour Code information obligation.
- Tax-related information obligation.
- Employee data processing authorization template with example.
- Breach notification to data subjects template.
- Controller Data Processing Agreement template.
- Processor Data Processing Agreement.
- And additional resources.
Requirements
Target Audience
- Individuals beginning their career as a Data Protection Officer.
- Professionals slated for appointment to this role in the near future.
21 Hours
Testimonials (1)
The variety of the information shared and the clarity to explain terms in plain English.
