Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Fundamental principles of personal data processing
- Sources of national and international law
- Scope of application for personal data protection laws
- Powers of the data protection authority
- Judicial protection of the right to personal data protection
- GDPR - essential information and definitions - selected topics
- Sector-specific GDPR applications
- Personal data
- Processing of personal data
- Legal bases for processing personal data
- Responsibilities of the Controller
- Rights of data subjects
- Administrative fines
- Personal Data Protection Act of 10 May 2018 – scope of regulations
- Appointment of a Data Protection Officer
- Procedures for infringement of personal data protection laws
- Monitoring compliance with personal data protection regulations
- Civil, criminal, and administrative liability
- Conditions for the admissibility of processing personal data (ordinary and sensitive data)
- Legal requirements for entrusting personal data processing to other entities
- Data Protection Impact Assessment
- Data protection by design and by default
- Legal bases for transferring personal data to a third country
- Protection of personal data in employment contexts
Appointment of a Data Protection Officer
- Mandatory appointment of a Data Protection Officer
- Optional appointment of an Inspector
Who can serve as a Data Protection Officer?
- Qualifications required to act as an Inspector
- Employment status of the Inspector
Status of the Data Protection Officer
- Direct reporting of the Inspector to senior management
- Arranging support for the Supervisor
- Inspector's involvement in all matters related to personal data protection
- Prohibition on issuing instructions to the Supervisor regarding duty performance
- Avoiding conflicts of interest in the organization – Supervisor's tasks
- Prohibition on dismissing or punishing the Inspector
- The Inspector's duty to maintain secrecy or confidentiality of performed tasks
Information Security Management
- Discussion of the organization's security management system based on standards including Polish regulations
- Identification of privacy risks and their legal implications
- Principles of risk assessment and evaluating the impact of specific solutions on safety management effectiveness
- Understanding and applying a risk-based approach – practical completion of the Risk Analysis template
- Personal Data Lifecycle Management
Performing the duties of the Data Protection Officer (DPO)
- Legal basis for DPO appointment
- Who must appoint a DPO, when, and how the appointment is conducted
- DPO status and qualifications
- DPO tasks and rules for planning their execution
- Conducting compliance reports for data processing in traditional and IT systems
- Documenting DPO activities
- Preparation of inspection reports
- Rules for supervising personal data processing documentation
- Powers of the UODO in relation to DPOs
Practical information on inspections by the Office for Personal Data Protection
- Requirements for auditees
- How to prepare for an inspection
- Case study
Hands-on activities
- Developing an exemplary Information Security Policy
- Developing management instructions
- Developing a Register of Processing Activities
- Preparing the so-called 'Small Personal Data Protection Documentation'
- Case study
- Common errors in documentation preparation
Additional materials for course participants:
Useful forms and templates:
- Consent to use and disseminate image
- Event newsletter entry
- Consent to receive an offer
- Sending offer emails
- Sending general emails
- Example personal data protection policy
- Template for preparing information obligations in accordance with GDPR, including instructions
- Risk analysis template
- Register of personal data processing activities – template
- Register of categories of processing activities – template
- GDPR Breach Register – Template
- GDPR Compliance Checklist Template
- Instructions for handling personal data protection regulation breaches
- Data Protection Breach Report Template
- Register of security incidents and corrective/preventive actions
- Register of corrigenda
- Register of restorations
- Model corrigendum
- Restoration pattern
- Model Objection
- Model contract excluding further processing of personal data
- Sample consents for competitions, marketing, and publications
- Obligation to provide information regarding ferry crossings
- Obligation to provide information on meeting monitoring
- Obligation to provide information on recruitment
- Obligation to provide information to the National Revenue Administration
- Information obligation of the LES
- Public Procurement Law (UCoC) information obligation
- Information obligation: Labour Code
- Tax information obligation
- Authorization to process personal data for employees: a template with an example
- Notification of breach to data subjects – template
- Personal Data Processing Agreement for the Controller – template
- Personal Data Processing Agreement for the Processor
- And many more
Requirements
Audience
- Individuals beginning their work as Data Protection Officers
- Individuals appointed to this role in the future
21 Hours
Testimonials (1)
The variety of the information shared and the clarity to explain terms in plain English.
