GDPR Data Privacy Professional

GDPR DPP is the only GDPR course in CIS region delivered by certified information privacy professional and manager (CIPP/E, CIPM).
from 1 October to 4 October2019
09:00-16:00
70 000
RUB
63 000
RUB
Early bird price (until 17 September)
Moscow / Russia
109028 Bolshoy Trekhsvyatitelskiy Pereulok, 3
Higher School of Economics

Description

EU General Data Protection Regulation entered into force on the 25th May, 2018. Through the Regulation European Union turns to new rules of dealing with personal data. The Regulation concerns any processing of perosnal data including collection, storage, consultation, transfer (art. 4 GDPR).

Outside the EU (in Belarus, Ukraine, Russia etc.) following organizations, working with personal data of people based in EU, shall comply with the new regulation GDPR:

  • Apps and cloud solutions;
  • Outsourcing companies in IT;
  • E-shops;
  • Social networks;
  • Banks;
  • Medical and pharmaceutical companies;
  • Event agencies.
More
Hide

After the course you will be able to answer the following questions

privacy student
What is privacy?
How to define personal data under the GDPR?
privacy student
privacy student
What legal ground is necessary for collection of personal data and how long you can store it?
Who, how and when should be designated as Data Protection Officer?
privacy student
privacy student
How is risk assessment (DPIA) carried out?
What shall you write in your Privacy policy?
privacy student
privacy student
What should you do in case of data breaches?

Trainer

Co-Founder & CEO of Data Privacy Office LLC. Data Protection Trainer and Principal Consultant
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM). Siarhei has been working with GDPR from 2015 (draft version) in Munich and defended his MBA thesis about Regulation in Bremen in 2016

Siarhei delivered hundreds of consultations on GDPR issues to companies around the world. He helped to implement the GDPR program as an external project manager in over 50 companies.

Program

Click on"" to see details.

PRIVACY
The definition of privacy, information privacy and data protection. Types of information privacy
History of data privacy
Taxonomy of privacy by Daniel Solove
Social role of data privacy
Data protection law evolution overview
LAW
Data protection law acts, standards and regulations which are in force
Data privacy cases, precedents, guidelines
The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data №108
EU Directive 96/46
OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
EU members data protection law overview
GDPR
EU current data protection regulatory framework (GDPR+) overview
EU GDPR history
GDPR territorial and material scope
GDPR text structure (recitals, business related articles ect.)
GDPR related acts overview
Cases and precedents
Article 29 Working Group (Art29WP) and European Data Protection Board (EDPB) guidelines and opinions
National supervisory authorities (SAs) guidelines
Mapping of the Belarusian, Ukrainian and Russian data protection laws to the rules applicable in EU
Overview of risks, fines, responsibilities related to personal data processing
CONCEPT OF PERSONAL DATA
The concepts of personal data (PD), identifier, data subject
Biometric data
Formula of Persomal Data "(id-x)+info"
Cases of (non-)personal data
DATA PROCESSING. DATA CONTROLLERS AND PROCESSORS
Data processing and types of processing.
Profiling
Personal data anonymisation and pseudonymisation
Processing of special categories of personal data
Processing of children data
Data controller, joint controllers or separate controllers
Data processor
Responsibilities distribution between data controllers and processors
GDPR PRINCIPLES
Lawfulness and fairness of processing
Transparency of processing
Purpose limitation
Data minimisation
Storage limitation
Data accuracy
Integrity and confidentiality
Accountability
LAWFUL BASIS FOR PROCESSING
Review of six lawful bases for processing
Consent
Conditions for consent
Getting consent in UX
Contract
Legal obligation
Vital interest
Public interest
Legitimate interest
Balancing test of Legitimate Interest Assessment (LIA)
DATA SUBJECT RIGHTS
Modalities for exercise of the rights of the data subject
Right to access personal data
Right to rectification
Right to restriction of processing
Right to be forgotten (right to erasure)
Right to data portability
Right to object
Right to not be subject of automated decision-making
Data subject rights restriction
Nightmare letter from data subject case
DPIA AND PRIVACY RISK MANAGEMENT
Check-box approach vs risk based approach
Concept of risk
Risk likelihood and severity
GDPR terminology related to risks (high risk, likely etc.)
Data Protection Impact Assessment (DPIA) requirements
When you need DPIA
BIA (Business Impact Assessment) or SIA (Security Impact Assessment) as triggers for DPIA
Describing processing operations, personal data and supporting assets
Legal and risk-treatment controls
Risk sources, feared events, threats and risks
DPIA tools
INFORMATION SECURITY
GDPR requirements
Data breach notification of supervisory authorities and data subjects
Technical and organisational measures of managing information security risks
TRANS-BORDER TRANSFERS OF PERSONAL DATA
GDPR data transfers rules overview
Data transfers documenting
Data Processing Agreement (DPA)
Binding Corporate Rules (BCR)
Standard Contractual Clauses (SCC)
Codes of conduct and certifications
Data transfers derogations for specific situations
PRIVACY BY DESIGN
"Privacy by Design. The 7 foundational principles" by Ann Cavoukian review
Privacy by Default
Embeded Privacy
Full functionality - positive-sum
End-to-End Security - Lifecycle Protection
Data Protection Officer (DPO) and EU representative
Representative in EU
Data Protection Officer

Training format

4 full training days lasting 8 academic hours
Combination of theory and real cases
Every day tests with following discussion

Video-examples

Pricing

Standard fee:
70 000 RUB *
Early bird:
63 000 RUB *
Save money today!
*Minus VAT.

You will get a 50€ guaranteed voucher!

which you can sum up with early bird discount for the Strategic Privacy by Design Workshop!

We would like to offer you this great opportunity to realize the full benefits from our partnership and increase knowledge in privacy. You can use this guaranteed voucher for the Strategic Privacy by Design Workshop by R. Jason Cronk!

Certificate on completion

Certificate in English recognizable in CIS. Attachment to certificate include the course program. Training is an organizational measure, and is a duty reflected in the General Data Protection Regulation, Articles 24, 25, 28, 32, and 39.

One more gift!

DPO Club - сообщество профессионалов в области защиты персональных данных

DPO Club membership

In case of successful completion of the course, you can join the DPO Club, a closed information privacy professionals community. General online meetings takes place every month. You can share your own experience and discuss the latest trends with other members at these meetings. There are more than 150 club members now. Our numbers grow stronger by the day!

Venue
109028, Russia, Moscow, Bolshoy Trekhsvyatitelskiy Pereulok, 3
Any questions?

Feedback

Apply

Sign up