Why you should take this training?
The training course is designed to provide practical knowledge in the field of personal data protection, present methods for implementing, maintaining and continuously improving the latter and to get participants to know the latest amendment changes effective from May 201 Moreover, participation involves the following:
- Streamlining the implementation of personal data protection rules in the organisation.
- Presenting the rules of personal data protection and processing thereof according to the GDPR (European Data Protection Regulation).
- Presenting the documents necessary to implement the personal data protection policy in the organisation.
Who is it for?
- Management and executive staff.
- Employees of personnel and payroll and HR departments.
- Data protection officers and IT administrators as well as those preparing to take on such posts.
Agenda of the training:
I. Sources of threats to personal data resources:
II. Provisions regarding the protection of personal data:
- Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR).
- The Personal Data Protection Act of 10 May 2018 – overview
III. Basic concepts of personal data protection:
- Personal data
- Persons authorised to process personal data
- Data recipient
- Data processing
- Personal Data Controller
- Data Protection Officer
- Consent to processing of personal data
- Removal of personal data
- Pseudonymisation and anonymisation.
- Data profiling.
IV. Main obligations of the institution as data controller:
- Recording of personal data processing activities.
- Reporting instances of personal data protection violation to a supervisory body.
- Personal data protection impact assessment.
- Risk estimation.
V. Rules of personal data processing:
- Lawfulness of personal data processing
- Information obligation towards the data subject
- Special restrictions governing the processing of “sensitive” data
- Special diligence in data processing
- Sharing personal data with other entities
- Securing the rights of the data subject
- Restrictions on transfer of personal data to a third country
- Entrusting the processing of personal data to an external company (outsourcing).
VI. Methods and forms of securing personal data:
- Definition of information security
- Obligations of Personal Data Controller
- Formal and organisational requirements
- Technical requirements
VII. Liability for violating data protection provisions:
- Penal Code
- Offences against information protection
- Offences against the credibility of documents
- Labour Code
- Unfair Competition Act
VIII. Supervising personal data protection:
- Office for the Protection of Personal Data
- Main tasks of the Office
- Rights of the Office
- Mode of inspection proceedings