Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Fundamental Principles of Personal Data Processing
- Sources of national and international legal frameworks.
- The scope of application of personal data protection laws.
- The authority's powers regarding data protection.
- Judicial protection of the right to personal data protection.
- GDPR - key information and definitions - selected issues.
- Sector-specific GDPR applications.
- Definition and scope of personal data.
- Processing of personal data.
- Legal bases for processing personal data.
- Responsibilities of the Data Controller.
- Rights of data subjects.
- Administrative fines.
- Personal Data Protection Act of 10 May 2018 – scope of regulations.
- Appointing a Data Protection Officer.
- Proceedings for infringement of personal data protection laws.
- Monitoring compliance with personal data protection regulations.
- Civil, criminal, and administrative liability.
- Conditions for the admissibility of processing personal data (ordinary and sensitive data).
- Legal requirements for entrusting data processing to other entities.
- Data Protection Impact Assessment (DPIA).
- Data protection by design and by default.
- Legal bases for transferring personal data to a third country.
- Protection of personal data within employment relations.
Appointment of a Data Protection Officer
- Mandatory appointment requirements.
- Optional appointment of an Inspector.
Eligibility to Serve as a Data Protection Officer
- Qualifications required to act as an Inspector.
- Forms of employment for the Inspector.
Status of the Data Protection Officer
- Direct reporting lines to top management.
- Ensuring support for the Supervisor.
- Involvement of the Inspector in all matters related to personal data protection.
- Prohibition of instructions regarding how duties are performed.
- Avoiding conflicts of interest within the organization - tasks of the Supervisor.
- Prohibition of dismissal and punishment of the Inspector.
- The Inspector's duty to maintain secrecy and confidentiality of performed tasks.
Information Security Management
- Discussion of the security management system in the organization, including Polish standards.
- Identification of privacy risks and their legal implications.
- Principles of risk assessment and evaluating the impact of specific solutions on safety management effectiveness.
- Understanding and applying a risk-based approach – practical completion of the Risk Analysis template.
- Personal Data Lifecycle Management.
Performing Data Protection Officer (DPO) Duties
- Legal basis for appointing the DPO.
- Who must appoint a DPO, when, and how it is done.
- DPO status and qualifications.
- DPO tasks and rules for planning their performance.
- Conducting reports on data processing compliance in traditional and IT systems.
- Documenting activities carried out by the DPO.
- Preparation of inspection reports.
- Rules for supervising personal data processing documentation.
- Scope of UODO's powers in relation to DPOs.
Practical Guidance on Inspections by the Office for Personal Data Protection
- Requirements for auditees.
- How to prepare for an inspection.
- Case study.
Practical Activities
- Development of an exemplary Information Security Policy.
- Development of management instructions.
- Development of a Register of Processing Activities.
- Preparation of basic personal data protection documentation.
- Case study.
- Common errors in documentation preparation.
Additional Materials for Course Participants:
Useful Forms and Templates:
- Consent to use and disseminate image.
- Event newsletter entry.
- Consent to receive an offer.
- Sending offer emails.
- Sending general emails.
- Example of a personal data protection policy.
- Template for preparing the information obligation under GDPR, including instructions.
- Risk analysis template.
- Register of personal data processing activities – template.
- Register of categories of processing activities – template.
- GDPR Breach Register – Template.
- GDPR Compliance Checklist Template.
- Instructions for handling breaches of personal data protection regulations.
- Data Protection Breach Report Template.
- Register of security incidents and corrective and preventive actions.
- Register of corrigenda.
- Register of restorations.
- Model corrigendum.
- Restoration pattern.
- Model Objection.
- Model contract excluding further processing of personal data.
- Sample consents for competitions, marketing, and publications.
- Information obligation for ferry crossings.
- Information obligation for meeting monitoring.
- Information obligation for recruitment.
- Information obligation for the National Revenue Administration.
- Information obligation of the LES.
- Public Procurement Law (UCoC) information obligation.
- Information obligation: Labour Code.
- Tax information obligation.
- Authorization to process personal data for employees: a template with an example.
- Notification of a breach to data subjects – template.
- Personal Data Processing Agreement for the Controller – template.
- Personal Data Processing Agreement for the Processor.
- And many more.
Requirements
Target Audience
- Individuals commencing their role as a Data Protection Officer.
- Professionals scheduled to be appointed to this position in the future.
21 Hours
Testimonials (1)
The variety of the information shared and the clarity to explain terms in plain English.
