Highlights
- International background to GDPR
- GDPR Scope GDPR Principles GDPR Definitions
- Lawful Bases of Processing
- Consent
- Children
- Special Categories of Data
- Transparency
- Rights of Data Subjects
- Controller and Processor
- Data Protection by Design and by Default
- Security of Processing
- International Transfers
- Supervisory Authorities
- Penalties
Course Details
We have designed, developed and validated this course with previous clients based outside the EU who expressed strong demands to bring their colleagues up-to-speed with GDPR and what it means from the perspectives of their own organisational activities. The core content on which this course is based comes from our proven GDPR for IT & Software
Professionals course which we have been running since before GDPR became EU law on 25th May 2018. While this course retains the same focus on practical advice for IT and software professionals, this course does not assume any previous understanding of the EU or what it is like to live and work in an EU country and provides delegates with additional content and support to understand what GDPR is, why it matters and how to approach GDPR from a non-EU perspective. This includes ensuring that delegates understand:
1. The global political, economic, social and technological background to GDPR from a non-EU starting perspective;
2. How GDPR affects Data Protection throughout the world, not only within the EU/EEA;
3. How non-EU organisations and individuals can determine what aspects of GDPR compliance are relevant;
4. Why GDPR restricts International Transfers of Personal Data outside the EU/EEA, except to countries which have an EU Adequacy decision;
5. The nature of the Data Subject rights which GDPR provides both to individuals living in the EU/EEA and to people living worldwide whose Personal Data is processed in the EU/EEA or on behalf on an EU/EEA country;
6. How different Lawful Bases of Processing affect the costs and complexity of IT systems and how to comply with GDPR more efficiently;
7. What transparency means and why it is valuable to organisations and individuals;
8. What “Data Protection by Design and by Default” means and how non-EU based organisations can do this without significant costs, risks or delays;
9. Why it is important for Data Controllers (whether based within the EU our outside the EU) to obtain written contractual GDPR compliance guarantees from Data Processors before Data Processing;
10. What “Records of Processing” are, why they’re needed and how to maintain them (if a non-EU organisation needs to do this);
11. What “Security of Processing” and “Technical and Organisational Measures” mean and how to implement them “taking into account the state of the art”;
12. How non-EU organisations which are in-scope for GDPR compliance can prepare for a “Data Breach” and minimise impacts;
13. What’s involved in performing a “Data Protection Impact Assessment” (DPIA) and how DPIAs can help with other aspects of GDPR compliance;
14. Who the GDPR regulators are, how they work together and how they work with regulators in non-EU countries;
15. How GDPR evolves through case law and regulatory decisions, including EU adequacy decisions which make International Transfers of personal data easier;
16. How non-EU organisations in scope for GDPR can proactively sustain GDPR compliance in the face of increasing security threats, technological changes and changes in society.
Note that this course can be delivered in different formats and in different time zones to meet the needs of delegates outside the EU. Our two most popular formats for this course are a two day format for smaller groups of up to 10 delegates in the same non-EU time zone
delivered via Zoom or MS Teams meetings. We can also provide this course to larger groups of up to 70 delegates as a series of one hour Webinars delivered using Zoom events, with a proven instruction team of trainer and training assistant to support delegates. Please ask if you need us to tailor a specific version of this course for your non-EU based team?
Who should attend
This course is suitable for anyone based outside the EU who needs to understand GDPR and what it means for them or their organisation. While no deep IT or Software knowledge is needed, the content is particularly suitable for delegates with background understanding of the types of IT systems and software generally used to process Personal Data.
Feedback
4.8 out of 5 average
"Our tailored course provided a well rounded introduction and also covered some intermediate level topics that we needed to know. Clive gave us some best practice ideas and tips to take away. Fast paced but the instructor never lost any of the delegates"
Brian Leek, Data Analyst, May 2022
“JBI did a great job of customizing their syllabus to suit our business needs and also bringing our team up to speed on the current best practices. Our teams varied widely in terms of experience and the Instructor handled this particularly well - very impressive”
Brian F, Team Lead, RBS, Data Analysis Course, 20 April 2022