Get in Touch

Course Outline

Core Principles of Personal Data Processing

  • Sources of national and international law.
  • The scope of application of personal data protection laws.
  • The jurisdiction and powers of data protection authorities.
  • Judicial remedies for the right to personal data protection.
  • GDPR - essential information and definitions - key issues.
  • Sector-specific GDPR provisions.
  • Definition of personal data.
  • Processing of personal data.
  • Legal grounds for processing personal data.
  • Responsibilities of the Data Controller.
  • Rights of data subjects.
  • Administrative fines.
  • Personal Data Protection Act of 10 May 2018 – scope of regulations.
  • Appointment of a Data Protection Officer.
  • Proceedings for infringement of personal data protection laws.
  • Monitoring compliance with personal data protection regulations.
  • Civil, criminal, and administrative liability.
  • Conditions for the admissibility of processing personal data (standard and sensitive data).
  • Legal requirements for entrusting the processing of personal data to third parties.
  • Data Protection Impact Assessment.
  • Data protection by design and by default.
  • Legal bases for transferring personal data to a third country.
  • Protection of personal data in employment contexts.

Appointment of a Data Protection Officer

  • Mandatory appointment of a Data Protection Officer.
  • Optional appointment of an internal auditor.

Eligibility for the Data Protection Officer Role

  • Qualifications required to act as an auditor.
  • Employment structure for the auditor.

Status and Independence of the Data Protection Officer

  • Direct reporting lines of the auditor to top management.
  • Ensuring adequate resources and support for the auditor.
  • Auditor participation in all matters related to personal data protection.
  • Prohibition of giving instructions to the auditor regarding how duties are performed.
  • Avoiding conflicts of interest within the organization – auditor tasks.
  • Prohibition of dismissal or punitive measures against the auditor.
  • The auditor's obligation to maintain confidentiality of their tasks.

Information Security Management

  • Discussion of the organizational security management system based on Polish and other relevant standards.
  • Identification of privacy risks and their legal implications.
  • Principles of risk assessment and evaluating the impact of specific solutions on safety management effectiveness.
  • Understanding and applying a risk-based approach – practical completion of the Risk Analysis template.
  • Personal Data Lifecycle Management.

Executing the Tasks of the Data Protection Officer (DPO)

  • Legal basis for the appointment of the DPO.
  • Who must appoint a DPO, when, and the procedure for appointment.
  • DPO status and required qualifications.
  • DPO tasks and rules for planning their execution.
  • Conducting reports on the compliance of data processing with personal data protection provisions in traditional and IT systems.
  • Documenting activities carried out by the DPO.
  • Preparation of inspection reports.
  • Rules for supervising the documentation of personal data processing.
  • Scope of UODO's powers regarding DPOs.

Practical Information on Inspections by the Office for Personal Data Protection

  • Requirements imposed on auditees.
  • Preparation strategies for inspections.
  • Case study analysis.

Hands-on Activities

  • Development of an exemplary Information Security Policy.
  • Drafting management instructions.
  • Development of a Register of Processing Activities.
  • Preparation of comprehensive personal data protection documentation.
  • Case study analysis.
  • Common errors in documentation preparation.

Additional Course Materials:

Useful Forms and Templates:

  • Consent to the use and dissemination of images.
  • Event newsletter subscription consent.
  • Consent to receive a commercial offer.
  • Template for sending offer emails.
  • Template for sending general emails.
  • Example of a personal data protection policy.
  • Template for preparing the information obligation under GDPR, including instructions.
  • Risk analysis template.
  • Register of personal data processing activities – template.
  • Register of categories of processing activities – template.
  • GDPR Breach Register – Template.
  • GDPR Compliance Checklist Template.
  • Instructions for handling personal data protection breaches.
  • Data Protection Breach Report Template.
  • Register of security incidents and corrective/preventive actions.
  • Register of corrections (corrigenda).
  • Register of data restorations.
  • Model corrigendum.
  • Data restoration pattern.
  • Model objection form.
  • Model contract excluding further processing of personal data.
  • Sample consents for competitions, marketing, and publications.
  • Information obligation for ferry crossings.
  • Information obligation for meeting monitoring.
  • Information obligation regarding recruitment.
  • Information obligation for the National Revenue Administration.
  • Information obligation for the LES.
  • Public Procurement Law (UCoC) information obligation.
  • Information obligation: Labour Code.
  • Tax information obligation.
  • Authorization to process personal data for employees: template with example.
  • Notification of a breach to data subjects – template.
  • Personal Data Processing Agreement for the Controller – template.
  • Personal Data Processing Agreement for the Processor.
  • And many more resources.

Requirements

Target Audience

  • Individuals commencing their role as a Data Protection Officer.
  • Individuals who are slated for appointment to this position in the near future.
 21 Hours

Custom Corporate Training

Training solutions designed exclusively for businesses.

  • Customized Content: We adapt the syllabus and practical exercises to the real goals and needs of your project.
  • Flexible Schedule: Dates and times adapted to your team's agenda.
  • Format: Online (live), In-company (at your offices), or Hybrid.
Investment

Price per private group, online live training, starting from 4800 € + VAT*

Contact us for an exact quote and to hear our latest promotions

Testimonials (1)

Provisional Upcoming Courses (Contact Us For More Information)

Related Categories