Create and manage training courses using our comprehensive and flexible Learning Management System (LMS).
Get complete visibility of your colleagues’ data protection awareness. Create and manage training courses using our comprehensive and flexible Learning Management System (LMS). Select from a library of online training material and assign training to employees to ensure they are fully trained up.
Certain modules are localised in English, German, Polish, Swedish, Spanish, Russian and Dutch, as well as having Internationalised and US localised versions.
This on-demand training course with our Chief Privacy Officer, Hugh Jones will provide registrants with the basic overview of General Data Protection Regulation (GDPR) and outline pragmatic suggestions on organisational, technological and procedural solutions to achieve compliance with this Regulation. You can Access the primer by clicking here.
Module 1 - Overview: We will give you an overview of why data protection laws are needed in today’s world. We’ll then outline the purpose of the General Data Protection Regulation, and cover a timeline for its introduction throughout the European Union. The General Data Protection Regulation, or GDPR, makes law the fundamental right of every living person to control their personal information, and have it adequately protected by any group processing and holding it.
Module 2 - GDPR Principles: We’ll take a closer look at the regulation's underlining principles of lawfulness and accountability.
Module 3 - Data Subject Rights: In this module, we’ll take a closer look at your guaranteed rights as a staff member and private citizen under the GDPR. These include, the right to be informed, the right of access, right to rectification, right to erasure, right to restrict processing, right to data portability and the right to object.
Module 4 - Responsibilities: The final module we will be going through some precautions you can take to help keep your personal data safe while at work. We’ll then finish with a brief overview on how to report a data breach. You can also check out a webinar we did on "Management Of A Data Breach Under The GDPR" by clicking here.
The CCPA was passed in June 2018 by California legislators and has gone into effect since January 1, 2020. However, an amendment has been passed, introducing a 6-month enforcement grace period to July 1, 2020. This means that the Attorney General of California can't start enforcement actions until July of 2020.
CCPA is often called "California's Mini-GDPR". However, there are distinct differences between the two legislations.
CCPA is considered to be the most exhaustive privacy law in the USA. It provides California residents specific enumerated rights and it has far-reaching national and global implications for businesses.
This course will explain CCPA in layman's terms, helping you prepare your business to comply with the law. This course can be taken by anyone with any level of privacy knowledge or experience.
Module 1 - Introduction to Cyber Security: In this module we will learn why cyber security is such an important topic in today’s workplace, and how you could be a target for hackers. Cyber security can seem overwhelming to many. When you hear statistics that thousands of new types of malicious software are reported each year, it is not hard to imagine the impact a virus or computer compromise can have on our networks and the information contained within those systems.
Module 2 - Introduction to Malware: In this module, we’ll cover the different types of malware, and how they can affect your computer, devices and workplace. Malicious software, or Malware for short, is any software used to disrupt computer or mobile operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.
Module 3 - Internet Acceptable Use: In this module we’ll cover examples of policies your employer is likely to have on using the internet at work, performing tasks online, and sending and receiving emails. We’ll then look at some precautions you can take to the avoid becoming the target for a breach via email. An Internet Acceptable Use policy tells you how you may use the company’s Internet facilities, it outlines your personal responsibilities and informs what you must and must not do.
Module 4 - Information Security: In this module, we will examine the rules for storing and classifying data. As with email and internet usage, maintaining an awareness of these procedures will be critical to you helping your organisation to protect itself against leaks. Information can take many forms, including: Hard copy data held on paper, Data stored electronically in computer systems, also known as Data at Rest and Data stored using electronic media such as USB drives, disks and tapes, otherwise known as Data in Use.
Module 5 - Device Security: In this module we will now cover guidelines for keeping your mobiles, tablets, laptops and home networks safe from malware and breaches. We’ll then briefly take a look at social engineering, and learn what tell tale signs to watch out for at work and on social media.
Module 6 - Legislation and Regulation: In this module we’ll take an overview of the UK’s Data Protection Act, and the EU’S General Data Protection Regulation. Both sets of legal requirements are the guiding lights on what information should be protected at all times from insider leaks and cyber attacks.
Module 1 - Awareness: In this module we’ll learn how to ensure that key decision makers in your organisation are aware of what GDPR entails, and can appreciate its impact on the business.
Module 2 - Information you Hold: In this module we’ll learn how to assess what information you hold and what your record keeping requirements are.
Module 3 - Communicating Privacy Information: In this module, we’ll learn how to communicate privacy information to data subjects. In order to do this effectively, you’ll need to first assess the type of data you collect, identify when you’ll need to communicate privacy matters, and identify what kind of information needs to be provided.
Module 4 - Individual Rights: In this module, we’ll learn more about: The key rights individuals have in relation to their data and what your organisation needs to do to guarantee these rights.
Module 5 - Subject Access Requests: In this module, we’re now going to learn about how to deal with subject access requests. From explaining the requirements for a valid SAR, through to handling third party personal data, we’ll be looking at some practical ideas your organisation can put in place to deal with these requests quickly and efficiently. You can also check out a webinar we did on "Automate DSARs Through Intuitive Technology" by clicking here.
Module 6 - Lawfulness: In this module, we’ll learn how to apply the principle of lawfulness to processing personal data. This module is most applicable to data controllers rather than processors. However, bear in mind that most if not all processors will also be controllers in some circumstances, such as over their own employees' data and business contacts.
Module 7 - Consent: In this module, we’ll learn how to obtain consent from individuals for processing standard, high risk and sensitive personal data. After covering the key elements that must be in place, we’ll move on to discussing consent in more specific contexts.
Module 8 - GDPR & Children: In this module, we’ll cover GDPR’s special considerations for children and discuss some practical compliance issues.
Module 9 - What is a Data Breach? In this module, we’ll begin by explaining what a data breach is. We’ll then cover GDPR’s obligations and duties on data breaches. This will be followed by learning how to assess the risks involved in data breaches and develop policies and procedures for managing them. You can also check out a webinar we did on "Management Of A Data Breach Under The GDPR" by clicking here.
Module 10 - Data Protection by Design and Default: In this module, we’ll first cover the key principles that underpin 'data protection by design and by default'. We’ll then describe the circumstances in which a Data Protection Impact Assessment, or DPIA might be needed. To finish, we’ll learn how to carry out and submit a DPIA. You can also check out a webinar we did on "Completing A Data Protection Impact Assessment (DPIA)" by clicking here.
Module 11 - The Data Protection Officer: In this module, we’ll learn all about the Data Protection Officer, or DPO. After covering their role in detail, we’ll cover the factors that will help you decide whether your organisation needs to appoint one. You can also check out a webinar we did on "Why A DPO-As-A-Service Can Be The Best Option For Many Companies" by clicking here.
Module 12 - Cross Border Processing: In the final module, we’ll learn how to navigate situations where you process data in more than one EEA Member State. We’ll also explain the rules on transfers of personal data outside of the EEA, which are broadly the same as under the current regime.
PrivacyEngine™ Learning Management System (LMS) can help you ensure your employees are fully trained up.