GDPR: Manager and Owner of the processing of personal data

OBJECTIVES:

The EU Regulation 2016/679, approved by the EU Parliament on April 14, 2016, entered into force on May 25, 2016 and will be applicable starting May 25, 2018. The legislation guarantees a uniform level of protection of people in the European Union with regard to to the processing of personal data and to prevent disparities that may hinder their free movement in the internal market. In order to guarantee what is defined in the current legislation, it is necessary that the professional figures, who play an active role in data processing, are trained.
The course analyzes the GDPR, General Data Protection Regulation UE 2016/679, the new European Regulation on the processing of personal data, providing a structured overview of the new legal requirements and implications for organizations. Identifies and investigates the role of the Manager and Data Controller.

 

RECIPIENTS

The course is aimed at all staff from public and private companies involved in data processing.
In particular, it is recommended for:

• Data Protection Officers
• IT or Information Management System Managers
• Internal auditors, risk managers and consultants
• Human Resources Directors and Personnel Managers
• Personnel Administration Managers and Officers
• Compliance Managers - Legal Department Managers

Addressed to:

• Data Controllers / Data Processors

 

CONTENTS

Privacy principles, rights and actors

• Introduction to privacy - The rights of the interested party
• The owner and manager of the treatment
• Data protection officer and codes of conduct

Security measures and penalties

• Personal data security and impact assessment
• Transfers of personal data
• The supervisory authorities
• The European Data Protection Board
• Remedies, liability and penalties

The stages of a hacker attack

• Define the scope of cyber security
• Describe the most common ways of a hacker attack
• Describe the footprint
• Describe the scan

The main vulnerabilities on the web

• Describe pw and software vulnerabilities
• Describe the vulnerability of public wi-fi
• Describe the information leak vulnerability
• Describe the hosting services vulnerability
• Describe the risks associated with configuring the devices
• Describe the risks associated with inadequate controls
• Describe the risks due to the lack of safety standards

GDPR: actors and rights

• The roles in the GDPR
• The rights of the interested party, the information and the consent and the penalties

Hints of Computer Science

• Computer hardware, software and architecture
• Binary notation and memory usage
• Devices and information coding
• Networks and the Internet
• Services and applications
• Communication channels and network topology
• Network protocols
• Network architecture and IP addresses
• Main applications and types of telecommunication network

EXERCISE

 

Produced by: Piazza Copernico
Content edited by: Tecnologia e Sicurezza