GDPR: Data Protection Officer

OBJECTIVES:

The EU Regulation 2016/679, approved by the EU Parliament on April 14, 2016, entered into force on May 25, 2016 and will be applicable starting May 25, 2018. The legislation guarantees a uniform level of protection of people in the European Union with regard to to the processing of personal data and to prevent disparities that may hinder their free movement in the internal market. In order to guarantee what is defined in the current legislation, it is necessary that the professional figures, who play an active role in data processing, are trained. The course analyzes the GDPR, General Data Protection Regulation UE 2016/679, the new European Regulation on the processing of personal data, the management of Video surveillance and Geolocation, providing a structured overview of the new legal requirements and implications for organizations. Identifies and investigates the role of the Manager and Data Controller.

RECIPIENTS

The course is intended exclusively for internal data protection officers (employees).

CONTENTS

1. Principles, rights and actors of privacy

• Introduction to privacy - The rights of the interested party
• The owner and manager of the treatment
• Data protection officer and codes of conduct

2. Security measures and penalties

• Personal data security and impact assessment
• Transfers of personal data
• The supervisory authorities
• The European Data Protection Board
• Remedies, liability and penalties

3. GDPR: actors and rights

• The roles in the GDPR
• The rights of the interested party, the information and the consent and the penalties

4. Hints of IT

• Computer hardware, software and architecture
• Binary notation and memory usage
• Devices and information coding
• Networks and the Internet
• Services and applications
• Communication channels and network topology
• Network protocols
• Network architecture and IP addresses
• Main applications and types of telecommunication network

5. Security and IT piracy

• The stages of a hacker attack
• The main vulnerabilities on the web

6. Analysis of the data processed and risk assessment

• The quality of the data
• Risk assessment
• Attribution of responsibility for data processing
• Data breach

7. Management of Video Surveillance and Geolocation

• Video surveillance
• Video surveillance: obligations for employees and constraints for the company
• Information and documentation to the Territorial Labor Directorate

8. Management of personal data in the health sector

• Introduction
• GDPR and health data: how to treat them?
• The treatment of clinical data and new patient rights
• Health dossier and Electronic Health Record
• Telemedicine
• Impacts of the GDPR

EXERCISE

 

Produced by: Piazza Copernico – Conformity