Data Privacy and Protection

Objectivos

This course will cover not only founding principles behind the GDPR but also plant
new thinking and tools on how best to meet this challenge of adhering to the
requirements of the EU GDPR especially if tasked with the role of a DPO.
The programme will equip participants with the knowledge and practical skills
required for developing, implementing and proactively managing a successful GDPR
strategy for their own organisation.
At the end of the course, the learner will have acquired the following competencies
allowing him/her the responsibility and autonomy to:
. Present a GDPR privacy program approach/framework to the board.
. Articulate privacy risks in relation to other organisational risks, e.g. corporate,
IT, security, etc., to the board.
. Communicate with legal on GDPR compliance

Caracterização geral

Código

200182

Créditos

7.5

Professor responsável

Karen Öqvist

Horas

Semanais - A disponibilizar brevemente

Totais - A disponibilizar brevemente

Idioma de ensino

Português. No caso de existirem alunos de Erasmus, as aulas serão leccionadas em Inglês

Pré-requisitos

None.

Bibliografia

A HANDS-ON GUIDE TO GDPR COMPLIANCE: Putting the Theory into Practice.
Authors: Karen Lawrence Öqvist MBA MSc FIP CIPP/E CIPM CIPT and Filip Johnssén
LL.M FIP CIPP/E CIPM CIPT (publisher IAPP, in print)

Método de ensino

The five main teaching and learning methods used in the class will be:
1. lectures and related support material available online;
2. open discussion and debate in class;
3. group work in developing solutions to case problems (and presentations);
4. computer workshops with hands-on access to best-in-class digital tools;
Guest speakers from industry will also be invited to speak to the participants in class.
At the end of the course the participants will sit for a 2.5-hour online exam with
instant results. A pass is awarded if the participant obtains 70% correct answers,
overall in the three sections (covering the 3 modules) of the exam.
Participants who fail to pass the exam will have the possibility of a resit.

Método de avaliação

At the end of the course the participants will sit for a 2.5-hour online exam with
instant results. A pass is awarded if the participant obtains 70% correct answers,
overall in the three sections (covering the 3 modules) of the exam.
Participants who fail to pass the exam will have the possibility of a resit.

Conteúdo

1. Module 1 : Privacy & GDPR Foundations
1.1 Privacy is individual-centric!
1.2 Getting the basics of GDPR
2. Module 2 : Accountability and Privacy Risk
2.1 A Risk-based approach to privacy
2.2 Are you a Controller?
2.3 Are you a Processor?
2.4 There¿s been a breach!
2.5 Accountability
2.6 The role of the DPO
3. Module 3 : Getting the Privacy Program Right!
3.1 Data Protection by Design (DPbD) as a default
3.2 Get it right with the privacy program
3.3 GDPR as a change management vehicle
3.4 Achieving operational efficiencies through GDPR