Cursos disponibles

Nombre del curso: Data Protection training for controllers

Número de horas: 25 Horas || Código del curso: 3016

Objetivo del curso:

In companies and entities in which personal data are processed, it is advisable and sometimes necessary to have a person in charge of coordinating the actions aimed at complying with the regulations on personal data protection. These are usually the contact persons in the relationship with the data protection consultants or with the data protection officer. In this sense, the purpose of this training is to provide the basic knowledge that this type of professional profile must have, regardless of the job position he/she normally performs. Usually, it is the person responsible for HR, legal or quality department, also sometimes the IT staff or the administration department. The knowledge acquired in this course offers those responsible for data protection in organizations the tools to achieve an optimum level of regulatory compliance.

Índice:

INTRODUCTION CHAPTER 1. CONCEPTS CHAPTER 2. THE SUPERVISORY AUTHORITY IN SPAIN CHAPTER 3. SCOPE OF APPLICATION 3.1 GDPR 3.1.1 Material scope of application 3.1.2 Territorial scope of application 3.2 L.O.P.D.G.D.D CHAPTER 4. DATA PROCESSING 4.1 Lawfulness of processing. 4.2 Data Categories. 4.3 Special categories of data in the LOPDGDD 4.4 Consent of minors. CHAPTER 5. PRINCIPLES RELATING TO PROCESSING CHAPTER 6. DATA SUBJECT CONSENT CHAPTER 7. LAWFUL BASIS 7.1 Lawful Basis for Processing Data 7.2 Lawful Basis for Processing Special Categories Of Data CHAPTER 8. RIGHT TO BE INFORMED CHAPTER 9. PROCESSORS 9.1 Parties involved in the protection of personal data. 9.2 Processor. 9.3 Sub-processors. CHAPTER 10. ADVERTISING EXCLUSION SYSTEMS CHAPTER 11. RECORDING OF PROCESSING ACTIVITIES CHAPTER 12. THE DATA PROTECTION OFFICER (DPO) 12.1 What is a data protection officer? 12.2 When should a Data Protection Officer be appointed? 12.3 Tasks of the DPO. 12.4 Communication of the appointment of the DPO. 12.5 Intervention of the DPO concerning complaints CHAPTER 13. RISK ANALYSIS 13.1 What is a risk analysis? 13.2 Applicable regulations to the risk analysis GDPR. 13.3 Content of the Risk Analysis. CHAPTER 14. DATA PROTECTION IMPACT ASSESSMENT (DPIA) 14.1 Definition. 14.2 Mandatory nature. 14.3 Content. CHAPTER 15. SECURITY OF PROCESSING 15.1 Risk management 15.2 Technical GDPR security measures. 15.3 Organizational security measures according to the GDPR 15.4 Training and Awareness 15.5 Recommendations on security measures CHAPTER 16. SECURITY BREACHES/VIOLATIONS 16.1 Definition. 16.2 Duty of notification and communication. 16.3 Content of notifications and communications. CHAPTER 17. DATA SUBJECTS’ RIGHTS 17.1 Right of access. 17.1 Right to rectification. 17.3 Right to erasure (right to be forgotten). 17.4 Right to limit the use of the information. 17.4 Right to restriction of processing. 17.5 Right to data portability. 17.6 Right to object. 17.7 Right not to be subject to a decision based solely on automated processing. CHAPTER 18. ROUTINE PROCESSING. 18.1 Clients 18.2 Labor relations and personnel selection. 18.3 Video surveillance. 18.4 Web CHAPTER 19. DIGITAL RIGHTS 19.1 Right to Internet neutrality. 19.2 Right to universal access to the Internet. 19.3 Right to digital security. 19.4 Right to digital education. 19.5 Protection of minors on the Internet. 19.6 Right of rectification on the Internet. 19.7 Right to update information in digital media. 19.8 Right to privacy and the use of digital devices in the workplace. 19.9 Right to Disconnect. 19.10 Right to privacy with respect to the use of video surveillance and sound recording devices in the workplace. 19.11 Right to privacy in the use of geolocation systems in the workplace. 19.12 Digital rights in collective bargaining. 19.13 Data protection of minors on the Internet. 19.14 Right to be Forgotten 19.14.1 In Internet searches. 19.14.2 In social networking services and equivalent services. 19.14.2.1 Data provided by the data subject himself/herself. 19.14.2.2 Data provided by a third party. 19.14.2.3 Data provided by minors. 19.15 Right to portability in social networking services and equivalent services. 19.17 Right to a digital will. 19.17.1 Access to content 19.17.2 Decisions on contents. CHAPTER 20. INTERNATIONAL TRANSFERS 20.1 Transfers based on an adequacy decision. 20.2 Through the provision of appropriate guarantees. 20.3 Adoption of binding corporate rules or BCRs. 20.4 Authorization by the data protection authority. 20.5 Exceptions for specific situations. CHAPTER 21. SANCTIONING REGIME 21.1 Most common types of infringement under the GDPR. 21.2 Types of penalties under the GDPR and the LOPDGDD according to the infringement. 21.3 Most common causes of non-compliance with the LOPDGDD/RGPD.