GDPR for non-EU based companies: The new privacy and security requirements

 990.00 excl. VAT

This course helps attendees understand the new regulatory obligations of the GDPR to effectively perform their GAP Analysis in order to meet those obligations.

Clear
Compare
SKU: N/A Category: Tags: ,

About the Course

The GDPR (General Data Protection Regulation) is applicable to non-EU companies that are offering goods or services to identified or identifiable EU natural persons (“data subjects”), organizations processing personal data of EU data subjects, or organizations that monitor the online behaviour of EU data subjects.
Non-EU companies that have no local presence in the EU are also in the scope of the GDPR legislation. This program helps attendees understand the new regulatory obligations of the GDPR to effectively perform their GAP Analysis in order to meet those obligations.

Target Audience

  • Managers and employees working at the strategic, tactical, and operational levels of risk management, compliance, information security and IT management.
  • Data protection and privacy managers, employees, auditors, and consultants.
  • Marketing managers and persons involved in profiling.
  • Controllers and processors.

Duration & Delivery

1 day (09:00-17:00)

Language:

English

Course Synopsis

Understanding the General Data Protection Regulation (GDPR)

1. An overview of the GDPR.
2. What is different now.

Understanding the new regulatory obligations

1. Important Articles of the GDPR
2. The increased importance of information security, international standards, and best practices
(Art 2, 4, 5, 9, 10, 25, 30, 32, 35, 40, 45, 47)
3. Privacy by design” and “privacy by default“(Art. 25 GDPR)
4. “Due regard to the state of the art“((78), (83), Art. 25, Art. 32 GDPR)

GAP Analysis

1. Performing a data privacy assessment for each department – understanding current business processes that create or use customer data.
2. Establishing what must be changed: Enterprise-wide privacy governance structure with clearly defined roles and responsibilities, privacy risks and controls, customer profiling, enterprise-wide personal data retention and destruction, handling customers’ personal data requests, privacy data breaches, data breach response, third parties and outsourcing, data across the borders, privacy training tailored to the employee’s roles and responsibilities.
3. Policies, Procedures, Communication, Enforcement. Everybody must understand the new obligations-the Board, the CEO, senior management, and all departments.

Case Studies

1. Non – EU organizations that offer goods or services to EU data subjects via their web site or an online shop
2. Non – EU organizations that process data in EU countries
3. Non – EU firms that collect data of EU data subjects’ behaviour for marketing purposes

Closing

The revised DPA – largely analogical rules and provisions with the GDPR

Additional information

Region

Germany

Location

Munich

Date

21 May 2019

Vendor Information

  • Store Name: Cyber Risk GmbH
  • Vendor: Christina Lekati
  • Address: Rebackerstrasse 7
    8810 Horgen
    Switzerland
  • No ratings found yet!

Amazic Knowledge

GDPR for non-EU based companies: The new privacy and security requirements

 990.00 excl. VAT

Add to Cart