Course Title: Data Protection & Privacy Training  

Course Overview.

Data privacy has a significant overlap with information security. Importantly, information security is a prerequisite for privacy. Furthermore, many organizational techniques from information security are applicable to maintaining data privacy. However, data privacy also differs from information security in significant ways. This hands-on course will endeavor to critically look at data protection, privacy regulations and data processing  

Learning Contents

Introduction to data protection and privacy regulations ü Data protection.

• Privacy regulations.
• Common data protection regulations and acts. ü Key data-processing concepts.
• How Microsoft helps support data protection and privacy.

Importance of Data Protection ü Trust ü Reputation ü Legal compliance ü Contractual compliance

Collecting personal data ü Lawful basis ü Consent

Processing personal Data ü Data quality ü Limited access ü Purpose specification ü Data retention Individual Rights ü Notice & Transparency ü Access and correction ü Rights to Erasure

The Role of a Data Protection Officer ü Working with Personal Data ü Processing Personal Data ü The Rights of the Subject ü Encountering Challenges

Data protection vs. data privacy ü Who can collect data. ü Who can access data. ü What an organization can do with the data they have collected. ü How long data may be retained by an organization.

• The level of control an individual has on their data.

Technical Aspects ü Technical aspects of data protection ü Cloud computing ü Profiling technologies ü Privacy by design ü Security protocols ü Data protection impact assessment

The Legal Requirements ü The legal basis of data protection ü The role of Data Processors and Controllers ü Personal data and data subjects ü Special categories of personal data ü Exceptions and derogations ü Data security

• Data protection by design and default ü Accountability and governance Behavioral Factors ü Potential data security risks for an organization related to employee behavior ü Organizational culture and security ü Improving organizational behavior ü Authentication of system users ü Social media security risks ü Human error ü Compliance, obedience and human motivation

Way forward After the Training

Participants will develop a work plan through the help of facilitators that stipulates application of skills acquired in improving their organizations. ASPM will monitor implementation progress after the training.

Training Evaluation:

Participants will undertake a simple assessment before the training to gauge knowledge and skills and another assessment will be done after the training in-order to demonstrate knowledge gained through the training.