Data Protection & Privacy Training
Data privacy has a significant overlap with information security. Importantly, information security is a
prerequisite for privacy. Furthermore, many organizational techniques from information security are applicable to maintaining data privacy. However, data privacy also differs from information security in significant ways.
This hands-on course will endeavor to critically look at data protection, privacy regulations and data processing Learning Contents
Introduction to data protection and privacy regulations
ü Data protection.
ü Privacy regulations.
ü Common data protection regulations and acts.
ü Key data-processing concepts.
ü How Microsoft helps support data protection and privacy.
Importance of Data Protection
ü Trust
ü Reputation
ü Legal compliance
ü Contractual compliance
Collecting personal data
ü Lawful basis
ü Consent
Processing personal Data
ü Data quality
ü Limited access
ü Purpose specification
ü Data retention
Individual Rights
ü Notice & Transparency
ü Access and correction
ü Rights to Erasure
The Role of a Data Protection Officer
ü Working with Personal Data
ü Processing Personal Data
ü The Rights of the Subject
ü Encountering Challenges
Data protection vs. data privacy
ü Who can collect data.
ü Who can access data.
ü What an organization can do with the data they have collected.
ü How long data may be retained by an organization.
ü The level of control an individual has on their data.
Technical Aspects
ü Technical aspects of data protection
ü Cloud computing
ü Profiling technologies
ü Privacy by design
ü Security protocols
ü Data protection impact assessment
The Legal Requirements
ü The legal basis of data protection
ü The role of Data Processors and Controllers
ü Personal data and data subjects
ü Special categories of personal data
ü Exceptions and derogations
ü Data security
ü Data protection by design and default
ü Accountability and governance
Behavioral Factors
ü Potential data security risks for an organization related to employee behavior
ü Organizational culture and security
ü Improving organizational behavior
ü Authentication of system users
ü Social media security risks
ü Human error
ü Compliance, obedience and human motivation
Way forward After the Training
Participants will develop a work plan through the help of facilitators that stipulates application of skills
acquired in improving their organizations. ASPM will monitor implementation progress after the training.
Training Evaluation:
Participants will undertake a simple assessment before the training to gauge knowledge and skills and another
assessment will be done after the training in-order to demonstrate knowledge gained through the training.