Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Fundamental Principles of Personal Data Processing
- National and international legal sources.
- Scope of application for personal data protection laws.
- Powers of the data protection authority.
- Judicial protection of the right to personal data protection.
- GDPR essentials: key definitions and selected topics.
- Sector-specific GDPR provisions.
- Definition of personal data.
- Processing of personal data.
- Legal bases for processing personal data.
- Responsibilities of the Data Controller.
- Rights of data subjects.
- Administrative fines.
- Personal Data Protection Act of 10 May 2018 – regulatory scope.
- Appointing a Data Protection Officer.
- Procedures for violations of personal data protection laws.
- Monitoring compliance with personal data protection regulations.
- Civil, criminal, and administrative liability.
- Conditions for the lawful processing of personal data (standard and sensitive data).
- Legal requirements for outsourcing personal data processing to third parties.
- Data Protection Impact Assessment (DPIA).
- Data protection by design and by default.
- Legal bases for transferring personal data to third countries.
- Protecting personal data within employment relationships.
Appointment of a Data Protection Officer
- Mandatory appointment requirements.
- Optional appointment scenarios.
Eligibility for Data Protection Officer Role
- Qualifications required to serve as the officer.
- Employment arrangements for the officer.
Status of the Data Protection Officer
- Direct reporting lines to senior management.
- Ensuring adequate support for the officer.
- The officer's involvement in all matters related to personal data protection.
- Prohibition on issuing instructions regarding how duties should be performed.
- Preventing conflicts of interest within the organization.
- Prohibition on dismissal or penalizing the officer.
- The obligation to maintain confidentiality of tasks performed.
Information Security Management
- Reviewing the organization's security management system based on Polish standards.
- Identifying privacy risks and their legal consequences.
- Principles of risk assessment and evaluating the effectiveness of safety solutions.
- Applying a risk-based approach – practical completion of Risk Analysis templates.
- Managing the personal data lifecycle.
Executing Data Protection Officer (DPO) Duties
- Legal basis for DPO appointment.
- Who must appoint a DPO, when, and the method of appointment.
- DPO status and necessary qualifications.
- DPO responsibilities and planning protocols.
- Reporting on compliance with personal data protection provisions in traditional and IT systems.
- Documenting DPO activities.
- Preparing audit reports.
- Supervising the documentation of personal data processing.
- Powers of the Office for Personal Data Protection (UODO) regarding DPOs.
Practical Guidance on Inspections by the Office for Personal Data Protection
- Requirements for auditees.
- Preparation for inspections.
- Case study analysis.
Practical Exercises
- Developing an exemplary Information Security Policy.
- Drafting management instructions.
- Creating a Register of Processing Activities.
- Preparing essential personal data protection documentation.
- Case study exercises.
- Identifying common documentation errors.
Additional Materials for Participants:
Useful Forms and Templates:
- Consent for image use and dissemination.
- Event newsletter subscription form.
- Consent to receive offers.
- Offer email templates.
- General email templates.
- Example personal data protection policy.
- Template for information obligations under GDPR, including instructions.
- Risk analysis template.
- Register of personal data processing activities – template.
- Register of processing activity categories – template.
- GDPR Breach Register – Template.
- GDPR Compliance Checklist Template.
- Procedure for handling personal data protection breaches.
- Data Protection Breach Report Template.
- Register of security incidents and corrective/preventive actions.
- Register of corrigenda.
- Register of restorations.
- Model corrigendum.
- Restoration pattern template.
- Model objection form.
- Model contract for excluding further personal data processing.
- Sample consents for competitions, marketing, and publications.
- Information obligation for ferry crossings.
- Information obligation for meeting monitoring.
- Information obligation for recruitment.
- Information obligation for the National Revenue Administration.
- Information obligation for LES.
- Public Procurement Law (UCoC) information obligation.
- Information obligation under the Labour Code.
- Tax information obligation.
- Authorization template for employee personal data processing (with example).
- Notification of breach to data subjects – template.
- Personal Data Processing Agreement for the Controller – template.
- Personal Data Processing Agreement for the Processor.
- And many more.
Requirements
Target Audience
- Individuals who have recently begun serving as a Data Protection Officer.
- Professionals who are anticipated to be appointed to this position in the future.
21 Hours
Testimonials (1)
The variety of the information shared and the clarity to explain terms in plain English.
