Join us for a free webinar on how technology is transforming logistics in the brewing industry.

Please note: This course will be delivered online.

Be confident that your organisation’s policies and procedures are legally compliant with data protection legislation by completing Ireland’s first certified data protection practitioner programme.

Individuals have been conferred with specific rights under GDPR. Known as rights of the data subject, these rights include an individual’s ability to establish the existence of all personal information held about him or her by an organisation as well as the right to make a copy of such information available on request. This is known as a Subject Access Request (SAR) procedure. GDPR introduces new SAR requirements which can prove costly for organizations if ignored.

GDPR comes with a requirement for organizations to take a risk based approach when processing personal data. This is particularly relevant where data processing can pose a high risk to the fundamental rights and freedoms of individuals. 

A risk based approach is defined as a process that facilitates the identification of privacy related risks and subsequently allows for development of strategies to mitigate the impact of such risks.

Data Breaches are an increasingly common occurrence in today’s technologically driven world. News of enterprise level data breaches continues to grace news headlines daily. 

GDPR imposes notification obligation on organizations, failure of which can incur sanctions as well as effective, proportionate and dissuasive fines. An organization may get over and eventually forget a data breach occurrence, those who have been affected by the breach do not.

Audits are used to identify any issues of concern about the way the organisation deals with personal data and to recommend solutions. 

Under GDPR, organisations now have an obligation to audit their data processing activities. A data controller or processor’s ability to conduct its own data protection audit is an invaluable skill to have when ensuring compliance obligation under GDPR.

GDPR comes packaged with requirements that encourage accountability and governance for the protection of personal data for organizations involved in the processing of such. 

Accountability is now an important and explicit requirement under GDPR. Simply put, accountability requires that organisations process personal data lawfully and accurately in a transparent manner. There must be one or more legitimate reasons why personal data is effectively processed and where appropriate, minimally retained. 

Please note: This course will commence online.

Data Protection by Design is an approach to system design which takes privacy into account throughout the whole service, product or systems design process. 

Protection of personal data should not be retrofitted or seen as an afterthought but instead be seen as integral to systems development. Before the first line of code is written, as a data controller you should ask the following question should be asked;

1. What does the use of personal data mean for the customer?

2. What risks will the use of personal data pose to the fundamental rights of individuals?

3. Are the necessary technological measures in place to safeguard processing of personal data?

With the rapid growth in data storage solutions, many organisations no longer see data retention as a high-cost item. 

The temptation to retain all things data is so strong and with greater access to technology due to reduced costs, perpetual retention of both manual and electronic data may be perceived as convenient and not necessarily expedient as it involves “a lot work”. 

But with this comes increased exposure to the risk of data loss, unauthorised access, and ultimately, reputational damage. Retaining data indefinitely without a legal basis or justification can constitute an infringement under GDPR can attract fines.