GDPR Data Privacy Manager

Intensive data protection course

Intensive course GDPR DPM (Data Privacy Manager). How to implement GDPR in practice and organize the work of the project team.

Do you know these problems?

You took the DPP course, but you are afraid to act, because you think that you still don't know something or don't know how.

Some steps have already been taken to implement the GDPR, but the work hasn't been completed and the enthusiasm has disappeared.

You are aware that you are violating the rules for personal data protection, but you don't have enough time and human resources, power and support of management.

You are concerned about the release of ISO 27701 and realize that soon your competitors may have a certification that you don't have.

BENEFITS OF GDPR DPM

After training:

You will learn to apply the knowledge gained in the GDPR DPP course with confidence.

The DPM course will help you master practical tools or remember the tools you already have. You will start using the same frameworks and tools (Nymity accountability framework) that we use in working with our corporate clients to bring their organizations into compliance.

You will be one of the first to understand ISO27701 and be able to meet the requirements of this standard.

We took the content from ISO27701 and moved it to the effective working tools that are available in Nymity. This is why you will get our unique two-in-one model for the first time in the DPM course: learn the standard and get working tools to implement it.

You will feel more confident and inspired to complete the process.

You will learn how to create a plan and matrix of responsibilities, and evaluate resources for their implementation. Management will take you more seriously if you come with more than just an idea, but have a well-developed plan and are ready to take leadership and responsibility for its implementation.

For whom?

For employees of the company who are responsible for organizing the protection of personal data, in particular, for:

DPOs (Data Protection Officers).
Head of information security, legal or compliance departments.
Line and project managers.

GET STARTED NOW

Our advantage

We provide a complete Roadmap

Our company doesn't just offer separate GDPR services, but provides a complete Roadmap (implementation roadmap) and guides companies through all steps of implementing GDPR requirements.

Theory + practise

During the course, we provide not just theory, but also real-world cases, practical examples, and best practices from our GDPR Roadmap+ experience in companies of various sizes (from startups to international corporations), industries (from IT and FinTech to manufacturing), and maturity levels.

After the course you will:

At the end of the course, you will be able to organize the work of the project team to implement GDPR, create and maintain a full-fledged personal data protection system, and bring your company to compliance with the regulations.

You can organize processes within the company according to ISO27701.

This will give you unique competencies and give your company a marketing advantage. This means that you will stand out from the competition and will be able to get more orders and loyal customers.

You will be able to achieve concrete results.

Previous investments (including training and practical steps) will not be in vain, and the initiatives started in the company will lead to results and multiply.

You will get a ready-made algorithm of actions in 4 days.

Instead of independently searching for methods, trial and error, you will get a ready-made algorithm of actions in 4 days. This is not the only way to reach the goal, but you will know it well. After all, as they say, the fastest road is the road that you know well.

We will learn how to apply them in practice.

All this system will be reflected in the clear schemes that our coach Siarhei Varankevich is famous for. And in the future, looking at them, it will be easy for you to navigate what to do and how.

You will be able to organize the work on personal data protection.

It does not be only on paper, but also implemented at the level of specific actions and processes.

You сan stop worrying about GDPR-compliance.

Stop worrying that someone will find a discrepancy between what you have written on paper and what is happening in reality.

You will feel the significance of your contribution and satisfaction with the results.

You will stop feeling that you are not being heard or taken seriously by your recommendations.

You will be able to put your work with personal data in order.

Thus, you not only comply with the Regulations, but also speed up business processes, increase efficiency, and protect the company and customers from risks.

You will get more inspiration and motivation.

When you have a clear understanding of what to do and have all the tools you need, it will give you more inspiration and motivation. This will make it easier to engage other employees and get support from management.

The DPM certificate is a recognition of your higher level of competence in the field of personal data protection.

When you can launch a working system in your company and really come to compliance, it will really set you apart from your competitors, who still remain only at the level of documents and instructions that no one follows.

After the course you can answer the following questions

What step should you take in the first place?

How to find the necessary resources?

How to put a project team together?

What systems and processes are necessary to implement in order to comply with the GDPR?

How to assess the effectiveness of the project team and the process of implementing the GDPR?

Trainer

Siarhei Varankevich
CIPP/E, CIPM, CIPT, MBA, FIP
Founder of DPO Europe GmbH. Data Protection Trainer and Principal Consultant MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT). Full Bio

Program

STANDARDS AND FRAMEWORKS

Implementation of the accountability principle of the GDPR
Overview of the ISO27K Standards
ISO 27001 and ISO 27701
Nymity Privacy Management Accountability Framework
NIST Privacy Framework
AICPA/CICA Privacy Maturity Model

MANAGEMENT SYSTEM AND ITS CONTEXT

Analysis of information assets, business needs, and regulatory and contractual requirements
Organizational entity dealing with data protection
Needs and expectations of stakeholders
Scope of privacy programme
Governance models of privacy programme

PLANNING AND MANAGEMENT

Nymity Accountability Status Workbook
Nymity Data Privacy Accountability Scorecard
Assessment and treatment of the data privacy risks
Selection and implementation of controls

POLICIES

Internal policies
Policy types

ORGANIZATIONAL ROLES, RESPONSIBILITIES AND AUTHORITIES

Support of management and other stakeholders
Role and Responsibility Matrix for GDPR implementation
Distribution of responsibilities with RACI Chart
Privacy Team
Data Protection Officer

PROCESSES AND PROCEDURES

Process approach
Maintaining the records of processing activities (Data register) under the GDPR
Conducting Data Protection Impact Assessment (DPIA)
Assessing vendors
Processing requests from personal data subjects (DSARs)
Data breach notification

MEASURES AND CONTROLS OF ISO 27701

Conditions for collection and processing
Obligations to data subjects
Privacy by design and privacy by default
Sharing, transfer and disclosure of personal data

SUPPORT

Determination of the necessary resources and their allocation
Acquisition and maintenance of competencies
Raising Awareness
Internal communication
External communication

PERFORMANCE EVALUATION AND IMPROVEMENT

Monitoring, measurement, analysis and evaluation
Audits, their stages and types
Nonconformity and corrective action

Training format

4 full training days lasting 8 academic hours

Real cases and additional materials

GDPR DPM certificate

Certificate on completion

Attachment to certificate include the course program. Training is an organizational measure, and is a duty reflected in the General Data Protection Regulation, Articles 24, 25, 28, 32, and 39.