GDPR Masterclass

  • Classroom delivery
  • Certificated via examination
  • 4 days (can be accelerated to 3 days with longer hours)
  • Various UK and European locations (can be run on-premise if required)

The GDPR overturns and eclipses virtually all current data protection and privacy legislation in Europe – and by inference worldwide – and exemplifies further the increasing trend of the need for enterprises to self-report breaches to a regulatory authority and also underscores governmental trends to utilise regulation as a surrogate for taxation.

The big change is that control over private data is now vested in the individual de facto as well as de jure. Others’ processing, unlawful by default, is feasible only if they can prove in advance that their intended processing is lawful.

This course accepts that neither lawyers nor IT/business are solely capable of delivering compliance, and thus a multidisciplinary approach is required. It teaches the GDPR against its cultural US and European roots, and relates data processing to the enacted laws in Europe and many other jurisdictions down to province/State level. It presents a meta-architecture for both retrospective and prospective discovery of the effects of legislation and tort on current or planned IT systems.

At the core is a methodology to create Enterprise Privacy Architecture, leading to automated Privacy Impact Assessments, financial quantification of multijurisdictional compliance risk, and local compliance implementation. Some aspects of culture and business ethics are necessarily covered: these are necessary to understand the boundaries between legal systems and the implications for the overlap of legal jurisdictions and regulatory scope. This is backed up by “war stories” of the emerging international habit of jailing executives for contempt or criminal offences in relation to their IT processes and conflicts.

  • DPOs and their responsible Director(s)
  • Enterprise architects and data architects
  • In-house Counsel
  • Insurance underwriters and buyers
  • Auditors
  • Supervisors (regulators) and policy-makers
  • Governance, risk, and compliance (‘GRC’) practitioners wishing to develop immediately relevant process controls
  • Data Protection Officer as new statutory office: consequences for governance/HR
  • The subtle effects of IoT, Big Data, and Cloud: quantifying risk from the bottom-up
  • Practical software-supported case studies and simple spreadsheets to illustrate the emerging EPAG methodology
  • How to embed general data protection legislation and common law into governance
  • Aggressive exploitation against competitors
  • The GDPR’s interaction with torts worldwide
  • Why Brexit (hard or soft) is wholly irrelevant
  • Why traditional defence costs tactics will fail
  • Overview of legal systems and their supra-national interrelationships
  • The new GDPR defences against non-EU Court Orders and governments
  • Embedding risk analysis into process design
  • Relationship between Legal, Enterprise Architecture, and IS functions
  • Changes in Government attitudes to Regulatory Revenues
  • Only course delivered by a Legal Expert
  • Real-life case law examples included
  • Meet increasing demand for GDPR expertise with a GDPR qualification
  • Exam and Certificate included
  • Avoid heavy fines and loss of reputation resulting from non-compliance
  • Learn how to implement and achieve GDPR compliance
  • Learn about the role of a data protection officer under the EU GDPR

Your basket is currently empty.

An outstanding course on the most significant piece of business legislation this century, well delivered. Great for my business and my customers.

Sandy Gilchrist

An excellent introduction to the global data protection regulation challenge that is facing business in the UK and why it is so important and cannot be ignored.

Mark Ternouth