Data Protection Foundation

Holistic view of the concepts and principles of Privacy and Data Protection

his Data Protection Foundation course provides a holistic view of the concepts and principles of Privacy and Data Protection and its applicability focusing primarily on the foundations, concepts and guiding principles that underpin existing legislation and frameworks. Next, the course covers the EU legislation, and an overview of the differences with other privacy laws and regulations, such as the ones from Canada, United States and Australia, among others, and the analysis of the various privacy and data protection frameworks internationally recognized.

On a second phase, the course presents an analysis of the drivers that led to the new EU regulation and the benefits that the new European legislation brings, at a level of organizations (including SME’s), people, internet, social networks, crime, and technology, among others.

Finally, the course ends with an approach to the application of regulation at the level of organizations, individuals and other bodies, including the roles, responsibilities and positions that each should adopt to be compliant with the new regulation (as applicable). The main objective of these sections is the analyses of the application of the regulations at the level of these three main entities, organizations, people and data protection bodies, defining forms of action, rights, duties and recommendations.

This course prepares for the BCS Data Protection Foundation (DPF) certification. This certification is aligned with the requirements of international standard ISO/IEC 17024.

Metodologia

DPF Foundation training course is based on both theory and practice sessions with:

Lectures illustrated with examples based on real cases.

Practice and review exercises that assist in preparation to the certification exam. To benefit from the practical exercises, the number of training participants is limited.

Destinatários

CxO that need to understand the new EU legislation related to data protection

Information security professionals, consultants and/or auditors that need to acquire the fundamental knowledge about the applicable legislation and requirements related with data privacy

IT professionals that need to understand the fundamental concepts and requirements of data privacy and how the IT can support this requirements

Data protection consultants and/or auditors that need to know the fundamentals of data protection to support their projects or audit assignments

Anyone that want to know about the fundamentals of data protection and data privacy, and to acquire knowledge of the main Privacy and Data Protection frameworks

Pré-Requisitos

Participants should understand English as the course documentation is in this language.

Objectivos Gerais

To identify and know how to apply the main privacy and data protection concepts and terminology

To understand the main privacy and data protection frameworks and related differences, including, OECD, APEC, ISO 29001, EU GDPR, among others

To identify the main drivers and benefits of the revision of the EU Data Protection regulation, including the benefits for organizations, individuals, SME’s, among others

To be able to differentiate and identify the most common data protection roles and responsibilities on the EU GDPR framework and on other privacy frameworks

To get to know the EU GDPR principles for data processing and how they drive the requirements for data protection, including, lawful processing, consent and related with special categories of personal data

To understand how the EU GDPR applies to individuals, organizations, including on operations related with data transfers outside the EU, and the role and responsibilities of Data Protection Bodies.

To acquire the knowledge needed to succeed on the BCS DPF exam and become a certified Data Protection Foundation (DPF) professional

Programa

Fundamental concepts and principles of privacy and data protection

Concepts and principles

European fundamental rights

Privacy versus data protection

Privacy and data protection timeline

Privacy and data protection existing legislation

Data privacy and ISO/IEC 27001 relationship

Privacy and Data Protection Frameworks

OECD Privacy Framework

Australian Privacy Management Framework

ISO 29001 Privacy Framework for PII

Canada Privacy legislation

US Data Privacy legislation

APEC Privacy Framework

EU Data Protection Framework (GDPR)

Presentation

Roadmap for General Data Protection Regulation (GDPR)

EU Data Protection revision drivers and benefits

EU Data Protection framework revision drivers

EU Data Protection reform benefits

Benefits for individuals

Benefits for organizations

Benefits for SMEs

Other benefits

Common Data Protection Roles and Responsibilities (EU & Other Frameworks)

Controllers and Processors

The designated DPO

Other EU GDPR roles and responsibilities

Common Roles and responsibilities on other frameworks

EU GDPR principles for data processing

EU Data Protection:

For Individuals (the two directives)

Inside Organizations

Data transfers outside the EU - The EU US Privacy Shield

Data Protection Bodies

Data Protection Foundation Exam

Exame

The “Data Protection Foundation” exam fully covers the following competence domains:

Domain 1: Concepts and Principles of Privacy and Data Protection

Domain 2: Privacy and Data Protection Frameworks

Domain 3: Data Protection Roles and Responsibilities

Domain 4: EU Data Protection

The “Data Protection Foundation” exam is available in Portuguese and English language.

Duration: 1 hour, passing score 65% (26 of 40 correct questions).

Exam available on-site and online.

This is a 40 questions multiple-choice exam, with 4 options per question, 1 correct answer.

The exam result is sent via email to the candidate within eight weeks after the examination, being the exam result graduated in qualitative note: “Pass or Fail”.

In the case of a failure, the result will be accompanied with the list of domains in which you had a mark lower than the passing grade.

If the candidate fails the exam, he is entitled to one free retake within a 12 month period from the initial exam date.

Certificação

After successfully completing the exam, participants can apply to one of the certification levels: “Data Protection Foundation”. A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Data Protection Foundation certification program is aligned with ISO 17024 standard.

Formação na língua portuguesa ou inglesa.

Recursos materiais da formação online e em Inglês, com acesso online.

Certificado digital de Frequência de Formação Behaviour com 14 créditos CPD/CPE.

Exame de Certificação online, em Português e Inglês. O exame pode ser realizado até 3 meses, após a conclusão do curso.

Diploma digital de Certificação e Insígnia digital de Certificação, após sucesso no exame e conclusão do processo de candidatura. Este registo não tem qualquer custo associado.

Se o candidato não for aprovado no exame, tem o direito a uma nova tentativa gratuita dentro de um período máximo de 12 meses, a contar da data do exame inicial.