Complete data protection system A-Z in 16 steps (GDPR, CIPM)
Focused View
Paweł Mielniczek
4:45:48
96 View
1. Preview.mp4
03:15
1. 5 reasons to take care of your data protection system.mp4
01:03
2. Motivator 1 liability.mp4
02:13
3. Motivator 2 reputation.mp4
00:39
4. Motivator 3 time-effectiveness.mp4
00:40
5. Motivator 4 cost-effectiveness.mp4
00:57
6. Motivator 5 respect for data subjects.mp4
00:53
7. Support from management & stakeholders.mp4
01:10
8. 10 differences between a privacy-careless firm and your goals.mp4
00:29
9. Difference 1 purposes for data processing.mp4
00:36
10. Difference 2 scope of personal data processed.mp4
00:36
11. Difference 3 verification and updating.mp4
00:51
12. Difference 4 retention.mp4
01:20
13. Difference 5 likelihood of a security breach.mp4
01:16
14. Difference 6 severity of violation.mp4
01:11
15. Difference 7 data subject rights.mp4
01:04
16. Difference 8 formal compliance.mp4
01:13
17. Difference 9 transparency.mp4
01:19
18. Difference 10 evidence.mp4
00:59
19. The organization you will service.mp4
01:17
20. Meaning of organizations context.mp4
01:20
21.1 GC templates - part 1 & 2, GC - T&S example, GDPR text - password AZcourse16steps.html
21. Where to write down the answers.mp4
01:20
22. Brief description of organizations activity.mp4
01:10
23. Applicable laws & standards.mp4
01:23
24. How to consider local and detailed laws.mp4
01:06
25. Estimated total number of data subjects.mp4
01:27
26. Locations where data are processed.mp4
01:16
27. What your project will look like.mp4
00:38
28. Steps.mp4
00:47
29. Phase 1 identify.mp4
01:14
30. Phase 2 assess.mp4
01:07
31. Phase 3 implement.mp4
00:46
32. Phase 4 apply.mp4
01:10
33. Start acting!.mp4
00:53
34. The privacy team.mp4
00:50
35. Governance model.mp4
01:13
36. How to prepare the project.mp4
01:15
37. Kick-off meeting.mp4
01:26
38. After the kick-off meeting.mp4
01:00
39.1 To send to interlocutors before audit meetings.docx
39. To send to interlocutors (processes).mp4
00:21
40. To send to interlocutors (assets).mp4
00:42
41.1 Your to-do list (before you start).pdf
41. To send to interlocutors (general obligations).mp4
00:52
1. Mode of operation.mp4
00:58
2. Processes and processing.mp4
01:13
3. Typical processes (controller).mp4
00:43
4. Typical processes (processor).mp4
00:56
5. Purposes v. processes.mp4
01:22
6. Whose the purposes are.mp4
01:09
7. Which questionnaires to use.mp4
01:14
8. Processing activities (controllers questionnaire).mp4
01:10
9. Joint controllers (controllers questionnaire).mp4
01:28
10. Processing purposes (controllers questionnaire).mp4
01:10
11. Typical purposes (add more details if possible).mp4
00:35
12. Controller(s) (processors questionnaire).mp4
01:32
13.1 Your to-do list (step 1).pdf
13. Processing activities & purposes (processors questionnaire).mp4
00:46
1. Categories of data subjects (controllers questionnaire).mp4
01:28
2. Typical categories of data subjects.mp4
00:50
3. Categories of personal data (controllers questionnaire).mp4
01:18
4. Typical categories of ordinary personal data.mp4
00:36
5. Special categories of personal data.mp4
01:34
6. Categories of recipients (controllers questionnaire).mp4
01:30
7. Typical categories of recipients.mp4
00:36
8. Transfers outside the European Economic Area.mp4
01:29
9. Typical cases of transfer outside the EEA.mp4
00:54
10. Envisaged time limits for data erasure (controllers questionnaire).mp4
01:13
11. Typical time limits for data erasure.mp4
00:36
12. General description of security measures.mp4
01:21
13. Transfers outside the EEA (processors questionnaire).mp4
01:09
14.1 Your to-do list (step 2).pdf
14. Providing guarantees for controller(s).mp4
00:59
1. Mode of operation.mp4
01:12
2. How to group identified assets.mp4
01:22
3. Locations & areas.mp4
01:26
4. Typical assets (locations & areas).mp4
01:11
5. Typical safeguards (locations & areas).mp4
01:05
6. Equipment.mp4
01:26
7. Typical assets (equipment).mp4
00:54
8. Typical safeguards (equipment).mp4
01:24
9. Networks & servers.mp4
01:36
10. Typical assets (networks & servers).mp4
01:06
11. Typical safeguards (networks & servers).mp4
01:16
12. Websites.mp4
01:31
13. Typical assets (websites).mp4
00:48
14. Typical safeguards (websites).mp4
01:08
15. Software.mp4
01:30
16. Typical assets (software).mp4
00:46
17. Typical safeguards (software).mp4
01:00
18. Digital files (unstructured).mp4
01:19
19. Typical assets (digital files).mp4
00:48
20. Typical safeguards (digital files).mp4
01:02
21. Printed documents.mp4
01:21
22. Typical assets (printed documents).mp4
00:43
23. Typical safeguards (printed documents).mp4
00:43
24. Staff.mp4
01:25
25. Typical assets (staff).mp4
00:50
26. Typical safeguards (staff).mp4
01:39
27.1 Your to-do list (step 3).pdf
27. Other.mp4
01:36
1. Process and asset owners.mp4
01:07
2. Process owner - typical responsibilities.mp4
00:53
3.1 Your to-do list (step 4).pdf
3. Asset owner - typical responsibilities.mp4
01:24
1. Mode of operation.mp4
00:49
2. Record of processing activities (controllers questionnaires).mp4
01:59
3. Record of all categories of processing activities (processors questionnaires).mp4
01:28
1. Goal 1, Purpose limitation principle (controllers questionnaire).mp4
01:23
2. Goal 1, Lawfulness principle (controllers questionnaire).mp4
01:35
3. Goal 1, Legal basis for data sharing (controllers questionnaire).mp4
01:29
4. Goal 2, Data minimization principle (controllers questionnaire).mp4
01:08
5. Goal 3, Accuracy principle (controllers questionnaire).mp4
01:31
6. Goal 4, Storage limitation (controllers questionnaire).mp4
01:17
7. Goal 5 protect personal data against security breach.mp4
01:46
8. Goal 6, Obligation to carry out DPIA (controllers questionnaire).mp4
01:25
9. Goal 6, Threats to data subjects (controllers questionnaire).mp4
01:44
10. Goal 7 prepare to handle data subject requests.mp4
01:41
11. Goal 8, Joint controllers (controllers questionnaire).mp4
01:37
12. Goal 8, Typical vulnerabilities (processors).mp4
01:25
13. Goal 8, Processors provide compliance guarantees (controllers questionnaire).mp4
01:31
14. Goal 8, Processors commit to all GDPR obligations (controllers questionnaire).mp4
01:21
15. Goal 8, Lawfulness of transfers outside the EEA (controllers questionnaire).mp4
01:40
16. Goal 9, Transparency principle (controllers questionnaire).mp4
01:22
17. Goal 9, Providing all the required information (controllers questionnaire).mp4
01:35
18. Goal 9, Providing information timely (controllers questionnaire).mp4
01:33
19.1 Your to-do list (step 5).pdf
19. Goal 10 achieve accountability - ability to demonstrate compliance.mp4
01:29
1. Goal 1 only process personal data under a contract with the controller.mp4
01:24
2. Goal 2, Providing guarantees for controller(s) (processors questionnaire).mp4
01:16
3. Goal 3 do not engage another processor without controllers consent & same obli.mp4
01:39
4. Goal 4 ensure confidentiality from all persons authorized to process personal d.mp4
01:26
5. Goal 5 protect personal data against security breach.mp4
01:34
6. Goal 6 assist the controller with data subject requests.mp4
01:01
7. Goal 7 assist the controller with fulfilling other obligations.mp4
01:33
8.1 Your to-do list (step 6).pdf
8. Goal 8 demonstrate fulfillment of processors obligations to the controller.mp4
01:32
1. Criteria for info security assessment.mp4
01:18
2. Mode of operation (info security assessment).mp4
01:33
3. High likelihood cases and integrity & confidentiality assessment.mp4
01:44
4. Locations and areas - Typical security breaches.mp4
00:50
5. Locations and areas - Typical vulnerabilities.mp4
00:46
6. Equipment - Typical security breaches.mp4
00:45
7. Equipment - Typical vulnerabilities.mp4
01:06
8. Networks & servers - Typical security breaches.mp4
00:52
9. Networks & servers - Typical vulnerabilities.mp4
01:10
10. Websites - Typical security breaches.mp4
01:02
11. Websites - Typical vulnerabilities.mp4
01:03
12. Software - Typical security breaches.mp4
01:22
13. Software - Typical vulnerabilities.mp4
01:00
14. Digital files - Typical security breaches.mp4
00:51
15. Digital files - Typical vulnerabilities.mp4
01:20
16. Printed documents - Typical security breaches.mp4
01:05
17. Printed documents - Typical vulnerabilities.mp4
01:35
18. Staff - Typical security breaches.mp4
01:07
19. Staff - Typical vulnerabilities.mp4
01:20
20.1 Your to-do list (step 7).pdf
20. Other assets.mp4
01:18
1. Data protection officer - designation (general obligations questionnaire).mp4
01:39
2. Data protection officer - position (general obligations questionnaire).mp4
01:36
3. Data protection officer - tasks (general obligations questionnaire).mp4
01:51
4. Incident management & reporting.mp4
02:01
5. Privacy by design and by default.mp4
01:35
6. Right to access.mp4
01:34
7. Right to rectification.mp4
01:28
8. Right to erasure (to be forgotten).mp4
02:02
9. Right to restriction of processing.mp4
01:38
10. Notification obligation if data rectified, erased or processing restricted.mp4
01:46
11. Right to data portability.mp4
01:18
12. Right to object.mp4
01:51
13. Automated decisions & profiling.mp4
01:33
14. Policies & procedures.mp4
01:45
15. Employee obligations & awareness.mp4
01:42
16.1 Your to-do list (step 8).pdf
16. Executive summary & risk assessment.mp4
01:43
1. Intro implementation phase.mp4
01:27
2. Adjust data collecting.mp4
01:42
3. Adjust the scope of data processing.mp4
01:32
4. Prepare informational clauses.mp4
01:49
5.1 Your to-do list (step 9).pdf
5. Update contracts.mp4
01:36
1. Adjust the scope of processing.mp4
01:58
2. Adjust communication with controller & data subjects.mp4
02:02
3.1 Your to-do list (step 10).pdf
3. Adjust the contracts.mp4
01:37
1. Intro managing security risks.mp4
01:34
2. General security objectives, standards & context.mp4
01:36
3. Leadership, roles & responsibilities.mp4
01:45
4. Asset register, risk analysis & treatment.mp4
01:49
5. Asset management, media handling, information classification.mp4
02:01
6. Mobile work, home office, private devices & private use.mp4
01:53
7. Authorization management & access control.mp4
01:55
8. Physical & environmental security.mp4
02:05
9. Event logging, vulnerability & usage monitoring.mp4
01:56
10. Cryptography.mp4
01:52
11. Supplier relationships.mp4
01:35
12. Network security & information transfer.mp4
01:54
13. Software - safeguards & vulnerability management.mp4
01:46
14. Recruitment, employment, termination & end-user responsibilities.mp4
01:50
15. Project management, exceptions & non-typical assets.mp4
01:43
16. Incident management.mp4
01:54
17. Business continuity and disaster recovery.mp4
01:59
18.1 Your to-do list (step 11).pdf
18. Reviews and performance evaluation.mp4
01:47
1. Data protection officer or equivalent.mp4
01:46
2. Incident management & reporting.mp4
01:48
3. Privacy by design.mp4
02:00
4. Data subject rights.mp4
01:37
5.1 Your to-do list (step 12).pdf
5. Obligation to consult the supervisory authority.mp4
01:32
1. Intro application phase.mp4
01:09
2. Why general policies would be useful.mp4
01:23
3. What aspects should the policies cover.mp4
01:33
4. How to prepare general policies.mp4
01:26
5.1 Your to-do list (step 13).pdf
5. Relation with standard operating procedures (SOPs).mp4
01:35
1. General SOP.mp4
01:38
2. SOPs for controllers processes.mp4
01:50
3. SOPs for processors processes.mp4
01:38
4.1 Your to-do list (step 14).pdf
4. SOPs for assets.mp4
01:34
1. Adopt data protection documentation.mp4
01:18
2. Publish data protection documentation.mp4
01:42
3.1 Your to-do list (step 15).pdf
3. Train employees & associates.mp4
01:35
1. Execute internal obligations.mp4
01:45
2. Maintain compliance and keep your system up to date.mp4
01:39
3.1 Your to-do list (step 16).pdf
3. Review and improve your data protection system regularly.mp4
01:10
1. Wrap-up.mp4
01:34
Description
A-Z guide & templates by Dr Paweł Mielniczek
What You'll Learn?
- Create a GDPR-standard data protection system in any environment
- Save time and resources with an efficient method to protect privacy
- Identify, assess, implement and maintain compliance with data protection laws
- Carry out risk analysis and data protection impact assessment like a professional
- Protect personal data against a security breach
- Manage data protection breaches
- Prepare contract clauses to regulate data flows with your clients, contractors and partners
- Apply privacy by design and by default in practice
- Write useful policies, procedures and records
- Build employee awareness and commitment
- Prepare for an inspection
Who is this for?
What You Need to Know?
More details
DescriptionI will cover the necessary steps where you prepare, identify, assess, implement and apply data protection principles at your firm. You will receive an editable resource to gather in one place as much information as possible.
It does not matter whether you work for a business, charity or a state institution. It does not matter, whether you are self-employed, work for a medium business, or for international capital group - we will cover all the known issues.
Completing all the steps will bring your compliance level higher than 99% of businesses. I am not giving a legal advice or doing your job, but I am sharing my practical experience to make your compliance as easy as possible.
4 deliverables of this course
GDPR standard, the highest data protection standard
A-Z: implementation and maintenance phases in 16 steps
Practical examples of how to implement GDPR requirements
Checklists & templates to make your job easy as possible
4 foundations of this course
You get compliant, not just listen about compliance
This course is for every organization
You will not experiment, but avoid mistakes
Do not get just tools or knowledge, but follow steps
16 steps to make sure all data protection measures are in place and function well
Identify data processing purposes
Identify data processing details
Identify assets
Identify process & asset owners
Assess controller’s processes
Assess processor’s processes
Assess information security
Assess general obligations
Model controller’s processes
Model processor’s processes
Manage security risks
Comply with general duties
Prepare general policies
Prepare SOPs
Adopt, publish & train
Execute, maintain & review
My course has clear structure, so you will easily see and find the points we are covering. Each time you need to take steps on your data protection system, you will get a checklist to make sure you cover anything you need. With that said, let’s get right into the job!
Who this course is for:
- Managers who want to create or improve their data protection system
- Data Protection Officers who want to work efficiently and develop skills
- Heads of departments processing a lot of personal data (HR, marketing, IT)
- Anyone who wants to hear from an expert, how a data protection system should work
I will cover the necessary steps where you prepare, identify, assess, implement and apply data protection principles at your firm. You will receive an editable resource to gather in one place as much information as possible.
It does not matter whether you work for a business, charity or a state institution. It does not matter, whether you are self-employed, work for a medium business, or for international capital group - we will cover all the known issues.
Completing all the steps will bring your compliance level higher than 99% of businesses. I am not giving a legal advice or doing your job, but I am sharing my practical experience to make your compliance as easy as possible.
4 deliverables of this course
GDPR standard, the highest data protection standard
A-Z: implementation and maintenance phases in 16 steps
Practical examples of how to implement GDPR requirements
Checklists & templates to make your job easy as possible
4 foundations of this course
You get compliant, not just listen about compliance
This course is for every organization
You will not experiment, but avoid mistakes
Do not get just tools or knowledge, but follow steps
16 steps to make sure all data protection measures are in place and function well
Identify data processing purposes
Identify data processing details
Identify assets
Identify process & asset owners
Assess controller’s processes
Assess processor’s processes
Assess information security
Assess general obligations
Model controller’s processes
Model processor’s processes
Manage security risks
Comply with general duties
Prepare general policies
Prepare SOPs
Adopt, publish & train
Execute, maintain & review
My course has clear structure, so you will easily see and find the points we are covering. Each time you need to take steps on your data protection system, you will get a checklist to make sure you cover anything you need. With that said, let’s get right into the job!
Who this course is for:
- Managers who want to create or improve their data protection system
- Data Protection Officers who want to work efficiently and develop skills
- Heads of departments processing a lot of personal data (HR, marketing, IT)
- Anyone who wants to hear from an expert, how a data protection system should work
User Reviews
Rating
average 0
Focused display
Category
Paweł Mielniczek
Instructor's CoursesAdvocate and scholar with an international law and new technologies law focus. His professional experience covers among others NATO HQ SACT, UN Office in Geneva, a big financial institution, data protection supervisory authority, antitrust supervisory authority, a data protection consulting firm, and an international law firm. Conducted trainings on: practical aspects of GDPR ; managing the data protection system and acting as a data protection officer; data protection impact assessment (DPIA) and risk analysis, as well as supervisory authority inspection preparation.
Udemy
View courses UdemyStudents take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.
- language english
- Training sessions 212
- duration 4:45:48
- Release Date 2022/11/26
