Public Training

Course Summary:

This full day course is essential for any firm that uses personal data of customers and/or staff. Delivered in two workshops:
• The morning workshop examines (a) the Data Protection laws & the eight data protection principles (i.e. collection, treatment, permitted processing, retention, storage & security of electronic and manual personal data); and (b) practicalities of compliance (i.e. drafting policies & procedures, staff training, privacy statements) and responsibilities of the Data Protection Officer.
• The afternoon workshop develops relevant skills required to confidently carry out a data protection audit.

Click here for more details

Details:

Cost:
€620 for 1st attendee
€550 for 2nd attendee from same firm attending same day
(All training fees are VAT exempt)

Data Protection and How to Conduct a Data Protection Audit

Attendee 1 €620.00 EUR Attendee 2+ €550.00 EUR

Alternative Payments:
To pay by wire transfer/cheque please make your booking via This e-mail address is being protected from spambots. You need JavaScript enabled to view it including the course name, course date, your name and contact details (including telephone number).  You will receive an automatic response.  Thereafter we will email you with details of how to make payments.

Enquiries: If you wish to enquire about a course before booking, please contact us at: This e-mail address is being protected from spambots. You need JavaScript enabled to view it

CPD Details: Click here 

Please read: Terms & Conditions and Cancellation Policy and Privacy Statement 

What Others Say: Testimonials

Course Content:

Do you know that:

* The DPC continues to investigate and prosecute firms for breaches of the data protection legislation.

* The DPC issued a Personal Data Security Breach Code of Practice in 2010

*New fines of up €250,000 or 10% of a business turnover are provided for and individuals liable up to €50,000 fine.

*The use of Access Requests by individuals – both customers and employees – is increasing every year.

All firms which hold, use or control personal data are bound by the Data Protection laws, regardless of whether or not they need to register with the Data Protection Commissioner (DPC).  Recent interventions by the Data Protection Commissioner relating to:
(i) loss of laptops and other data storage devices;
(ii) misuses of personal data by real estate, mortgage, bank and insurance businesses;
(iii) failing to safeguard data on a company’s system;
(iv) individuals’ rights to see their medical reports;
(v) transfer of persons’ transaction data from the EU to the US;
(vi) data security breaches;
(vii) breaches of e-marketing/unsolicited e-communication requirements,demonstrate the DPC’s desire to raise & enforce data protection in Irish society. 

The afternoon session provides an intensive workshop on How to Conduct a Data Protection Audit at which attendees will apply their data protection knowledge to learning about the most effective ways to carry out a data protection audit/self-assessment.  Compliance Ireland is retained to assist firms inspected by the Data Protection Commissioner, so we know the practical aspects of handling an inspection, dealing with the Commissioner and implementing sound data protection standards. We will share these skills with attendees of this course. 

The course contains the following sessions:

Data Protection

• What is Personal Data and Sensitive Personal Data under the Data Protection Acts – getting to grips with the definitions and examples of personal data and sensitive personal data
• The key provisions of the Data Protection Acts – this session will focus on key legislative requirements such as processing of personal data, security of personal data, the statutory requirement for record retention, access requests, transfers of personal data outside the EEA, corporate and senior management responsibility, unauthorised disclosure, confidentiality and whistle-blowing.
• The Eight Data Protection Principles enshrined in law – this session will explain what each principle means, examples of how others have fallen foul of them and most importantly what you can do to help ensure that your firm doesn’t.  This session will use examples of employee and customers records and case studies to explain what your obligations include
• Employee records – how to deal with personal data collected in the recruitment process, employment records generally including details of sickness and other absences, as well as records of employees’ personal use of email, internet access & taped telephone calls.
• Practicalities of Data Protection compliance – drafting a data protection/data handling policy and procedures; training of staff; monitoring your firm’s compliance; privacy statements; and the responsibilities of the Data Protection Officer.

How to conduct a Data Protection self-assessment

The afternoon workshop provides attendees with the training and development of relevant skills required to confidently carry out a data protection audit (without which it will be difficult to identify gaps in your business).

Compliance Ireland will provide a step-by-step guide to conducting a self-assessment audit, using specially designed checklists which are fully referenced to the latest legislation to enable attendees to assess and demonstrate their compliance with key sections of the Acts, including:

(a) Drafting a High Level Data Protection Fact Find covering:
Personal data - the reason it is obtained 
source of data
Identification of data processors and associated contracts
Third party disclosures · Registration
Data Protection Policy
Staffing and Reporting Structures
Planning and implementing of data protection standards
System audits and reviews
Job descriptions and staff contracts
Data Collection
Key Business Processes.

(b) Checklists for
(1) each of the eight data protection principles;
(2) transfers of personal data outside of the EEA; and
(3) website Privacy Statements.

Who Should Attend:

• Compliance Officers
• HR Managers
• Directors
• Managers
• Supervisors
• All individuals who hold, control or use personal data are bound by the Data Protection laws and should be aware of their obligations.