GDPR and Data Privacy Free Resources

DSARs are becoming increasingly common, and failure to respond can lead to the data subject making a complaint to the Information Commissioner’s Office (ICO), which could result in serious fines and sanctions.

Delivered by IT Governance’s sister company GRCI Law, Head of DPO DSAR and Breach Support John Potts will provide organisations with insights into taking a practical, efficient and cost-effective approach to handling DSARs.

This webinar will cover:

• An introduction to DSARs;
• The challenges faced by organisations when handling DSARs;
• How to simplify the processing of DSARs; and
• The practical steps to manage DSARs in compliance with the GDPR.

This webinar will cover:

• A short overview of and definitions from the GDPR and the CCPA 
• The key differences between the two privacy laws  
• The overlapping privacy requirements 
• Practical steps to initiating a privacy compliance project

This webinar session will provide expert insight into the challenges DPOs face in their role as a Data Protection Officer (DPO). This webinar will cover:

• An introduction to the role of DPO and its context within the GDPR;
• The requirements for fulfilling the role of DPO under the GDPR e.g. experience, qualifications;
• The responsibilities of a DPO and type of activities that fall under the DPO remit;
• Key challenges faced by DPOs and how they can be addressed;
• Real life (anonymised) examples of DPO activities that became complex and difficult to handle; and
• Options and best-practice for filling the role of Data Protection Officer.

In this free webinar, Tomas Pinto will provide a thorough introduction to BS 10012. The session will cover:

• An introduction to personal information management and how it can benefit your organisation;
• How BS 10012 can facilitate compliance with the GDPR and other data protection laws;
• BS 10012’s integration with other management standards such as ISO 27001:2013 and ISO 9001;
• How to set about implementing a PIMS; and
• How to achieve certification to BS 10012.

This webinar aims to provide an understanding of Part 3 – Law Enforcement Processing, and discusses the key principles of the processing of personal data by a competent authority for law enforcement purposes.

Presented by IT Governance’s Consultancy Manager Shaun Beresford, this webinar session will discuss:

• What Part 3 of the DPA 2018 is and why you need to pay attention to it; 
• Key definitions for law enforcement processing;
• Penalties issued by the ICO (Information Commissioner’s Office) to police departments between 2016 and 2018;
• The principles of law enforcement processing and data subjects’ rights; and
• A 12-step approach to law enforcement processing.

Organisations interested in taking a proactive approach to demonstrating compliance with the GDPR can join IT Governance in this webinar, where we will discuss: 

• The impact of the Regulation and its key principles; 
• What data protection by design and by default means for organisations; 
• The seven foundational principles of data protection; 
• Practical application of data protection by design and by default; and 
• Implementing data protection compliance frameworks to demonstrate GDPR compliance.

This webinar will help you understand how to:

• Implement an effective GDPR awareness programme; 
• Using effective tools to achieve results during your compliance journey; 
• Leverage existing organisational infrastructure to support your agenda; and 
• Maintain organisation-wide commitment in the long term.

IT Governance will discuss:

• An overview of the GDPR and risk assessments; 
• The process for risk management and industry best practice for risk treatment; 
• The costs and benefits of the controls implemented; 
• The components of an internal control system and privacy compliance frameworks; and 
• ISO 31000 principles and the risk management process. 

To help organisations understand what a data flow mapping exercise involves, IT Governance will discuss: 

• The GDPR remedies, liabilities and penalties; 
• Data flows and identifying the key elements; 
• The benefits of conducting a data mapping exercise; 
• The challenges of data mapping; and 
• Techniques and best practices for data flow mapping.

In this webinar, IT Governance will discuss the following to help organisations initiate and maintain effective DPIAs and comply with the GDPR: 

• The GDPR’s impact and the benefits of conducting a DPIA. 
• The legal requirements for a DPIA under the GDPR. 
• High-risk DPIAs and prior consultation with the supervisory authority. 
• DPIAs and their links to an organisation’s risk management framework. 
• The practical steps to conduct a DPIA. 

The webinar covers: 

• An overview of the GDPR and its impact on local government and its partners 
• The first steps towards conducting a data audit and data mapping exercise 
• Preparations and requirements for responding to and dealing with data breaches 
• Developing processes and policies to respond to and deal with subject access requests within local government 
• Outsourcing a third-party data protection officer and its role within local government 
• GDPR solutions that support local government compliance and digital efficiency

This webinar, given by IT Governance and its partner Agilisys, discusses: 

• The current regulatory landscape and the GDPR’s territorial scope 
• Breach notification procedures and key changes 
• The challenges faced by local government in achieving GDPR compliance 
• The practicalities of implementing a GDPR compliance management programme

To help organisations that are seeking compliance to understand these implications, this webinar provides an overview of: 

• The definitions of data controller and data processor under the GDPR. 
• The responsibilities and obligations of controllers and processers.
• The data breach reporting responsibilities of controllers and processors.
• The liability of and penalties that may be imposed on data processers and controllers. 
• The appointment of joint controllers and the restrictions on subcontracting processors. 

This webinar outlines: 

• The implications of data protection by design and by default.  
• The foundational principles of ‘privacy by design’.  
• The benefits of taking a ‘privacy by design’ and ‘privacy by default’ approach.  
• The role of privacy impact assessments in designing efficient and effective processes.  

Therefore, this webinar, delivered in partnership with DataStax, discusses: 

• The GDPR’s impact on businesses 
• Accountability and governance of data, data storage limitations, breach notifications, data subject rights, and compliance requirements
• Unravelling the labyrinthine web of data using DataStax Enterprise Graph to bring legacy systems together and comply with the GDPR, building a 360-degree view of a company’s data subjects 
• The right to be forgotten and how DataStax Enterprise Graph can help companies comply with the Regulation’s requirements 

The webinar will cover: 

• The GDPR’s impact on how local government processes EU residents data
• The effect of Brexit on the new law
• Breach notification processes and using third-party providers to manage GDPR compliance
• The pivotal role of the data protection officer in supporting local government GDPR compliance
• How local government can apply IT Governance’s nine practical steps to GDPR compliance
• The appropriate resources and tools to address local government GDPR compliance challenges

To equip organisations that provide ‘essential services’ with a comprehensive understanding of the GDPR and NIS Directive requirements, this webinar provides an overview of:  

• The key implications of the GDPR.
• The technical and organisational measures that organisations need to adopt to comply with the NIS Directive. 
• The GDPR and NIS Directive data breach notification requirements. 
• The risk-based security measures needed to create cyber resilience. 
• The policies and procedures required for breach notification and incident response. 

IT Governance and Datastax have joined forces to deliver this session, which is designed to equip professionals involved in GDPR compliance with a comprehensive understanding of the Regulation’s requirements for Cloud-based applications. 

The key topics discussed in this webinar session are: 

• An overview of the General Data Protection Regulation (GDPR);
• The GDPR compliance principles, ‘privacy by design’ and ‘privacy by default’;
• The GDPR’s impact on Cloud-based applications, business policies and processes;
• Data subjects’ rights, breach notification obligations and the GDPR’s effect on customer experience;
• The technical and organisational measures applicable to Cloud-based applications;
• Meeting the stringent data security compliance requirements under the GDPR;
• ISO 27018 and implementing security controls for PII stored in Cloud-based applications.

In light of this, we are offering a webinar that provides an overview of: 

• The regulatory landscape and its territorial scope. 
• The integration of standards and codes for risk management. 
• The operational, strategic, regulatory, statutory and contractual aspects of risk management. 
• The benefits and challenges of conducting a data flow mapping exercise. 
• The best techniques for data flow mapping. 

This webinar is designed to inform those organisations looking to appoint a DPO on the following: 

• The specific situation in which organisations are required to appoint a DPO. 
• The DPO’s relation with the controller, processor and senior management/board. 
• The responsibilities of the DPO. 
• The function of data protection impact assessments under the GDPR. 
• The legal requirements for appointing a DPO.

To help Cloud service providers understand their GDPR compliance requirements, this webinar will deliver an overview of: 

• The GDPR and what it means for Cloud service providers.
• The technical and organisational measures applicable to Cloud service providers. 
• The policies and procedures required by the GDPR. 
• The ‘privacy by design’ and ‘privacy by default’ requirements. 
• The rights of data subjects. 
• Breach notification obligations. 
• The impact of subcontracting on Cloud service providers.
• ISO 27018 and implementing security controls for PII in the Cloud.

The webinar will discuss: 

• An overview of the General Data Protection Regulation (GDPR). 
• Breach notification requirements under GDPR and a showcase of recent data breaches and their costs. 
• Organisations’ responsibilities when storing data in the Cloud, and the roles of controller and processor. 
• The outcome of subcontracting on Cloud service providers and notifications on activities in the Cloud. 
• The role and responsibilities of the Cloud adoption. 
• ISO 27018 and implementing security controls for PII in the Cloud. 

This webinar is designed to update senior management and boards about the potential impact of the GDPR on their organisations, and provides an overview of: 

• The principle of accountability and what it means. 
• The application of the principle of accountability. 
• The task of developing policies and procedures that comply with the Regulation. 
• The need to raise GDPR awareness and provide employees with training. 
• The board’s responsibility to appoint a dedicated data privacy team or DPO. 
• The requirement to conduct data privacy audits and impact assessments. 

In this webinar, Adrian Ross, an experienced data protection and information security consultant with IT Governance, will shed light on how the GDPR may affect your business, some of the crucial principles of the GDPR, and steps you can take to reduce your risk of a breach. 

In this webinar, Richard Campo, an experienced data protection and information security consultant with IT Governance, sheds light on how the GDPR may affect your business, some of the crucial principles of the GDPR, and the policies and procedures required under the Regulation.

In this webinar, Richard Campo, an experienced data protection and information security consultant with IT Governance, sheds light on how the GDPR may affect your business, some of the crucial principles of the GDPR, and the data flow mapping for the EU GDPR.

ISO/IEC 27001 provides an excellent starting point for achieving the technical and operational requirements necessary to prevent a data breach under the GDPR. In this live webinar, IT Governance’s ISMS implementation and GDPR compliance expert will discuss:

• An overview of the GDPR and how an ISO 27001-aligned ISMS can support compliance;
• The top risks that result in data breaches and key actions in the event of a data breach;
• The technical and organisational requirements to achieve GDPR compliance;
• The benefits of implementing an ISMS; and
• Practical advice on how to improve your overall information security in line with the GDPR’s requirements.

In this webinar, IT Governance will provide an overview of how penetration testing can effectively support organisations in achieving GDPR compliance. Join IT Governance’s founder and executive chairman, Alan Calder, and head of technical services, David Grove, where they will discuss:

• Penetration testing and its role in demonstrating GDPR compliance;
• Implementing technical measures to ensure data security and compliance with Article 32 of the GDPR;
• Why penetration tests are vital in uncovering vulnerabilities before criminals do; and
• How to meet legislative and regulatory requirements and achieve an integrated approach with standards such as the PCI DSS, ISO 27001 and the GDPR.

To keep pace with the digital landscape and address the General Data Protection Regulation (GDPR) compliance requirements, IT Governance’s experts will be running a webinar designed to help healthcare providers comply with the Regulation. This live webinar session will cover:

• An overview of the GPDR and the Data Security and Protection (DSP) Toolkit and their impact on the healthcare sector;
• Accountability frameworks that support GDPR compliance, and the role of senior management in ensuring compliance and cyber resilience is a strategic focus;
• The role of a robust staff awareness programme in supporting a culture of cyber resilience and compliance; and
• Embedding data protection by design and by default, and a holistic approach to achieving a cyber resilient posture.

Many are now implementing an ISO 27001-compliant ISMS to ease the workload of regular audits and better manage their sensitive information in compliance with the GDPR. This proves to clients that they take information security seriously and gives them a competitive advantage.

In this webinar, IT Governance will provide an overview of how an ISO 27001-compliant ISMS can effectively support law firms in achieving GDPR compliance. Join IT Governance’s founder and executive chairman, Alan Calder, as he discusses:

• An overview of the GDPR and its impact on the legal sector;
• The GDPR’s legal requirements and obligations and how an ISO 27001 ISMS can support compliance;
• The role of a robust staff awareness programme in supporting a culture of cyber resilience and GDPR compliance; and
• Practical advice on how to improve your overall information security in line with the GDPR’s requirements.

This webinar will shed light on the obligations and responsibilities the GDPR creates for data controllers and data processors, discussing:

• An overview of the current regulatory landscape and the GDPR’s scope;
• The main responsibilities and obligations of controllers and processers;
• Data breach and incident response management obligations;
• The penalties and liabilities imposed on processers and controllers; and
• The limitations and restrictions on appointing joint controllers and subcontracting processors.

In this webinar, IT Governance aims to provide an overview of:

• The legal requirements for a DPIA;
• The benefits of conducting DPIAs within your organisation;
• Embedding DPIAs in your risk management framework in compliance with the GDPR; and
• Practical steps to conducting a DPIA and linking it to the GDPR principles.

Discover:

• Why most organisations are woefully unprepared for a breach and what they can do about it;
• The essential ingredients of cyber incident response management;
• The ICO’s (Information Commissioner’s Office) 12 core requirements for reporting a personal data breach;
• Best-practice approaches to protecting your data; and
• The key steps you should take to help you quickly respond to and recover from a breach.