Why Attend
Data protection is taking the world by storm. Anyone who works with personal and company sensitive data needs to understand how to ensure compliance with new data protection laws, in Ghana and globally. This is a practical course that gives participants knowledge and necessary guidance to build a privacy framework within their organization. International Data Protection laws will be covered including General Data Protection Regulation (GDPR).
Course Objectives
- Define data protection principles and rights of data subjects
- Determine the lawful basis for processing data
- Demonstrate how to deal with subject access requests, data breaches and internal investigations
- Apply appropriate transfer mechanisms for cross border transfer of personal data
- Create and implement a privacy framework for their organization
Target Audience
This course is suitable for anyone who handles sensitive personal or company data. This includes compliance officers and managers, auditors, IT managers, human resources, database professionals and any information security, incident management, and business continuity professionals whose responsibilities include the secure handling of data.
This course is also suitable for current Data Protection Officers who are seeking to become certified or update their knowledge with the latest laws.
This course is also suitable for current Data Protection Officers who are seeking to become certified or update their knowledge with the latest laws.
Introduction to Data Protection
- General Data Protection Regulation (GDPR)
- Other relevant Data Protection laws
- Data Protection terminology
- Personal Data and special categories of data
- Data Protection principles
- Role of Controllers and Processors
- Data Processing Agreements
Legal Basis
- Lawful basis for processing Personal Data
- Processing special category Personal Data
- Conditions of consent
- Understand the reliance on legitimate interests
Data Subjects
- Privacy Notices
- Rights of Data Subjects
- Subject Access Requests (SARs)
Data Breaches and Complaints
- Obligations of the Processor
- Notification to the Commissioner
- Notification to Data Subjects
- Breach procedure
- Remedies, liabilities and sanctions
- Complaints and mediation
- Fines
Security
- Security of data
- Pseudonymization
- Encryption
The Data Protection Officer (DPO) Role
- The duties and obligations of the DPO
- High Risk Processing
- Communicating with Data Subjects
- Cooperating with the Commissioner
- Consider the Annual Risk Assessment
Cross border transfers
- Transfers outside of jurisdiction in absence of adequate protection
- Countries that have adequate level of protection
- Schrems II case
- Standard Contractual Clauses
- Binding Corporate Rules
- Derogations
Governance
- Understand concept of accountability to demonstrate compliance
- How to achieve compliance
- Understand concept of Records of Processing Activities (RoPA)
- How to mitigate risk
- Monitoring compliance
- Understand concept of Data Protection Impact Assessments (DPIAs)