GDPR and the ePrivacy Regulation (a high level overview of legislation)
- What are the core concepts in the GDPR?
- How do these relate to the functions in the DAMA DMBOK?
The Role of DPO and How it Fits into Traditional Data Governance Models and the Wider DMBOK
- What is the role of a Data Protection Officer?
- What are they supposed to do?
- Who can be a Data Protection Officer?
- How does the DPO fit into general principles of Data Governance?
- How should they engage with the Information Management function (and vice versa).
Data Governance in GDPR and other Data Privacy Legislation
- Understanding GDPR data governance requirements
- Understanding data governance requirements in other data privacy legislation
- Understanding Data Governance requirements in BS10012:2009 (British Standard for Personal Information Management Systems)
Risk Based Approach to Data Privacy in GDPR
- Defining what risk is
- Understanding the Risk model in Data Privacy
- Understanding how Data Privacy Risk assessments differ to traditional risk management approaches
- Introduce concept of Balancing Tests for data privacy rights
How the Requirement in GDPR to Document Processing Activities is Supported by Master Data, Metadata, Information Architecture and Business Process Management Best Practices
- How does Master Data Management support data protection risk management under GDPR?
- How does Metadata management support documentation of activities?
- What is the role of Business Process Management in GDPR compliance?
- Understand how to apply the Zachman Framework to the definition of your GDPR risk and controls framework.
The Relevance of Data Modelling to Data Privacy Risk Management and Mitigation
- The importance of the logical data model in GDPR
- The data model as a risk assessment tool
- “What is personal data” – navigating the data model to identify risks
- Pseudonymous and anonymous data in the data model – the risk of surrogate and foreign keys.
Privacy Impact Assessments as a Data Risk Management tool
- Understanding what is required in a Privacy Impact Assessment
- Understanding Data Privacy as a Quality System
- Understanding how to apply information quality management principles and practices to Privacy Impact Assessments
The Myth of “GDPR Compliance” – How the Mission Should Never be ‘Accomplished’
- Understanding fallacy of “compliance” in GDPR.
- Aligning GDPR with continuous improvement principles in information quality management
- Explaining the importance of effective data governance for GDPR.
Understand the Importance of Effective Data Privacy Functions in UK-based Organisations Post-Brexit
Outsourced DPO Functions and Data Governance – Understanding the Pitfalls