General Data Protection Regulation (GDPR) Guide to Protect Your Business Against Fine of Up to €20 million
What is General Data Protection Regulation? The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals with the European Union (UN). It sets out the principles of data management and the rights of the individual, while also imposing fines that can be revenue-based for the organisation. As of 25 May 2018, all organisations are expected to be compliant with GDPR. GDPR regulation covers all EU citizens and countries, thus if your business and organizations involve dealing with EU countries or citizens, you are required to comply with GDPR requirement. In short, almost all companies that has dealing with EU to be GDPR compliant and work on their GDPR compliance strategy.
Failure to Comply may incur a fine of up to €20 million or 4 percent of revenue whichever is higher.
- Up to €10 million or 2 percent of the company’s global annual turnover of the previous financial year – whichever is higher.
- Up to €20 million or 4 percent of the company’s global annual turnover of the previous financial year – whichever is higher.
1 Day Workshop to Be GDPR Compliant and Protect Your Business from These GDPR Risks and Financial Penalties
Valuable Key Takeaways
- Understand and manage compliance obligations under the EU’s General Data Protection Regulation when collecting and transferring data.
- Develop a robust framework for understanding Control and Processing of Data
- Analyse the 7 rights of data subjects, and what this means for a business
- Engage with leading Compliance Expert, Mr Sam Gibbins on how to establish your GDPR roadmap
- Learn the different legal requirements for handling and transferring data across from Europe to other jurisdictions, such as Asia
- Discuss and exchange views on implementation and monitoring issues of GDPR
- Summarise the key elements of organisational data protection, with a view to considering corporate approaches and defences
- Definitions of Privacy & Personal Data
- Legislation and Regulation centred on data protection and privacy
- Legitimate grounds and purpose limitation
- Individual and societal concerns over data collection, storage, and use
- The need to collect, disclose, and use, personal data
- Processing of personal data
- Personal data versus corporate data
Controllers & Processors
- Definitions of Controllers & Processors
- Territorial applicability for Controllers & Processors
Data Subject Rights
- The right of the user to access data collected
- Erasure of data – the right to be forgotten or unidentifiable
- Restrict, pause or cut down on processing
- Data portability – the right to transfer data to another service provider or device to prevent the situation of a lock-in
- The right to object to data processing
- Rights related to automated decisions, including profiling, with legal or significant effects
Organising Data Protection
- Importance of data protection for the organisation
- Data protection authorities
- Personal data transfer to third parties
Data Breaches and Data Security
- The importance of security and data protection
- Data concerns; volume, use, storage and sharing
- Social engineering, phishing, tailgating, and malware
Who Should Attend?
- middle to senior level professionals who are involved in IT, Information Security and Data Protection management as well as legal practitioners.
- Policy maker, risk managers, auditors, internal legal counsel and practitioners that are interested in understanding and managing legal obligation for cyber data breach related issues.
- DPOs, Compliance, IT, Info System and employees from SMEs, MNCs and NGOs including the following sectors
- Financial & Banking Services
- Law Enforcement
- Critical Infrastructure
- Large Enterprises
- High Tech Companies
“The trainer is very informative. He provides many real-life examples instead of reading off from the materials. Interesting and beneficial class!” – Rick Tay, Zico Allshores Trust (S) Ltd
“The delivery of the content is very interesting and kept the class well-engaged. His class is high-recommended as he gives practical information using real-life case studies” – Ong Choon Yam, Petrobras Singapore Private Limited
Mr Sam Gibbin is the Founder of complilearn, providing specialist and advanced Compliance learning to clients globally. He has extensive experience delivering content across a wide range of Governance, Risk, and Compliance areas, to a variety of industry sectors. Sam spent five years in Singapore working for the International Compliance Association, developing, building and promoting courses under the Financial Industry Competency Standards. Sam worked on the skills and competency-based development framework and associated courses, for Compliance and Anti-Money Laundering with the Asian Institute of Finance and the Asian Institute of Chartered Bankers (formerly IBBM), as well as with the Australian Financial Markets Association. In recent years he has helped establish a number of ‘Compliance Academies’ at global firms.
Sam has completed the Advanced Certificate in Training and Assessment with the Institute for Adult Learning, the in-house training division of the Singapore Workforce Development Agency. He possesses a BA (Hons) from King’s College, University of London, as well as a Diploma in Anti-Money Laundering from the International Compliance Association, a Certificate in Combating Financial Crime from the Chartered Institute for Securities & Investment (CISI) and is also a Certified Compliance and Ethics Professional (International) with the Society for Corporate Compliance and Ethics. He is a Certified Compliance Professional with, and a member of, the International Academy of Business and Financial Management.