Current Status
Not Enrolled
Price
€120.00
Get Started

5 CPD

Course Description

This course describes in brief the key provisions and requirements of the Regulation (EU) 2016/679 (GDPR) and provides an explanation regarding the obligation of a company that processes personal data to apply personal data protection by design and by default. It describes the important GDPR principle of “transparency” and explains the concepts of “Controllers” and “Processors”.

It also describes in detail the responsibilities of a company (controller) when processing personal data, as well as it explains in detail the 4 phases of personal data processing and provides examples of good practices for implementing the 4 phases process.

This course explains the GDPR audit assessment that a company may follow in order to ensure compliance with the GDPR requirements and provisions. It also explains when a company can restrict the exercise of data subjects’ rights and refers to the criteria and requirements that need to be met in order for restriction measures to be lawful.

It explains the various reports and notifications that a Data Protection Officer (DPO) can prepare, how a company can respond in case of a persona data breach incident, as well as it explains the conditions that need to exist in order personal data to be transferred lawfully to a third country or an international organisation.

Topics covered

The course is split into the following sections:

Section 1: Get to Know GDPR in brief

  • Key Terms.
  • GDPR short overview.
    • The 12 key provisions of GDPR.
  • The Legal Essentials.
    • The six lawful bases for processing personal data under GDPR.
  • GDPR Article 25 – Data Protection by Design and by Default.
  • Consent.
  • The principle of transparency.
  • The Personal Data process.
  • Controller and Processor.
    • Key elements.
  • The Data Protection Officer (DPO).
  • Administrative fines for breaching GDPR.
    • The fines in Cyprus for breaching GDPR.

Section 2: Start acting! – The 4 phases process

  • The company’s (Controller) responsibilities.
  • The 4 phases process.
    • Phase 1: Identify.
    • Phase 2: Assess.
    • Phase 3: Implement.
    • Phase 4: Apply.
  • Examples of good practices when following the 4 phases process.

Section 3: GDPR Audit Report – Understand when a Company can apply restrictions

  • GDPR Audit Report.
    • How to perform an audit to ensure compliance with the GDPR.
    • What a GDPR Audit Report may include.
    • GDPR Audit assessment – Good practices for GDPR compliance.
  • When a Company can apply restrictions.
    • Criteria to apply restrictions.
    • Requirements that need to be met in order restriction measures to be lawful.
    • What specific provisions shall the restrictions contain.

Section 4: Reports, notifications, assessment and transfer of personal data under GDPR (Video)

  • Data Protection Officer (DPO) reporting to the highest management level.
  • Data Protection Impact Assessment (DPIA).
    • What the DPIA is?
    • Which activities in accordance with the Office of the Commissioner for Personal Data Protection are subject to DPIA requirements?
    • What the DPIA shall at least contain?
  • Breach notification (How to treat data breaches).
    • How to be prepared for a personal data breach?
    • How to respond to a personal data breach?
    • Breach notification to the Supervisory Authority.
    • Breach communication to data subjects.
  • Transfer of personal data to third countries or international organisations.
    • When can a processing operation be qualified as a transfer?
    • When a transfer to a third country or international organisation can be performed? (the three instruments).
    • The steps that a personal data exporter needs to take in order to identify if supplementary measures should be implemented in order to be able to legally transfer data outside the EU/EEA.

Course Duration

This course may take up to 5 hours to be completed. However, actual study time differs as each learner uses their own training pace.

The course is addressed to:

This course is addressed to all individuals who are involved in the processing of personal data in an organisation:

  • Designated DPOs in Investment Firms, Investment Funds, ASPs, Trust Service Corporate Providers, Banks, Payment Service Providers, Law Firms, Accounting Firms, Auditors, insurance companies, hospitals, schools, hotels, real estate professionals, and in general DPOs of all organisations.
  • Employees of Investment Firms, Investment Funds, ASPs, Trust Service Corporate Providers, Banks, Payment Service Providers, Law Firms, Accounting Firms, Auditors, insurance companies, hospitals, schools, hotels, real estate professionals, and in general of all organisations involved in the processing of personal data.
  • Executive Directors, Non-executive directors, Senior Managers, Compliance Officers, Risk Managers, Product Managers, etc.
  • Internal Auditors
  • Consultants
  • Lawyers

It is also suitable for professionals pursuing CPD for the renewal of CySEC Certificate (CySEC Basic or CySEC Advance Certificate or CySEC AML Certificate) or other relevant professional certificates in other jurisdictions.

Training Method

The course is offered fully online using a self-paced approach. The learning units consist of power point presentations and videos. Learners may start, stop and resume their training at any time.

At the end of the course, participants take a Quiz to complete the course and earn a Certificate of Completion once the Quiz has been passed successfully.

Accreditation and CPD Recognition

The course can be accredited by regulators and other bodies for 5 CPD Units that require CPD training in financial and other regulation.

Eligibility criteria and CPD Units are verified directly by your association or other bodies in which you hold membership.

Registration and Access

To register to this course, click on the Take this course button to pay online and receive your access instantly. If you are purchasing this course on behalf of others, please be advised that you will need to create or use their personal profile before finalizing your payment.

Access to the course is valid for 90 days.

If you wish to receive an invoice instead of paying online, please Contact us by email. Talk to us for our special Corporate Group rates.

Instructor

Andreas Nicolaides has more than 10-years experience in the financial Industry. He is the Operations Manager of G.P. GLOBAL LTD offering consulting services and training courses to Investment Firms, Administrative Service Providers and Funds focuses in Internal Audit, compliance & AML issues. He is a member of the Internal Audit team of G.P. GLOBAL LTD and is involved in numerous Internal Audits of Cyprus Investment Firms, Administrative Service Providers and Funds where he is engaged, among others, in the audit for compliance with the GDPR regulatory framework. He has completed a number of trainings on GDPR regulatory framework and assisted a number of Cyprus Investment Firms, Administrative Service Providers and Funds to comply with their GDPR legal obligations.

Andreas Nicolaides holds a BA in Business Management from the Northumbria University (Newcastle – UK). Andreas also holds an Advance and Money Laundering certificate from the Cyprus Securities and Exchange Commission for the provision of investment services/activities.

See more Courses from Andreas Nicolaides

Course Description (click to download)