This course describes in details the process to develop the Record of Processing Activities and the Data Protection Impact Assessment and it explains the information that an organisation is obliged to provide to data subjects. It describes the reason that an organisation shall provide specific information to its employees and candidates of employment and provides a number of good practices of how the information shall be provided. The course also explains when it is lawful to transfer personal data to third countries.
This course describes in details the Record of Processing Activities and the Data Protection Impact Assessment as well as it explains the obligation of an organisation to provide specific information to data subjects. It describes the process to develop a Record of Processing Activities and what should be included as well as when and how an organisation shall perform a Data Protection Impact Assessment. The course also explains what information shall be provided to data subjects, how and when this information shall be provided.
The course is split into the following sections:
Section 1: How and Why a Record of Processing Activities shall be developed and the process to conduct a Data Protection Impact Assessment
- Why a Record of Processing Activities should be developed
- What the Record of Processing Activities should include
- Examples of Record of Processing Activities
- What a Data Protection Impact Assessment (DPIA) is
- In which cases a DPIA should be performed
- How an organisation can carry out a DPIA
Section 2: What information should be provided to data subjects and understand when it is lawful to transfer personal data to third countries
- Why an organisation must provide certain information to data subjects
- The information that should be provided to data subjects
- How this information can be provided
- Informing employees and candidates for employment
- The cases when an organisation can lawfully transfer personal data to third countries
- How organisations of the same group can transfer personal data between them
- What an agreement between different organisations shall include for the transfer of personal data
This course may take up to 3 hours to be completed. However, actual study time differs as each learner uses their own training pace.
The course is addressed to:
This course is addressed to all individuals who are involved in the processing of personal data in an organisation:
- Designated DPOs in Investment Firms, Investment Funds, ASPs, Trust Service Corporate Providers, Banks, Law Firms, Accounting Firms, Insurance Companies, Hospitals, Schools and in general DPOs of all organisations
- Employees of Investment Firms, Investment Funds, ASPs, Trust Service Corporate Providers, Banks, Law Firms, Accounting Firms, Insurance Companies, Hospitals, Schools and in general of all organisations involved in the processing of personal data
- Internal Auditors
- Senior managers
It is also suitable to professionals pursuing regulatory CPD for the renewal of the “Basic” and “Advance” CySEC Certificate.
The course is offered fully online using a self-paced approach. The learning units consist of power point presentations and examples. Learners may start, stop and resume their training at any time.
At the end of each section, participants take a Quiz to complete their learning unit and earn a Certificate of Completion once all quizzes have been passed successfully.
Accreditation and CPD Recognition
The course can be accredited by regulators and other bodies for 3 CPD Units that require CPD training in financial and other regulation.
Eligibility criteria and CPD Units are verified directly by your association or other bodies in which you hold membership.
Registration and Access
To register to this course, click on the Take this course button to pay online and receive your access instantly. If you are purchasing this course on behalf of others, please be advised that you will need to create or use their personal profile before finalizing your payment.
Access to the course is valid for 60 days.
If you wish to receive an invoice instead of paying online, please Contact us by email. Talk to us for our special Corporate Group rates.
Andreas Nicolaides has more than 8-years experience in the financial Industry. He is the Operations Manager of G.P. GLOBAL LTD offering consulting services and training courses to Investment Firms, Administrative Service Providers and Funds focuses in Internal Audit, compliance & AML issues. He is a member of the Internal Audit team of G.P. GLOBAL LTD and is involved in numerous Internal Audits of Cyprus Investment Firms, Administrative Service Providers and Funds where he is engaged, among others, in the audit for compliance with the GDPR regulatory framework. He has completed a number of trainings on GDPR regulatory framework and assisted a number of Cyprus Investment Firms, Administrative Service Providers and Funds to comply with their GDPR legal obligations.
Andreas Nicolaides holds a BA in Business Management from the Northumbria University (Newcastle – UK). Andreas also holds an Advance and Money Laundering certificate from the Cyprus Securities and Exchange Commission for the provision of investment services/activities.
See more Courses from Andreas Nicolaides