Design for Privacy
COURSE DURATION
2 Days
CLASS DESCRIPTION
EU law requires that controllers put in place measures to effectively implement data protection principles and to integrate the necessary safeguards to meet the requirements of the regulation and protect the rights of data subjects.
These measures should be implemented both at the time of processing and when determining the means for processing. In implementing these measures, the controller needs to take into account the state of the art, the costs of implementation, the nature, scope and purposes of personal data processing and the risks and severity for the rights and freedoms of the data subject.
In addition, controllers and processors are obliged to design the data processing in such a way as to prevent or minimise the risk of interference with those rights and freedoms and implement technical and organisational measures which take into account the implications of the right to the protection of personal data at all stages of the data processing.
We will focus on the following principles:
- Lawfulness of processing & Fairness of Processing & Transparency of Processing.
- The principle of purpose limitation.
- The Data Minimisation Principle.
- The Data Accuracy Principle.
- The Storage limitation Principle.
- The Data Security Principle.
- The Accountability Principle.
LEARNING OUTCOMES
At the completion of training, the trainee will be able to achieve the following outcomes:
- GDPR principals and rules related with Data Privacy by Design.
- How to approach to each process within System engineering of a new or existing platform.
- How to make Risk Analysis of each process which contains vital data such as Personal Data.
- How to mitigate the process with high risk to low risk within any platform existing and or new.
- How to define / create Technical and organizational Measures to protect the vital data which is both Company confidential Data and Personal Data according to GDPR.
- How to make decision of putting the processes under right legal basis according to GDPR.
- How to make the platforms secured especially in case of Cyber-attacks and attacks from Internal organization.
WHO SHOULD ATTEND?
- Engineers
- Product developers
- Programme, software or website designers
- Other managers responsible the development of products and services where data privacy is critical.