https://curriculums.juranna.com/menu
https://curriculums.juranna.com/search
Categories
Menu
Data subjects (individuals whose personal data is being processed)
Menu
Data subjects (individuals whose personal data is being processed)
Introduction to data subjects and their rights under GDPR
Obtaining consent from data subjects
Managing data subject access requests
Data subject notification obligations
Handling data subject complaints and inquiries
Data subject impact assessments
Conclusion and next steps
Employees of the organization processing personal data
Menu
Employees of the organization processing personal data
Understanding GDPR and Data Protection Principles for Employees
Importance of Data Protection Impact Assessments (DPIAs) for Employee Data
Employee Privacy and Consent
Employee Training on Data Protection
Secure Handling of Employee Data
Employee Monitoring and Data Protection
Employee Access to Personal Data
Employee Data Breach Response Plan
Transferring Employee Data to Third Parties
Employee Data Retention and Disposal Policies.
Customers or clients of the organization
Menu
Customers or clients of the organization
Understanding GDPR and Data Protection Principles
Importance of a Privacy Policy and Terms & Conditions
Data Collection and Processing
Data Minimization and Retention
Lawful Basis for Processing Data
Data Subject Rights (Access, Rectification, Erasure, etc.)
Consent Management
Data Breach Notification and Response
Third-Party Data Processing and Contractual Agreements
International Data Transfers and Adequacy Decisions
Data Protection Impact Assessments
Data Protection Officer Roles and Responsibilities
Data Protection Training for Employees
Physical Security of Data
Cybersecurity and Information Security Measures
Vendor Management and Due Diligence
Auditing and Compliance Monitoring
Incident Response Planning and Preparedness
Record Keeping and Accountability
Continuous Improvement and Review Processes.
Third-party service providers or vendors that process personal data on behalf of the organization
Menu
Third-party service providers or vendors that process personal data on behalf of the organization
Introduction to GDPR compliance for third-party service providers
Legal requirements for data processors under GDPR
Criteria for selecting GDPR-compliant service providers
Contractual obligations of data processors under GDPR
Third-party risk assessment and management for GDPR compliance
Ensuring GDPR compliance in cloud computing and data storage services
GDPR compliance for data analytics service providers
GDPR compliance for marketing and advertising service providers
Data protection impact assessments (DPIAs) for third-party service providers
Monitoring and auditing third-party service providers for GDPR compliance.
Business partners or affiliates that exchange personal data with the organization
Menu
Business partners or affiliates that exchange personal data with the organization
Understanding GDPR requirements for data sharing with business partners and affiliates
Ensuring GDPR-compliant data processing agreements are in place with all partners and affiliates
Conducting due diligence on potential partners and affiliates to assess their GDPR compliance
Implementing data minimization practices when sharing personal data with partners and affiliates
Providing GDPR-compliant notices to data subjects when their personal data is shared with partners and affiliates
Implementing adequate technical and organizational measures to protect personal data shared with partners and affiliates
Managing data retention policies for personal data shared with partners and affiliates
Implementing secure data transfer mechanisms when sharing personal data with partners and affiliates
Conducting regular audits and assessments of partner and affiliate GDPR compliance
Having a clear plan for responding to data breaches involving personal data shared with partners and affiliates.
Supervisory authorities responsible for overseeing GDPR compliance
Menu
Supervisory authorities responsible for overseeing GDPR compliance
Introduction to GDPR and Supervisory Authorities
Understanding the Role of Supervisory Authorities in GDPR Compliance
Handling Data Protection Officer (DPO) Communications with Supervisory Authorities
Conducting a GDPR Risk Assessment for Supervisory Authority Compliance
Developing a GDPR Data Breach Notification Procedure for Supervisory Authorities
Preparing for GDPR Audits by Supervisory Authorities
Conducting an Internal GDPR Compliance Audit
Establishing a GDPR Privacy Notice for Supervisory Authorities
Ensuring Data Transfer Compliance with Supervisory Authorities
Implementing Data Processing Agreements with Supervisory Authorities
Developing GDPR Compliant Vendor and Third-Party Contracts
Creating an Incident Response Plan for Supervisory Authority Investigations
Understanding the Enforcement Powers of Supervisory Authorities
Managing Supervisory Authority Inspections and Requests for Information
Addressing Supervisory Authority Complaints and Concerns
Maintaining a GDPR Compliance Program for Supervisory Authority Audits
Maintaining GDPR Compliance in Cross-Border Data Transfers
Developing a GDPR Employee Training Program for Supervisory Authority Compliance
Understanding the Rights of Data Subjects under GDPR and the Role of Supervisory Authorities in Upholding Those Rights
Conclusion and Best Practices for Ensuring GDPR Compliance with Supervisory Authorities.
Data Protection Officers (DPOs) responsible for ensuring compliance within the organization
Menu
Data Protection Officers (DPOs) responsible for ensuring compliance within the organization
Introduction to the GDPR: An overview of the regulation, its objectives, and its implications for businesses.
GDPR Compliance: Understanding the core principles and requirements of GDPR compliance, including accountability, transparency, and data subject rights.
Data Protection Impact Assessments (DPIAs): Understanding the process of conducting a DPIA, including how to identify and mitigate privacy risks.
Data Mapping and Inventory: An overview of the importance of data mapping and inventory, including how to conduct an inventory, identify data flows, and categorize data.
Privacy by Design: An overview of privacy by design principles, including how to integrate privacy considerations into the design of products and services.
Data Retention and Erasure: Understanding the requirements for data retention and erasure, including how to define retention periods and ensure secure erasure.
Data Breach Response: Understanding the steps to take in the event of a data breach, including how to identify, contain, and report a breach.
Vendor Management: An overview of the importance of vendor management in data protection, including how to assess and manage risks associated with third-party vendors.
Employee Training and Awareness: Understanding the importance of employee training and awareness in data protection, including how to develop effective training programs.
Auditing and Monitoring: Understanding the importance of auditing and monitoring in data protection, including how to conduct audits and implement effective monitoring mechanisms.
Regulators or authorities that may be involved in investigating data breaches or non-compliance
Menu
Regulators or authorities that may be involved in investigating data breaches or non-compliance
GDPR Overview and Principles
Legal Grounds for Data Processing
Data Subject Rights and Requests
Consent and Consent Management
Data Breach Notification Requirements
Data Protection Impact Assessments (DPIAs)
Records of Processing Activities (ROPA)
Privacy by Design and Default
Controller-Processor Relationships and Agreements
Appointment and Role of Data Protection Officers (DPOs)
Data Protection and Privacy Policies
International Data Transfers
Data Retention and Erasure
Employee Training and Awareness
Vendor Management and Third-Party Risk Assessment
Data Mapping and Inventory
Data Minimization and Storage Limitation
Incident Response Planning and Management
DPIA and ROPA Review and Updating
Monitoring and Auditing GDPR Compliance
Investors or shareholders who may be affected by any legal or financial consequences of non-compliance
Menu
Investors or shareholders who may be affected by any legal or financial consequences of non-compliance
Introduction to GDPR compliance for investors and shareholders
The legal and financial risks of non-compliance for investors and shareholders
The role of investors and shareholders in promoting data protection
Developing an investor and shareholder communication strategy for GDPR compliance
Key GDPR requirements for companies with investors or shareholders
Data protection impact assessments for investor or shareholder-related activities
Handling data subject access requests related to investors or shareholders
The importance of transparency in data processing for investors and shareholders
Managing data breaches that affect investors or shareholders
The role of due diligence in evaluating data protection risks for investors or shareholders
Incorporating data protection clauses in contracts with investors or shareholders
Data minimization and retention policies for investor or shareholder data
Developing and implementing data protection policies for investor or shareholder data
Training and educating investors and shareholders on data protection
Best practices for securely storing and transferring investor or shareholder data
Data protection audits and assessments for investor or shareholder data
Outsourcing data processing activities and the impact on investor or shareholder data protection
International data transfers and their impact on investor or shareholder data protection
The role of the DPO in ensuring investor or shareholder data protection
Ensuring ongoing GDPR compliance for investors and shareholders.
Contractors or temporary workers who may have access to personal data during their work with the organization.
Menu
Contractors or temporary workers who may have access to personal data during their work with the organization.
Introduction to GDPR and Data Protection Principles
Roles and Responsibilities of Data Controllers and Processors
Lawfulness, Fairness, and Transparency of Data Processing
Rights of Data Subjects and Managing Data Subject Access Requests
Lawful Basis for Data Processing and Consent Management
Data Protection Impact Assessments (DPIAs) and Risk Management
Data Protection in Employment and HR Processes
Security of Personal Data and Cybersecurity Measures
Data Breach Management and Notification Requirements
Processor Contracts and Data Sharing Agreements
Data Protection Compliance Audits and Monitoring
DPIA Case Study and Workshop
Data Protection Training and Awareness for Employees
Managing Personal Data of Customers and Clients
Third-Party Service Providers and Vendor Management
Business Partners and Affiliates: Data Sharing and Joint Controllership
Supervisory Authorities and Regulatory Compliance
Investors and Shareholders: Legal and Financial Consequences of Non-Compliance
Contractors and Temporary Workers: Data Protection Obligations and Best Practices.
GDPR Overview and Introduction to Data Protection.
Menu
GDPR Overview and Introduction to Data Protection.
Step 1: Introduction to Data Protection
Step 2: Understanding Personal Data
Step 3: Data Protection Principles
Step 4: Rights of Data Subjects
Step 5: Data Protection Impact Assessments (DPIAs)
Step 6: Incident Response and Reporting
Step 7: Vendor Management and Data Sharing
Step 8: Ongoing Compliance
Step 9: Q&A and Review
Data protection in human resources
Menu
Data protection in human resources
Data protection for practices and hospitals
Menu
Data protection for practices and hospitals
Data protection for commercial employees
Menu
Data protection for commercial employees
Data protection in journalism
Menu
Data protection in journalism
Data protection for public institutions
Menu
Data protection for public institutions
Data protection for executives
Menu
Data protection for executives
Data protection in marketing
Menu
Data protection in marketing
Data protection for law firms
Menu
Data protection for law firms
All courses
0
Your cart is empty.
Keep Shopping
Log in
Sign up
Attention all companies!
Don't wait until it's too late. Take action now to ensure your company is compliant with GDPR Join our GDPR community to unlock the potential of data protection.
Blogs category
Fines and why your company needs to learn about GDPR.
1
Here you will find information about some fines arount GDPR.
Search
Enter your search string
Popular categories
Fines and why your company needs to learn about GDPR.
1
Here you will find information about some fines arount GDPR.
All categories
Latest blogs
Attention all companies!
The finance, insurance, and consulting sectors have received a significant number of fines from Data Protection Authorities (DPAs) due to GDPR violations, amounting to a total of €29.19 million. Spain has the highest number and amount of fines imposed, followed by Romania, Hungary, Poland, and Norway. A lack of a sufficient legal basis for data processing and insufficient technical and organizational measures to ensure information security are the most common reasons for receiving fines. The highest fine within the sector, €6 million, was imposed on a Spanish bank due to insufficient legal basis for data processing. Companies in these sectors must establish and implement comprehensive internal compliance processes to avoid GDPR violations, even within the same group of companies. Investing in GDPR education can help companies comply with GDPR requirements and avoid costly fines. Are you aware of the potential consequences of non-compliance with GDPR regulations? Recent fines imposed on major corporations such as Amazon, Google, Facebook, and WhatsApp are a testament to the importance of understanding and adhering to GDPR regulations. In July 2021, Amazon Europe Core S.à.r.l. was fined a whopping €746 million for non-compliance with general data processing principles. In September 2021, WhatsApp Ireland Ltd. was fined €225 million for insufficient fulfillment of information obligations. These fines are not small change, and they are only the beginning. In December 2021, Google LLC and Google Ireland Ltd. were each fined €60 million for insufficient legal basis for data processing. In France, Google LLC was fined €50 million in 2019 for the same reason. In Germany, H&M Hennes & Mauritz Online Shop A.B. & Co. KG was fined €35.2 million for insufficient legal basis for data processing. In Italy, TIM and Enel Energia S.p.A were fined €27.8 million and €26.5 million respectively for the same reason. The United Kingdom also levied a €22 million fine on British Airways in October 2020 for insufficient technical and organizational measures to ensure information security. These fines are not only expensive, but they also damage a company's reputation and can lead to loss of trust from customers and partners. As such, it is crucial for all companies to educate themselves on GDPR regulations and ensure they are in compliance. At its core, GDPR is about protecting the personal data of individuals, including customers, employees, and suppliers. It is designed to ensure that data subjects have control over their data and that companies are transparent about how they process personal data. By investing in GDPR education and compliance, companies can not only avoid hefty fines and reputational damage, but they can also gain the trust and loyalty of their customers. In today's world, data protection is more important than ever, and GDPR compliance should be a top priority for all businesses. Don't wait until it's too late. Take action now to ensure your company is compliant with GDPR regulations and avoid potential consequences.
Fri, 03 Mar 2023
All blogs
Step 1
Step 2
of
×
How would you rate this course overall?
Write a public review
- Ian Hillman
×
×
Are you sure ?
Write a public review