PRIVACY AND DATA PROTECTION

Data privacy defines who has access to data, while data protection provides tools and policies to restrict access to the data.

Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right.

ISO/IEC 27701 Privacy Information Management

ISO/IEC 27701 standard is published in August 2019, and it is the first international standard that deals with privacy information management. The standard assist organizations to establish, maintain and continually improve a Privacy Information Management System (PIMS) by enhancing the existing ISMS, based on the requirements of the ISO/IEC 27001 and guidance of ISO/IEC 27002. It can be used by all types of organizations irrespective of their size, complexity, or the country they operate.

The exponential growth of the collection of personal information and the increasing of data processing has led to privacy concerns. Hence, implementing a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701 will enable organizations to assess, treat, and reduce risks associate with the collection, maintenance, and processing of personal information.

This standard is essential for every organization that is responsible and accountable for Personally Identifiable Information (PII) as it provides requirements on how to manage and process data and safeguard privacy. It enriches an already implemented ISMS to address privacy concerns properly by assisting the organizations to understand the practical approaches involved in the implementation of an effective management of PII. 

ISO/IEC 27701 Foundation

The ISO/IEC 27701 Foundation training course is designed to help participants understand the basic concepts and principles of a Privacy Information Management System (PIMS) based on ISO/IEC 27701. Moreover, during this training course, students will learn more on the structure of the standard including its requirements, guidance, and controls on the protection of the privacy of Personally Identifiable Information (PII) principals and the relationship of the standard with ISO/IEC 27001 and ISO/IEC 27002.

  • Duration – 2 Days
  • CPD Certification (Credits) – 14
  • Certification Body: PECB, Canada
  • Exam Duration – 1 Hour
  • Retake Exam – Yes

ISO/IEC 27701 Lead Implementer

The ISO/IEC 27701 Lead Implementer training course enables to develop the necessary expertise to assist an organization to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS) based on ISO/IEC 27701 by enhancing an existing ISMS based on ISO/IEC 27001 and the guidance of ISO/IEC 27002.

This training course is designed to prepare its participants implement a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701. Moreover, you will gain a comprehensive understanding of the best practices of privacy information management and learn how to manage and process data while complying with various data privacy regimes.

  • Duration – 4 Days
  • CPD Certification (Credits) – 31
  • Certification Body: PECB, Canada
  • Exam Duration – 3 Hours
  • Retake Exam – Yes

ISO/IEC 27701 Lead Auditor

The ISO/IEC 27701 Lead Auditor training course enables to develop the necessary skills to perform a Privacy Information Management System (PIMS) audit by applying widely recognized audit principles, procedures, and techniques.

During this training course, you will obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.

Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts.

  • Duration – 4 Days
  • CPD Certification (Credits) – 31
  • Certification Body: PECB, Canada
  • Exam Duration – 3 Hours
  • Retake Exam – Yes

GDPR — General Data Protection Regulation

The General Data Protection Regulation (GDPR) is a regulation that enforces a stronger data protection regime for organizations that operate in the European Union (EU) and handle EU citizens’ data. GDPR constitutes the protection of personal data of employees, customers, and others. In case organizations fail to comply with this regulation, they will be subject to heavy fines and damaged reputation. Considering that personal data represents critical and sensitive information that all organizations should protect, such a regulation will help put in place appropriate procedures and controls to prevent Information Security breaches.

Considering that data breaches have become highly sophisticated in the recent years, the need for data protection has increased as well.

Information Security is crucial to the success of any organization since it deals with the protection of sensitive data from unauthorized access, use, replication, and destruction. As such, organizations should put in place measures and controls to manage and diminish Information Security risks and comply with GDPR requirements. In case organizations fail to comply with the GDPR requirements, the penalties can reach up to 2% of an organization’s annual turnover. Also, in case of more serious infringements, the penalties can amount to 4% of an organization’s annual revenue. The implementation of a Privacy Framework, on the other hand, will allow professionals to develop and implement reliable controls that are generally accepted.

GDPR Foundation

The GDPR Foundation training enables you to learn the basic elements to implement and manage a compliance framework about the protection of personal data. During this training course, you will be able to understand the fundamental privacy principles and become familiar with the role of the Data Protection Officer.

  • Duration – 2 Days
  • CPD Certification (Credits) – 14
  • Certification Body: PECB, Canada
  • Exam Duration – 1 Hour
  • Retake Exam – Yes

GDPR – Certified Data Protection Officer

The Certified Data Protection Officer training course enables to acquire the necessary knowledge and skills and develop the competence to perform the role of the data protection officer in a GDPR compliance program implementation.

As data protection is becoming more and more valuable, the need for organizations to protect these data is also constantly increasing. Besides violating the fundamental rights and freedoms of persons, not complying with the data protection regulations can lead to risky situations that could harm an organization’s credibility, reputation, and financial status. This is where your skills as a data protection officers come to place. 

The Certified Data Protection Officer training course will help you acquire the knowledge and skills to serve as a Data Protection Officer (DPO) to help organizations ensure compliance with the General Data Protection Regulation (GDPR) requirements.

  • Duration – 4 Days
  • CPD Certification (Credits) – 35
  • Certification Body: PECB, Canada
  • Exam Duration – 3 Hours
  • Retake Exam – Yes
Open chat