Data Protection AND How to Conduct a Data Protection Audit (FULL DAY): Module for Financial Firms [PTDP001] / Module for Non-Financial Firms [PTDP002]

 

TRAINING

Content:

Read content in html

Read content in pdf

 When:

Financial Firms - Wednesday 8th September 2010, 9.00am to 5.00pm

Non-Financial Firms - Date TBA, e-mail us for details

 
 Venue:

Central DUBLIN City Venue

 Cost:

€620 (No VAT), €550 for 2nd attendee from same firm attending same day.
 CPD allowance:

Formal and Informal CPD: max 7 hours (subject to your professional body's rules). You may be able claim a mix of formal and informal hours for the full 7 hours of tuition (subject to your body's rules)

 

Institute of Bankers:

QFA - 2 formal hours

CPD Member (including registered Stockbrokers) - 2 formal hours

LCOI - 4 formal hours

CeB - 4 formal hours

 

Insurance Institute of Ireland/PSAB-GI:

CIP - 4 formal hours

CPD Member - 4 formal hours

LCOI - 4 formal hours

ACII/FCII: - 4 formal hours (This event can be used as part of your Chartered Insurance Institute (CII) CPD scheme requirement should you consider the content relevant to your development needs.)

 
Make a BOOKING:

Terms & Conditions and Cancellation Policy - Please Read

Privacy Statement - Please Read

 

(A) TO BOOK THE FINANCIAL SERVICES MODULE COURSE AND PAY BY CREDIT CARD CLICK BUTTON BELOW [PTDP001]

 

 

(B) TO BOOK THE NON-FINANCIAL SERVICES MODULE COURSE AND PAY BY CREDIT CARD CLICK BUTTON BELOW [PTDP002]

 

 

To make a payment by wire transfer please make your booking via email below. Please includeincluding the course module name (i.e Banks & Investments Industry OR Insurance Industry), course date, your name and contact details (including telephone number). You will receive an automatic response. Thereafter we will email you with wire transfer and other payment details.

 

(A) Email for FINANCIAL SERVICES MODULE COURSE [FTDP001] BOOKINGS@COMPLIANCEIRELAND.COM

 

(B) Email for NON-FINANCIAL SERVICES MODULE COURSE [FTDP002] BOOKINGS@COMPLIANCEIRELAND.COM

 

 

“Excellent Day – Taking time out to think about & discuss the issues is very valuable.  The day supported, confirmed, gave us confidence with our approach and gave us good pointers for data protection going forward”

(Bank – Data Protection attendee)

 

 

Do you know that:

* The DPC’s Annual Report (issued April 2009) highlights various data protection failures (and successes).

* Complaints to the DPC have increased by nearly 60% over the past two reporting years to 1,031 in 2009; DPC is prosecuting government & private bodies for non-compliance and the number of audits more than double in 2008.

* Financial and insurance companies continue to be ‘named and shamed’ in case studies.

*New fines of up €250,000 or 10% of a business turnover are provided for and individuals liable up to €50,000 fine.

*The use of Access Requests by individuals – both customer s and employees – is increasing every year.

 

 

 

All firms which hold, use or control personal data are bound by the Data Protection laws, regardless of whether or not they need to register with the Data Protection Commissioner (DPC). Recent interventions by the Data Protection Commissioner relating to: (i) loss of laptops and other data storage devices; (ii) misuses of personal data by real estate, mortgage, bank and insurance businesses; (iii) failing to safeguard data on a company’s system; (iv) individuals’ rights to see their medical reports; (v) transfer of persons’ transaction data from the EU to the US; (vi) data security breaches; (vii) breaches of e-marketing/unsolicited e-communication requirements, demonstrate the DPC’s desire to raise & enforce data protection in Irish society.  The afternoon session provides an intensive workshop on How to Conduct a Data Protection Audit at which attendees will apply their data protection knowledge to learning about the most effective ways to carry out a data protection audit/self-assessment. Compliance Ireland is retained to assist firms inspected by the Data Protection Commissioner, so we know the practical aspects of handling an inspection, dealing with the Commissioner and implementing sound data protection standards. We will share these skills with attendees of this course.

 

 

DATA PROTECTION OF CUSTOMER & HR RECORDS

Each day contains the same extensive material. The day for Financial Firms incorporates additional data privacy issues contained in financial services regulations (which do not affect non-financial firms).

 

  Content Time

1

What is Personal Data and Sensitive Personal Data under the Data Protection Acts – getting to grips with the definitions and examples of personal data and sensitive personal data

0900-0930

2

The key provisions of the Data Protection Acts – this session will focus on key legislative requirements such as processing of personal data, security of personal data, the statutory requirement for record retention, access requests, transfers of personal data outside the EEA, corporate and senior management responsibility, unauthorised disclosure, confidentiality and whistle-blowing.

0930-1015

3

The Eight Data Protection Principles enshrined in law – this session will explain what each principle means, examples of how others have fallen foul of them and most importantly what you can do to help ensure that your firm doesn’t.  This session will use examples of employee and customers records and case studies to explain what your obligations include

1015-1115

4

Employee records – how to deal with personal data collected in the recruitment process, employment records generally including details of sickness and other absences, as well as records of employees’ personal use of email, internet access & taped telephone calls.

1115-1215

5

Practicalities of Data Protection compliance – drafting a data protection/data handling policy and procedures; training of staff; monitoring your firm’s compliance; privacy statements; and the responsibilities of the Data Protection Officer.

1215-1300

How to conduct a Data Protection self-assessment

How to conduct a Data Protection self-assessment – the afternoon workshop provides attendees with the training and development of relevant skills required to confidently carry out a data protection audit (without which it will be difficult to identify gaps in your business).

Compliance Ireland will provide a step-by-step guide to conducting a self-assessment audit, using specially designed checklists which are fully referenced to the latest legislation to enable attendees to assess and demonstrate their compliance with key sections of the Acts, including:

(a) Drafting a High Level Data Protection Fact Find covering: · Personal data - the reason it is obtained · source of data · Identification of data processors and associated contracts · Third party disclosures · Registration · Data Protection Policy · Staffing and Reporting Structures · Planning and implementing of data protection standards · System audits and reviews · Job descriptions and staff contracts · Data Collection · Key Business Processes.

(b) Checklists for (1) each of the eight data protection principles; (2) transfers of personal data outside of the EEA; and (3) website Privacy Statements.

1400-1700

 

Scroll back to top of page for details of how to book and pay and CPD points.



Compliance Ireland Regulatory Services Limited - (CRO 430127)           City Compliance Regulatory Services Limited - (CRO 430128)

Registered Office: Lower Ground Floor, 13 Adelaide Road, Dublin 2, Ireland

Telephone: +353 (0) 1 425 5962
Fax: +353 (0) 1 633 5005, London Office: +44 (0) 207 193 3518