The General Data Protection Regulation (GDPR) creates a common legal framework for data protection laws across the EU, which is designed to give control of personal data back to data subjects by imposing strict rules on those hosting and processing this data, anywhere in the world. In this course, you will learn how to use HOPEX GDPR and the embedded methodology to manage your GDPR compliance initiative.
HOPEX Privacy Management gives you the right tools to understand how your organization complies with the regulation, where to implement changes and how to produce documents required by regulators.
- Discover the main features of HOPEX Privacy Management
- Learn how to handle Personal Data and Data Subjects Categories, Security Measures, Data Transfer Safeguards
- Describe Data Processing Activities specifying Legal Basis, Data subject´s Rights, Contractual agreements, among others.
- Conduct pre-assessments and Data Protection Impact Assessments (DPIA) to identify data protection risks and implement recommendations to increase the compliance level.
- Manage data breach records.
How the course is organized
This course provides key users of the HOPEX Privacy Management solution with a hands-on demonstration of the standard solution. It alternates between an instructor led presentation of the solution and the embedded method with guided exercises in the toolset.
How to participate
Introduction to HOPEX Privacy Management
- GDPR and its impact
- Compliance approach
- Overview of the solution and main concepts
- Key profiles available
Contextualizing the environment
- Organization Management
- Definitions and characteristics of key elements (i.e. data category and data subject categories, sensitive activities, etc.)
Creating and Describing Processing Activities
- Defining legal entity data protection role and details of processing activities
- Describing legal basis, data subjects’ rights and notice and consent management
- Documenting Data Flows and transfer safeguards
- Recording existing security measures and certification schemes
Conducting a Data Protection Impact Assessment (DPIA)
- Conducting pre-assessments and assessments
- Producing DPIA reports
- Consulting the level of risk and compliance with GDPR requirements
- Recording and managing Personal Data Breaches and assess their impact
- Exporting the record of personal data breaches
Creating a processing activities
- Creating a processing activity from Business Processes
- Creating a processing activity from Applications