Home

All courses

Build EU GDPR data protection compliance from scratch

Web Development

GDPR

Development

Build EU GDPR data protection compliance from scratch

Preparation for IAPP certifications_FREE GDPR Templates & Documentation - Practical GDPR Blueprint

4.4

(3301)

17444 enrolled on this course

Last updated 11/2021

None

₹ 3099.0

₹ 4599.0

Buy Now

30-Day Money-Back Guarantee

Lessons

Quizzes

Duration

13 Hours

Skill level

Beginner

Language

English

Certificate

Yes

Full lifetime access

Yes

Description

Lessons from
Chief Security Officer (CISO) of SAP
also an ex
IBM-er, MICROSOFT-er, Accenture, Cognizant, Genpact
and
Cisco
This course is about
how to make privacy operational
and
how to start your journey to get 3 privacy certifications in less than 30 days: CIPT, CIPM, CIPP/E by IAPP”
Please take a look at the
Learning Plan
and together with my other courses, especially:
- How to Succeed in a DPO role
- GDPR Privacy Data Protection Case Studies Explained
- Ultimate Privacy by Design Data Protection Course
2023 Updated
-
12+ hours of GDPR content
and
61 templates

No prior GDPR knowledge is needed.
CIPT, CIPM and CIPP/E certification
preparation in a complete learning plan
This is the
1st course in a 6 course series that will drive you to Data Privacy expert
and will allow you to go for all IAPP certifications: CIPT, CIPM and CIPP/E.
MY FIRST PROMISE TO YOU
is the following: You will be prepared to pass
3 IAPP certifications in less than 30 days
if you follow the below learning plan:
Course 1:
Build EU GDPR data protection compliance from scratch
Course 2:
How to succeed in a Data Privacy Officer Role (GDPR DPO, CIPM)
Course 3:
GDPR Privacy Data Protection Case Studies Explained (CIPP/E, CIPM, CIPT)
Course 4:
Ultimate Privacy by Design Data Protection Course
Course 5:
Build Security Incident Response for GDPR Data Protection (incl. parts from CIPT and CIPM also)
Course 6:
(part of CIPP/US): California Consumer Privacy Act (CCPA) - Complete course
Course 7:
Build a Cybersecurity Career and Earn more than 150K per year
My name is
Roland Costea
and I am currently the Chief Security Officer (CISO) of SAP.
After spending my
last 10 years
working for
SAP
,
Microsoft, IBM, Genpact and Cognizant
as a
Chief Security Officer
or
Privacy & Security Director
being able to create hundreds of integrated security & privacy programmes for top organizations in the world, I have decided to put all my experience together in a comprehensive privacy LEARNING PLAN, to show how to actually make
Data Privacy
operational and most importantly how to think out of the box.
I have been involved in engineering privacy for a lot of industries including Automotive (Mercedes-Benz, Geely, Volvo) and also provided DPO as a service for several other top companies in Europe and US. I have worked and developed the privacy strategy for Microsoft & IBM for the whole Central & Eastern Europe and also drived Cognizant Security & Privacy business in DACH.
Certifications
I hold:
CIPT, CIPM, CISSP, CRISC, CISM, CCSK, CCSP, LPT, CEH, ECSA, TOGAF
Course Curricula:
Section 1:
Introduction
Section 2:
Understanding the need for privacy in the IT environment
Section 3:
Core Privacy Concepts
Section 4:
Privacy Considerations & Techniques
Section 5
: Privacy in Systems and Applications
Section 6:
GDPR Implementation - short intro guide!
Section 7:
Online Privacy Issues
Section 8
: Technologies with Privacy Considerations
Section 9:
Direct Marketing Challenges
Section 10:
Lawful Processing of HR Data, Contracts & Recruiting
Section 11:
GDPR for Cloud Service Providers (CSPs)
Section 12:
GDPR and Payment Services Directive (PSD2)
Section 13:
How Technology can help in achieving GDPR compliance
Section 14:
Conclusion
Who this course is for:
Anyone interested in GDPR compliance
Any security enthusiast willing to learn about GDPR
Anyone interested in how to start a GDPR programme
Anyone interested in technologies that can help achieving GDPR compliance
Anyone interested in making a turn in their career to DATA PRIVACY
Any privacy consultant, manager, director or DPO
Any lawyer interested to learn about data privacy and how technology may fit in this picture also

What you'll learn

Lessons from ex-Microsofter and IBMer

Will have a list of 61 templates/documents that will help them start GDPR programme

Understand what GDPR needs in order to achieve compliance

Go for CIPT, CIPM and CIPP/E certification by IAPP with a comprehensive learning plan explained in lesson 4

Will have a GDPR implementation guide

Understand Online privacy issues

Understand technologies with privacy considerations and core privacy concepts

Understand how technology will help in achieving compliance

Understand lawful processing from HR point of view

Understand how to work with Cloud Service Providers (CSPs)

Requirements

You will need a copy of Adobe XD 2019 or above. A free trial can be downloaded from Adobe.
No previous design experience is needed.
No previous Adobe XD skills are needed.

Course Content

27 sections • 95 lectures

Expand All Sections

1-Introduction

1.1-Why start learning GDPR Data Privacy with me?

1.2-What is included in this course?

1.3-Course Resources

1.4-My first promise to you - get certified in less than 30 days: CIPT, CIPM, CIPP/E

1.5-One more word before we start...

2-Understanding the need for privacy in IT environment

2.1-Evolving compliance requirements

2.2-Major Risks to a Company's IT Framework

2.3-Application Related Risks

2.4-Network Related Risks

2.5-Storage Related Risks

2.6-Stakeholder expectations for privacy

2.7-Privacy vs Security

2.8-IT Governance vs Data Governance

2.9-The role of the IT professional & other stakeholders in preserving

3-Core Privacy Concepts

3.1-Privacy Foundational elements - Organizational Privacy Notice

3.2-Privacy Foundational elements - Organizational Privacy Policy

3.3-Example - A great organizational privacy policy

3.4-Privacy Foundational elements - Organizational Security Policies

3.5-Incident Response - Security and Privacy Perspectives

3.6-System Development Lifecycle and Enterprise Architecture

3.7-Privacy Impact Assessments (PIA)

3.8-Common Privacy Principles

4-Privacy Considerations & Techniques

4.1-The Collection Process - Notice

4.2-The Collection Process - Choice, Control & Consent

4.3-Other topics related to Collection

4.4-Use

4.5-Security Practices and Limitations on Use

4.6-Disclosure

4.7-Retention - Records, Limitations, Access

4.8-Retention - Security Considerations

4.9-Destruction

5-Privacy in Systems and Applications

5.1-Identity and Access Management (IAM)

5.2-Limitations of Access Mgmt & Least Privilege principle

5.3-User Based Access Control & Role Based Access Control

5.4-Context of Authority

5.5-Cross Site Authentication & Authorization Models

5.6-Credit card information & Processing

5.7-PCI-DSS & PA-DSS

5.8-Remote Access & BYOD - Privacy & Security Considerations

5.9-Remote Access & BYOD - Access to Computers & Architecture controls

5.10-Data Encryption - Design Considerations

5.11-Application, Record and Field Encryption

5.12-File & Disk Encryption

5.13-Encryption Regulation & Crypto Standards

5.14-Other Privacy enhancing Technologies

5.15-Software Notifications and Agreements

6-GDPR Implementation - short intro guide!

6.1-GDPR short overview

6.2-Format and Definitions

6.3-Principles

6.4-Lawfulness

6.5-Gap Assessment

6.6-How to plan your project - preparation!

6.7-GDPR Roles

6.8-How to Capture Personal Data in a Form

6.9-GDPR Privacy Data Protection Policy

6.10-Data Subject Request Procedure

6.11-Data Protection Impact Assessment (DPIA)

6.12-How to treat data breaches

6.13-How to treat international transfers

6.14-ISO 27K and GDPR mapping

6.15-Privacy by Design

7-Online Privacy Issues

7.1-Organizational Privacy Strategy for Social Media

7.2-Consumer Expectations

7.3-Children's Online Privacy

7.4-Social media - personal information collected

7.5-Social media - personal information shared and ownership

7.6-E-commerce personalization

7.7-Online Advertising

7.8-Key considerations when posting ADs on your website

7.9-Understanding cookies, beacons and other tracking technologies

7.10-Cookies - Deep Dive

7.11-Web Browser Privacy and Security Features

8-Technologies with Privacy Considerations

8.1-Wireless Technology - RFID

8.2-Wireless Technology - NFC, Bluetooth & WiFi

8.3-Location Based Services (LBS) - generalities

8.4-Location Based Services (LBS) - GPS

8.5-Location Based Services (LBS) - GIS

8.6-Surveillance of Individuals

8.7-Data surveillance & Biometric recognition

9-Direct Marketing Challenges

9.1-Data Protection & Direct Marketing

9.2-The concept of Direct marketing

9.3-The right to opt-out

9.4-Marketing Requirements under e-Privacy Directive

9.5-Postal Marketing

9.6-Telephone Marketing

9.7-Electronic Marketing

9.8-Location Based Marketing

9.9-Online Behavioral Advertising (OBA) and GDPR

10-Lawful Processing of HR Data, Contracts & Recruiting

10.1-Where do privacy and HR meet?

10.2-More difficult to rely on Consent

10.3-Data Protection Principles from HR perspective

10.4-Consent_no_longer_an_option_for_HR

10.5-Legitimate interests

10.6-Pseudonymisation

10.7-Cross Border HR Data Transfers under GDPR

10.8-Changes to employee data management under GDPR

10.9-DPOs and DPIAs from HR perspective

10.10-Data Breaches & what to take away from that

10.11-Action Steps from HR perspective

10.12-HR related policies and procedures

10.13-Contracts of employment - what to look for

10.14-Data Protection Policy

10.15-GDPR terms and how they relate to recruiting?

10.16-Map your recruiting data

10.17-Create a privacy policy for recruiting

10.18-Source candidates online with care

10.19-Ensure you job application process complies with GDPR

10.20-Ensure your software vendors are compliant

11-GDPR for Cloud Service Providers (CSPs)

11.1-Cloud and GDPR Concerns

11.2-Looking at GDPR the right way

11.3-Controllers and Processors

11.4-CSP as a processor and GDPR

11.5-Technical and Organisational measures

11.6-Subcontracting

11.7-Detailed impact on cloud contracts

11.8-Clauses between a processor and a sub-processor

11.9-Codes of conduct, certifications and compliance

11.10-Important steps to compliance

11.11-Choosing a hosting provider

11.12-What businesses need to do

11.13-Software and CSPs to consider - part 1

11.14-Software and CSPs to consider - part 2

11.15-Software and CSPs to consider - part 3

11.16-Software and CSPs to consider - part 4

11.17-Advices for CSPs and Software providers

11.18-GDPR and IoT approach

11.19-There is far more in this space

11.20-GDPR requirements in an IoT context

11.21-Robots, AI, IoT and BigData

12-GDPR and Payment Services Directive (PSD2)

12.1-What is PSD 2 and main objectives

12.2-Benefits for consumers

12.3-Scope of PSD2 directive

12.4-New rules on authorisation and supervision

12.5-Security of Payments

12.6-New types of service providers - TPPs

12.7-Impact of PSD2 to financial services industry

12.8-New risks associated with the TPPs

12.9-Banks are caught between GDPR and PSD2

12.10-Other challenges - GDPR and PSD2

12.11-What is Open Banking Consent Model

12.12-Consent Step

12.13-Authentication Step

12.14-Authorisation Step

12.15-Redirection

12.16-Data Minimisation & Permissions

13-How Technology can help in achieving GDPR compliance

13.1-What you will going to see in this section

13.2-Identity Protection demo (AAD IP)

13.3-Privileged Identity Management demo (PIM)

13.4-Mobile Productivity policies demo (Intune)

13.5-Classification, Labelling and Protection of Information demo (AIP)

13.6-Cloud application visibility and security demo (Cloud App Sec)

13.7-Security in cloud infrastructure environment demo

13.8-Defending and remediating endpoints from cloud demo

14-Conclusion

14.1-Top Privacy Mistakes and How to avoid them

14.2-BONUS - Remember my first promise to you? Learning plan differences

14.3-BONUS 2 - How to get more content and help me create more!

Course Categories

Popular Courses

Build EU GDPR data protection compliance from scratch

Description

What you'll learn

Requirements

Course Content

You May Like