Course Overview

“Data protection regulations ensure the security of individuals’ personal data and regulate the collection, usage, transfer, and disclosure of the said data.”

The course is specifically designed to help businesses and individuals comply with the essential principles of the Data Protection Act 2018. If you handle personal information as part of your work, then data protection should be an integral part of your daily activities. This course explains what your legal responsibilities are under data protection law so that you understand how to collect data legally, obtain consent where required, process data in accordance with the law and ensure data security. At the end of the Diploma in Data Protection, students will have a firm understanding of the legal requirements in relation to data protection and how to implement compliance.

Successful completion of the diploma provides you with a qualification recognised by The Institute of Banking and LIA for CPD Purposes.

Why Data Protection?

Data protection is increasingly becoming an area of global impact. Gain the skills to navigate and critically analyse the changing legal environment of GDPR and what it means for you as a data subject, controller, or processor.

• Data Protection Officers are in high demand
• Average salary for a Data Protection Officer is €70k

Course Modules

Week 1

Introduction

• Course and assessment outline
• Sources of law
• Right to privacy under international and domestic law
• The need for GDPR
• Overview of the current legislative context
• Privacy by Design
• GDPR terminology

Week 2

The General Data Protection Regulation: Who, What and How

• The 7 data protection principles
• The conditions and challenges for the lawful processing of data
• Issues with data subject consent
• Retention and disposal of data
• Data security

Week 3

My Data, My Rights: Rights of Data Subjects

• Provision of information and right of access
• Rights to rectify and erase data
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights over automated decision making
• Responding to data subject requests
• Breaches and fines

Week 4

Who’s in charge: Obligations on Controllers and Processors

• The 7 principles of data protection by design and default
• Data protection impact assessments
• The role of the data protection officer and data controller
• The role of the data processor
• Record-keeping
• Co-operation with the supervisory authority
• Security of data and notification of breaches
• Employee training

Week 5

Free movement of data and transfers of personal data to third countries or international organisations

• The right to data portability
• Transfer of data outside the EU/EEA
• Adequacy decisions
• Standard contractual clauses
• Binding corporate rules
• Derogations
• UK GDPR legislation
• US data protection legislation
• International cooperation
• Data protection around the world

Week 6

Keeping a close eye: The Supervisory Authorities and the Data Protection Commissioner

• The role and function of the data protection commission
• The European data protection board
• The European data protection supervisor
• International Data Protection Authorities

Week 7

Falling foul of the rules: remedies, liability and penalties

• Right to lodge a complaint
• Right to an effective remedy
• Judicial review
• Representation
• Right to compensation and liability
• Administrative fines
• Damages and penalties
• Privacy v data protection
• The emergence of data protection in tort claims

Week 8

Specific Processing Situations Part 1: Employers and Employees

• Potential data security risks for an organisation
• Garda vetting of prospective employees
• Staff surveillance
• Biometrics in the workplace
• Transfer of ownership of business
• Employee access requests
• Devices, apps and social media at work

Week 9

Specific Processing Situations Part 2: Marketing

• Direct marketing
• National directory database
• Publicly available information
• Unsolicited marketing
• E-receipts

Week 10

       Current Issues in Data Protection

• The law enforcement directive
• State surveillance
• The internet of things
• The public sector
• The use of algorithms and privacy
• The future of data privacy
• Creating a compliance plan for your organisation

Learning Outcomes

You will gain an in-depth knowledge of the following:

• The fundamental legal principles of the GDPR
• The role of Data Protection Officers and Data Protection Processors
• The handling, management, and protection of personal data in the workplace
• The remedies, liability and penalties issues arising from breaches in data protection
• The behavioural issues in data protection
• The technical aspects of handling personal data
• The current issues in Data Protection
• How to create a compliance plan for your organisation

Course Lecturer – Kathy Horgan

Kathy graduated with an LLB in Law and Criminology and later with a LLM in Law. She also holds a post-graduate certificate in Teaching in Higher Education and a post graduate certificate in Education Law. She is a member of The Association of Data Protection Officers.

Kathy also lectures law, data protection and business at Griffith College and UCD’s Professional Academy.