As is the case with any specialised proposition, using the Privacy Manager effectively presupposes a certain level of professional knowledge. This is why the Privacy Academy provides dedicated training modules (both online and offline) for Data Protection Officers, Chief Privacy Officers and employees processing personal data.
For Data Protection Officers and Privacy Officers to effectively plan and document their activities and monitor the status of GDPR accountability requires a thorough understanding of how to implement the GDPR within an organisation. For this reason th Privacy Manager is complemented with a dedicated DPO training, also based on our proprietary role-based GDPR implementation methodology.
a) Planning and documenting
Understanding how to fulfil this complex responsibility is exactly what the DPO training module has been designed for: to learn how the GDPR can be implemented in a transparent and practical Plan-Do-Check-Act manner. This allows DPOs and Privacy Officers to plan the execution of required privacy activities and instruct the organisation on how to best document the required proof needed for GDPR accountability.
b) Monitoring and compliance
Monitoring and managing the timely, complete and correct execution of the planned privacy activities is the main responsibility of DPOs and Privacy Officers. It is therefore important that they have a thorough understanding of the GDPR objectives and associated 57 privacy activities.
Based on a case study developed for this training, DPOs and Privacy Officers gain the necessary experience in using the Privacy Manager to plan and allocate privacy activities. In order to acquire a thorough understanding of the GDPR, the curriculum furthermore focusses in detail on the following:
- creating and maintaining a register of processing operations
- setting up training and awareness programs
- managing and reducing information security risks
- creating and maintaining privacy statements
- managing and handling requests and complaints
- setting up procedures for data breach management
- monitoring new and existing processing practices
- collecting and maintaining means of proof
- demonstrating that all required privacy activities have been carried out