Introduction to GDPR (gdpr 101)

This course module introduces the General Data Protection Regulations (GDPR) which are due to come into force in May 2018. Any organisation (inside or outside the EU) that holds citizens' personal data is obliged to comply.

The consequence of any breach are serious - you may be fined a % of turnover.

An important aspect of GDPR is the need to retain evidence of compliance. Cybralytix provides ongoing certification training of employees as one way to deliver that evidence.

Following your completion of this course, you need to take further modules GDPR 102-111 and the course exam. On passing the exam you will receive a certificate that expires 24 months after passing. You then need to re-take the exam and optionally re-study the course.


Assigning responsibilities

Organizations assign responsibility for the operational aspects of a privacy program to an individual. This individual may sit in a designated privacy function, or may be part of the legal, compliance, IT, security or information governance/management departments. Privacy may be the individual’s full-time position (e.g., Privacy Officer) or may be one hat that the individual wears (e.g., Compliance Officer). Where the organization does not have an establishment in a jurisdiction in/from which it processes personal data, there may be obligations to appoint/designate a local representative, with responsibility for the organization’s privacy compliance obligations.

Engage your senior management

Organizations engage the senior level of the organization, e.g. C-level or senior management, in data privacy since tangible and visible actions at a senior level attest to the importance of privacy within the organization. Having an engaged senior level can result in support in the form of:    

  • Sponsoring an agenda item related to privacy at a board of directors’ meeting;    
  • Raising the profile of the privacy function with other senior leaders; 
  • Communicating the importance of privacy to organization staff and subordinate management;  
  • Participating in privacy initiatives lead by the privacy office and business initiatives where privacy is key; and 
  • Ensuring adequate funding to support the privacy function. 

Appoint a DPO

Roles and their responsibilities

Communicate with internal stakeholders

Communicate with external stakeholders

  • Put your answer option here
  • Put your answer option here

Risk Assessment

Enterprise reporting

Privacy strategy

Mandatory sign-up