GDPR Implementation Masterclass

After you have completed the 3-day practitioner course, you have the opportunity to stay for a further two days to become an Expert Technician. This upgrade is designed to assist those who will need to implement the technical, procedural and organisational change necessary to ensure compliance. Going beyond the topics covered in the first 3 days, you will consider how to apply the knowledge and 


Day 1 - Private Information Life Cycle - How to align the corporate objectives to GDPR

  • Understanding the complete (private) information lifecycle within IT;
  • IT Risk Management: Client and server side technologies; Network; Applications; Storage; Security policies; Personnel
  • Differentiating between privacy and information security, data governance and IT governance
  • Translating legal requirements into stakeholder privacy expectations
  • How to embed privacy into IT? – From policies to processes; SDLC; IT Frameworks (COBIT5, ITIL)
  • IT Architecture and GDPR, mergers and acquisition
  • Credit card and payment processing: PCI-DSS and GDPR, data collation, encryption;
  • Remote access, teleworking, BYOD
  • Anonymization, pseudonymization, encryption
  • CAATs and automated data retrieval systems: Data masking, obfuscation, data loss prevention
  • Customer-facing and front-end applications
  • Practical tools and exercises with focus on recent case studies which can be directly applied to the theory

Day 2 - Privacy Techniques, Issues and Technologies - Which are the most effective?

  • Authentication & Identification
  • Privacy by default and privacy by design; Re-architecting or redesigning privacy
  • Online considerations, Consumer expectations and corporate image sensitivity, Social networks
  • Scams and threats: including Phishing; SQL injections; Whaling; Spam and more
  • How to protect private data against these threats?
  • Online advertising, cookies and other data tracking and gathering systems
  • Web and mobile browser privacy settings and features
  • Web security protocols – strengths and weaknesses: SSL/TLS, HTTPS, anonymizers, VPNs, Tor
  • Wireless technologies and RFID systems
  • Location-based, geolocation, tracking and monitoring systems
  • Cloud computing: Architecture types, problems, concerns, standards and regulations
  • Smart technologies: Machine and deep learning, data analytics, IoT, vernacular automation
  • Surveillance: CCTVs, commercial UAVs (drones), audio, data
  • Automatic recognition: Biometrics, voice-based systems
  • Practical session including revision and a discussion of the impact of emerging technologies (quantum cryptography and computing, AI, blockchain, augmented reality) and political triggers on GDPR (Brexit, US elections, Cybersecurity Law of the People's Republic of China, large corporate pressure groups).

Central London