Privacy in Practice
The implementation of data protection principles and obligations requires a strategic, structured, systematic and risk-based approach taking into account the privacy laws applicable to the organization as well as the fast-evolving technological development. Such an approach requires that companies understand the general data protection principles, concepts and obligations as well as their own data protection-relevant risks at enterprise, program and processing level.
Privacy in Practice aims to provide organizations with the necessary knowledge and tools to effectively and sustainably implement data protection and security requirements in practice and to embed data protection into business processes and projects while at the same time ensuring the protection of data subjects' privacy rights.
Privacy in Practice is a training that consists of a series of workshops by practitioners for practitioners through knowledge transfer, practical examples as well as interactive group work and discussions.
Registration deadline 07/28/2019
In this workshop, participants will refresh their understanding of the general data protection principles, concepts and obligations and learn how data protection requirements can be implemented in practice in a legally secure and sustainable manner through an efficient data protection management program and governance structure.
- You understand the essential principles of data protection and the concepts of accountability, privacy by design and the risk-based approach as well as their operational implementation in an organization;
- You know the elements of an effective and sustainable data protection management system, a data protection framework and a governance structure and how such a system can be built and implemented strategically and operationally within an organization;
- You understand the roles and responsibilities of an efficient and legally compliant data protection organization and what is required for the successful integration into the new role;
- You know how to put the principles of lawfulness, fairness and transparency into practice.
- Maria Chiara AtzoriHead Group Data Privacy PoliciesNovartis
- Roslyn VadalaSenior Legal Counsel – Data Protection and DigitalNestlé
Registration deadline 09/10/2019
In this workshop, participants will learn what the risk-based approach means and how to apply such approach in practice, understand how to effectively carry out a risk assessment at enterprise, program and processing level, know when and how to carry out a DPIA, and learn about different monitoring and verification mechanisms and what auditors are looking for in a privacy audit.
- You understand how to apply the concept of the risk-based approach in practice;
- You understand why, when and how to conduct a risk analysis at the enterprise, program and processing levels;
- You know when and how to perform a DPIA;
- You can identify and categorize risks associated with the processing of employee and customer data in a variety of situations;
- You are familiar with various types of monitoring and auditing and their governance;
- You know what internal and external auditors are looking for and how to prepare effectively for a privacy audit.
- Eva Gardyan-EisenlohrHead of Data PrivacyBayer AG
- Juha ViikkiPersonal Data Protection ManagerINTUITIVE
- Thomas FuchsSenior Manager Internal AuditNovartis
In this workshop, participants will learn why prevention is important and what this means in practice, from the implementation of security measures to the introduction of procedures and processes for dealing with data breaches, responding to data subjects' privacy rights and outsourcing the processing of personal data. Through interactive sessions, participants will understand the different roles in the processing of personal data, from the controller to the processor and joint controllers and their practical implications when working with third parties.
- You understand why it is important to invest in prevention and what this means in practice;
- You know how to apply the risk-based approach for implementing appropriate data security measures in accordance with the GDPR and FADP requirements and learn how international security and data protection standards such as ISO/IEC 27001/27002, BSI 10012 to SOC 1,2 and 3 can be used as effective security controls;
- You know how to deal with a data breach, from detection to notification and resolution, and how to handle the data subjects’ privacy rights, from the right of access to the right to be forgotten, the restriction of processing and data portability;
- You are familiar with the concept of controllers, processors and joint controllers and their practical implications and know how to manage the relationships between the parties, from the evaluation of the third party to the contractual structure and review.
- Stefan KellerGlobal Information Security & Privacy GovernanceRoche
- Tiina SuomelaGroup Data Protection OfficerAscensia
Hotel Bildungszentrum 21, Missionsstrasse 21, Basel
Presentations, checklists and guidance will be provided to the participants during the workshops.
Participation fee (including materials and refreshments)
- All workshops CHF 2’400.-
- Single workshop CHF 890.-
Earlybird until 01 July with a 10% discount. Each additional person from the same organization who books the same workshop(s) will receive a discount of 10%.
Data protection officers, responsible managers from HR, IT, Marketing, Purchasing, Audit, and other functions, corporate lawyers and project managers, and anyone who is interested in data protection management.
Interested parties can register online at a reduced price for all workshops as a package or for individual workshops. To register, please click on the button below.
The number of participants is limited. Registration is binding and no refund will be made for cancellations. The terms and conditions of participation apply.