Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Build EU GDPR data protection compliance from scratch (CIPT)
Section 1: Introduction
1. Why start learning GDPR Data Privacy with me? (2:18)
2. What is included in this course? (2:33)
3. Course Resources
Section 2: Understanding the need for privacy in IT environment
4. Evolving compliance requirements (4:21)
5. Major Risks to a Company's IT Framework (6:15)
6. Application Related Risks (4:58)
7. Network Related Risks (4:59)
8. Storage Related Risks (6:55)
9. Stakeholder expectations for privacy (5:07)
10. Privacy vs Security (4:16)
11. IT Governance vs Data Governance (1:58)
12. The role of the IT professional & other stakeholders in preserving (5:38)
Section 3: Core Privacy Concepts
13. Privacy Foundational elements - Organizational Privacy Notice (5:54)
14. Privacy Foundational elements - Organizational Privacy Policy (6:30)
15. Example - A great organizational privacy policy
16. Privacy Foundational elements - Organizational Security Policies (7:01)
17. Incident Response - Security and Privacy Perspectives (1:53)
18. System Development Lifecycle and Enterprise Architecture (3:25)
19. Privacy Impact Assessments (PIA) (6:12)
20. Common Privacy Principles (5:42)
Section 4: Privacy Considerations & Techniques
21. The Collection Process - Notice (4:38)
22. The Collection Process - Choice, Control & Consent (4:40)
23. Other topics related to Collection (4:22)
24. Use (5:23)
25. Security Practices and Limitations on Use (4:43)
26. Disclosure (7:19)
27. Retention - Records, Limitations, Access (5:47)
28. Retention - Security Considerations (6:02)
29. Destruction (7:16)
Section 5: Privacy in Systems and Applications
30. Identity and Access Management (IAM) (5:23)
31. Limitations of Access Mgmt & Least Privilege principle (3:49)
32. User Based Access Control & Role Based Access Control (4:07)
33. Context of Authority (5:10)
34. Cross Site Authentication & Authorization Models (3:31)
35. Credit card information & Processing (4:28)
36. PCI-DSS & PA-DSS (4:52)
37. Remote Access & BYOD - Privacy & Security Considerations (3:54)
38. Remote Access & BYOD - Access to Computers & Architecture controls (2:38)
39. Data Encryption - Design Considerations (3:51)
40. Application, Record and Field Encryption (3:18)
41. File & Disk Encryption (3:52)
42. Encryption Regulation & Crypto Standards (3:39)
43. Other Privacy enhancing Technologies (6:35)
44. Software Notifications and Agreements (4:17)
Section 6: GDPR Implementation - short intro guide!
45. GDPR short overview (2:47)
46. Format and Definitions (3:06)
47. Principles (1:12)
48. Lawfulness (1:49)
49. Gap Assessment (7:33)
50. How to plan your project - preparation! (2:54)
51. GDPR Roles (4:13)
52. How to Capture Personal Data in a Form (3:33)
53. GDPR Privacy Data Protection Policy (3:57)
54. Data Subject Request Procedure (2:34)
55. Data Protection Impact Assessment (DPIA) (3:28)
56. How to treat data breaches (3:15)
57. How to treat international transfers (2:49)
58. ISO 27K and GDPR mapping (2:15)
59. Privacy by Design (5:24)
Section 7: Online Privacy Issues
60. Organizational Privacy Strategy for Social Media (7:14)
61. Consumer Expectations (5:58)
62. Children's Online Privacy (3:12)
63. Social media - personal information collected (9:14)
64. Social media - personal information shared and ownership (4:30)
65. E-commerce personalization (3:27)
66. Online Advertising (3:28)
67. Key considerations when posting ADs on your website (2:37)
68. Understanding cookies, beacons and other tracking technologies (6:03)
69. Cookies - Deep Dive (2:56)
70. Web Browser Privacy and Security Features (7:29)
Section 8: Technologies with Privacy Considerations
71. Wireless Technology - RFID (5:54)
72. Wireless Technology - NFC, Bluetooth & WiFi (4:50)
73. Location Based Services (LBS) - generalities (5:15)
74. Location Based Services (LBS) - GPS (5:19)
75. Location Based Services (LBS) - GIS (4:04)
76. Surveillance of Individuals (3:35)
77. Data surveillance & Biometric recognition (6:26)
Section 9: Direct Marketing Challenges
78. Data Protection & Direct Marketing (3:08)
79. The concept of Direct marketing (4:32)
80. The right to opt-out (3:54)
81. Marketing Requirements under e-Privacy Directive (2:16)
82. Postal Marketing (3:08)
83. Telephone Marketing (5:28)
84. Electronic Marketing (7:11)
85. Location Based Marketing (5:12)
86. Online Behavioral Advertising (OBA) and GDPR (4:36)
Section 10: Lawful Processing of HR Data, Contracts & Recruiting
87. Where do privacy and HR meet? (4:37)
88. More difficult to rely on Consent (4:05)
89. Data Protection Principles from HR perspective (6:33)
90. Consent_no_longer_an_option_for_HR (4:17)
91. Legitimate interests (4:55)
92. Pseudonymisation (3:03)
93. Cross Border HR Data Transfers under GDPR (2:49)
94. Changes to employee data management under GDPR (4:35)
95. DPOs and DPIAs from HR perspective (3:34)
96. Data Breaches & what to take away from that (5:18)
97. Action Steps from HR perspective (4:42)
98. HR related policies and procedures (4:06)
99. Contracts of employment - what to look for (3:54)
100. Data Protection Policy (8:43)
101. GDPR terms and how they relate to recruiting? (4:58)
102. Map your recruiting data (2:32)
103. Create a privacy policy for recruiting (3:01)
104. Source candidates online with care (2:51)
105. Ensure you job application process complies with GDPR (5:50)
106. Ensure your software vendors are compliant (4:32)
Section 11: GDPR for Cloud Service Providers (CSPs)
107. Cloud and GDPR Concerns (5:45)
108. Looking at GDPR the right way (4:44)
109. Controllers and Processors (8:49)
110. CSP as a processor and GDPR (3:36)
111. Technical and Organisational measures (5:00)
112. Subcontracting (5:52)
113. Detailed impact on cloud contracts (4:30)
114. Clauses between a processor and a sub-processor (6:08)
115. Codes of conduct, certifications and compliance (3:23)
116. Important steps to compliance (4:47)
117. Choosing a hosting provider (2:24)
118. What businesses need to do (1:45)
119. Software and CSPs to consider - part 1 (7:32)
120. Software and CSPs to consider - part 2 (10:06)
121. Software and CSPs to consider - part 3 (10:42)
122. Software and CSPs to consider - part 4 (6:52)
123. Advices for CSPs and Software providers (3:45)
124. GDPR and IoT approach (4:54)
125. There is far more in this space (2:43)
126. GDPR requirements in an IoT context (6:21)
127. Robots, AI, IoT and BigData (5:07)
Section 12: GDPR and Payment Services Directive (PSD2)
128. What is PSD 2 and main objectives (4:17)
129. Benefits for consumers (7:08)
130. Scope of PSD2 directive (2:55)
131. New rules on authorisation and supervision (5:26)
132. Security of Payments (3:09)
133. New types of service providers - TPPs (6:41)
134. Impact of PSD2 to financial services industry (4:29)
135. New risks associated with the TPPs (6:48)
136. Banks are caught between GDPR and PSD2 (6:03)
137. Other challenges - GDPR and PSD2 (6:07)
138. What is Open Banking Consent Model (4:16)
139. Consent Step (2:38)
140. Authentication Step (1:05)
141. Authorisation Step (2:14)
142. Redirection (1:29)
143. Data Minimisation & Permissions (1:55)
Section 13: How Technology can help in achieving GDPR compliance
144. What you will going to see in this section (3:31)
145. Identity Protection demo (AAD IP) (12:37)
146. Privileged Identity Management demo (PIM) (6:59)
147. Mobile Productivity policies demo (Intune) (17:32)
148. Classification, Labelling and Protection of Information demo (AIP) (9:28)
149. Cloud application visibility and security demo (Cloud App Sec) (12:31)
150. Security in cloud infrastructure environment demo (11:27)
151. Defending and remediating endpoints from cloud demo (9:15)
Section 14: Conclusion
152. Top Privacy Mistakes and How to avoid them (6:21)
126. GDPR requirements in an IoT context
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock