On Janu­ary 22, 2018, Aka­de­mie Inter­ne Revi­si­on GmbH (AIR) will be hol­ding a semi­nar in Vien­na on the topic of “Basic Data Pro­tec­tion Regu­la­ti­on (DSGVO)”.

Semi­nar topic:

After many years of inten­si­ve nego­tia­ti­ons, the EU mem­ber sta­tes have agreed on a reform of data pro­tec­tion in Euro­pe. The GDPR came into force on 24.5.2016 and is appli­ca­ble from 25.5.2018. In expert cir­cles, this regu­la­ti­on is cele­bra­ted as a mile­stone for a uni­form stan­dard for the pro­ces­sing of per­so­nal data in Euro­pe. Howe­ver, due to the num­e­rous ope­ning clau­ses that allow for natio­nal adapt­a­ti­ons, it also drew strong cri­ti­cism. Ulti­m­ate­ly, it remains to be seen what room for maneu­ver the Euro­pean Court of Jus­ti­ce will actual­ly grant the mem­ber sta­tes, or whe­ther the basic idea of the “spe­ci­fi­ca­ti­on” ope­ning clau­ses will be inter­pre­ted very narrowly.

In prac­ti­ce, com­pa­nies are con­fron­ted with num­e­rous new requi­re­ments, which neces­si­ta­te an inten­si­ve exami­na­ti­on of the topic and a struc­tu­red approach to imple­men­ta­ti­on. In addi­ti­on, while the com­pa­nies’ own respon­si­bi­li­ty has been streng­the­ned, the fines for vio­la­ti­ons have been dra­sti­cal­ly increased at the same time.

Tar­get group:

The semi­nar deals with the GDPR from a tech­ni­cal per­spec­ti­ve and offers an over­view of the requi­re­ments and pro­vi­des prac­ti­cal sug­ges­ti­ons for solu­ti­ons. It also sheds light on why Aus­tria was the only EU coun­try to vote against the GDPR.   The pri­ma­ry tar­get group is inte­res­ted per­sons in audi­ting, the IT depart­ment, secu­ri­ty and data pro­tec­tion offi­cers, but also exe­cu­ti­ves and mana­ging directors.

From the con­tents (DSGVO, adapt­a­ti­on Aus­tria, DPO, pro­ce­du­re directory):

  • Initi­al situation
  • Gene­ral conditions
  • Task of the audit
  • Histo­ry of development
  • Effects on the acti­vi­ties of inter­nal auditing
  • Mate­ri­al and spa­ti­al scope of application
  • Defi­ni­ti­ons of terms
  • Struc­tu­re of the GDPR
  • Signi­fi­can­ce of the reci­tals and ope­ning clauses
  • Natio­nal adapt­a­ti­ons in Aus­tria and Germany
  • Struc­tu­re of a pro­ce­du­re directory
  • The data pro­tec­tion officer
  • Pri­va­cy by Design & by Default
  • Data pro­tec­tion impact assessment
  • Stan­dards and norms
  • Cer­ti­fi­ca­ti­ons (data pro­tec­tion seal of approval)
  • Deal­ing with ser­vice providers
  • Data secu­ri­ty measures
  • Data pro­tec­tion manage­ment sys­tem / infor­ma­ti­on secu­ri­ty manage­ment system
  • Con­cepts for dele­ti­on (the right to be forgotten)
  • Data Breach (Report­ing of Data Breaches)

The semi­nar lea­der is Man­fred Scholz. Ques­ti­ons about the semi­nar can be asked via the semi­nar orga­ni­zer or via our cont­act form.

Fur­ther infor­ma­ti­on: Semi­nar and regis­tra­ti­on link

Source: http://www.internerevision.at/