In this course, GDPR: The Big Picture, you'll discover which organizations must comply with the EU's General Data Protection Regulation and how GDPR will affect all IT teams. First, you'll start by meeting the key terms used in the GDPR and seeing how the regulation aims to balance the things that an organization wants to do with personal data with people's rights, including their right to privacy. Next, you'll find out the key data protection principles and what they mean for systems, before discovering the specific rights that people have over data about them, and what IT must do to respond to those rights. After that, you'll learn about the core things that GDPR requires an organization to do, including the way it wants you to manage the security of people's data and what to do when the organization has a breach of data security. Finally, you'll think about the application of GDPR by discovering an organizational journey from the beginning of the process to GDPR compliance and by exploring how GDPR affects a typical application development project. By the end of this course, you'll have the core GDPR knowledge that anyone working in IT needs to understand. You'll be able to take account of GDPR when working in projects across the IT lifecycle from design and development through deployment to running systems. You'll also be comfortable discussing GDPR with your organization's legal, compliance and governance teams.
- Introduction to GDPR
- Key Data Protection Concepts and Principles
- Data Subject Rights
- Controller and Processor Responsibilities
- Security, Risk, and Impact Assessments
- Integrating GDPR into IT
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.