Personal Data Protection Guide 2025: To Have One’s Cake and Eat It Too
Professor
Kristofers Kalniņš-Liberis
About the professor
Kristofers Kalniņš-Liberis is a certified personal data protection specialist and SIA “Rimi Baltic” data protection expert. He is a debate lecturer at RTU Riga Business School, where he teaches argumentation, public speaking and topic analysis. Two-time winner of the Latvian National Debate Tournament and Latvia’s representative at the World Schools Debate Championship 2019. After graduating with honors from Riga Graduate School of Law, he has gained valuable expereicne in data protection in the financial sector. Kristofers provides valuable theoretical and practical insight in implementing data protection strategy, risk assessment, and compliance with legal norms.
Course Description
This course provides a comprehensive overview of personal data protection regulations, principles, and best practices. Participants will gain the knowledge and skills to implement effective data protection measures, manage data privacy risks, and comply with legal requirements. The course covers a wide range of topics, including data protection laws, data processing principles, data security measures, and incident response procedures. By the end of the course, participants will be able to develop and implement robust data protection strategies to safeguard personal information.
Course Goals
Provide a solid foundation in data protection principles, concepts, and legal frameworks, particularly GDPR.
Equip participants with the practical skills to implement and maintain robust data protection measures within their organizations.
Enable participants to identify, assess, and mitigate data privacy risks, reducing the likelihood of data breaches and regulatory penalties.
Foster a culture of data protection and accountability within organizations.
Keep participants informed about the latest developments in data protection laws and regulations, ensuring ongoing compliance.
After the course participants will be able to:
Gain the knowledge and skills to comply with data protection regulations and avoid costly fines.
Implement robust security measures to protect sensitive personal data.
Establish effective data governance practices to manage data assets responsibly.
Demonstrate a commitment to data privacy and build trust with clients.
Course will be:
In Person
Prerequisites
- No prior knowledge is required for participants, anyone is welcome to participate
Teaching methods used:
- Lectures with global best practices and examples from real case studies, discussions and Q&A session, maintaining confidentiality
Personal Data Protection Basics: History, Scope, Concepts, Principles
a. General Data Protection Regulation
b. What is Personal Data?
-Special Categories of Data (Sensitive Data)
c. Data Processing
d. Principles of Data Processing
e. Legal Basis
-Consent
-Contract
-Legal Obligation
-Vital Interest
-Public Interest
-Legitimate Interest
Personal Data Protection Roles, Responsibilities and Documentation
a. Organizational Measures
-Data Protection Roles
1. Data Protection Officer
2. Data Controller
3. Information Security Officer
4. IT Officer
5. Management
6. Lawyer
-Internal Procedures and Policies
1. Data Protection Policy
2. Incident Management Procedure
-Regular Training
-Access and Review Control
Implementation and changes of processing activities
-Incident management
b. Technical security measures
-Encryption
-Audit trails / Logs
-Multi-factor authentication
-Expiration dates
c. Documentation and assessments
-Data processing register
-Data protection impact assessment (DPIA)
-Legitimate interest assessment
-Transfer impact assessment
Processing of personal data: external cooperation
a. Controller-Processor-Subprocessor
-Data processing agreement
b. Data transfer to other Controllers
-Data processing agreement or other basis
c. Data transfer outside the EU/EEA
-Data transfer assessment
Personal data breaches
a. Identification and recording
b. Assessment
c. When to report a breach (to the data supervisory authority, data subjects)
Data subject requests
a. Data access request
b. Data erasure request
c. Information request
Personal data compliance tools: documentation, communication and daily accountability
a. Microsoft: Word, Excel, List, Sharepoint (info sites and documents), Teams, Outlook, Clipchamp
b. Jira (projects, audit, and incident management)
c. Other third-party tools: discussion
Personal Data Protection Guide 2025: To Have One’s Cake and Eat It Too
This course is available in 2025!
The exact date and time will be announced after registration. For more information please contact us at lift@rbs.lv or call us at 20318250
In Person
Price: 350 € + PVN
Price with EU support: 105 € + PVN
Language: English
Professor
Kristofers Kalniņš-Liberis
About the professor
Kristofers Kalniņš-Liberis is a certified personal data protection specialist and SIA “Rimi Baltic” data protection expert. He is a debate lecturer at RTU Riga Business School, where he teaches argumentation, public speaking and topic analysis. Two-time winner of the Latvian National Debate Tournament and Latvia’s representative at the World Schools Debate Championship 2019. After graduating with honors from Riga Graduate School of Law, he has gained valuable expereicne in data protection in the financial sector. Kristofers provides valuable theoretical and practical insight in implementing data protection strategy, risk assessment, and compliance with legal norms.
Course Description
This course provides a comprehensive overview of personal data protection regulations, principles, and best practices. Participants will gain the knowledge and skills to implement effective data protection measures, manage data privacy risks, and comply with legal requirements. The course covers a wide range of topics, including data protection laws, data processing principles, data security measures, and incident response procedures. By the end of the course, participants will be able to develop and implement robust data protection strategies to safeguard personal information.
Course Goals
Provide a solid foundation in data protection principles, concepts, and legal frameworks, particularly GDPR.
Equip participants with the practical skills to implement and maintain robust data protection measures within their organizations.
Enable participants to identify, assess, and mitigate data privacy risks, reducing the likelihood of data breaches and regulatory penalties.
Foster a culture of data protection and accountability within organizations.
Keep participants informed about the latest developments in data protection laws and regulations, ensuring ongoing compliance.
After the course participants will be able to:
Gain the knowledge and skills to comply with data protection regulations and avoid costly fines.
Implement robust security measures to protect sensitive personal data.
Establish effective data governance practices to manage data assets responsibly.
Demonstrate a commitment to data privacy and build trust with clients.
Course will be:
In Person
Prerequisites
- No prior knowledge is required for participants, anyone is welcome to participate
Teaching methods used:
- Lectures with global best practices and examples from real case studies, discussions and Q&A session, maintaining confidentiality
Personal Data Protection Basics: History, Scope, Concepts, Principles
a. General Data Protection Regulation
b. What is Personal Data?
-Special Categories of Data (Sensitive Data)
c. Data Processing
d. Principles of Data Processing
e. Legal Basis
-Consent
-Contract
-Legal Obligation
-Vital Interest
-Public Interest
-Legitimate Interest
Personal Data Protection Roles, Responsibilities and Documentation
a. Organizational Measures
-Data Protection Roles
1. Data Protection Officer
2. Data Controller
3. Information Security Officer
4. IT Officer
5. Management
6. Lawyer
-Internal Procedures and Policies
1. Data Protection Policy
2. Incident Management Procedure
-Regular Training
-Access and Review Control
Implementation and changes of processing activities
-Incident management
b. Technical security measures
-Encryption
-Audit trails / Logs
-Multi-factor authentication
-Expiration dates
c. Documentation and assessments
-Data processing register
-Data protection impact assessment (DPIA)
-Legitimate interest assessment
-Transfer impact assessment
Processing of personal data: external cooperation
a. Controller-Processor-Subprocessor
-Data processing agreement
b. Data transfer to other Controllers
-Data processing agreement or other basis
c. Data transfer outside the EU/EEA
-Data transfer assessment
Personal data breaches
a. Identification and recording
b. Assessment
c. When to report a breach (to the data supervisory authority, data subjects)
Data subject requests
a. Data access request
b. Data erasure request
c. Information request
Personal data compliance tools: documentation, communication and daily accountability
a. Microsoft: Word, Excel, List, Sharepoint (info sites and documents), Teams, Outlook, Clipchamp
b. Jira (projects, audit, and incident management)
c. Other third-party tools: discussion