Text Size
Sunday, April 05, 2020

Public Training

Course Summary:

This full day course is essential for any firm that uses personal data of customers and/or staff. Delivered in two workshops: 
• The morning workshop examines (a) the Data Protection laws & the eight data protection principles (i.e. collection, treatment, permitted processing, retention, storage & security of electronic and manual personal data); and (b) practicalities of compliance (i.e. drafting policies & procedures, staff training, privacy statements) and responsibilities of the Data Protection Officer. 
• The afternoon workshop develops relevant skills required to confidently carry out a data protection audit.

Course Content:

Do you know that:

* The DPC continues to investigate and prosecute firms for breaches of the data protection legislation.

* The DPC issued a Personal Data Security Breach Code of Practice in 2010

*New fines of up €250,000 or 10% of a business turnover are provided for and individuals liable up to €50,000 fine.

*The use of Access Requests by individuals – both customers and employees – is increasing every year.

All firms which hold, use or control personal data are bound by the Data Protection laws, regardless of whether or not they need to register with the Data Protection Commissioner (DPC).  Recent interventions by the Data Protection Commissioner relating to:
(i) loss of laptops and other data storage devices;
(ii) misuses of personal data by real estate, mortgage, bank and insurance businesses;
(iii) failing to safeguard data on a company’s system;
(iv) individuals’ rights to see their medical reports;
(v) transfer of persons’ transaction data from the EU to the US;
(vi) data security breaches;
(vii) breaches of e-marketing/unsolicited e-communication requirements,demonstrate the DPC’s desire to raise & enforce data protection in Irish society. 

The afternoon session provides an intensive workshop on How to Conduct a Data Protection Audit at which attendees will apply their data protection knowledge to learning about the most effective ways to carry out a data protection audit/self-assessment.  Compliance Ireland is retained to assist firms inspected by the Data Protection Commissioner, so we know the practical aspects of handling an inspection, dealing with the Commissioner and implementing sound data protection standards. We will share these skills with attendees of this course. 

The course contains the following sessions:

Data Protection

  • What is Personal Data and Sensitive Personal Data under the Data Protection Acts – getting to grips with the definitions and examples of personal data and sensitive personal data
  • The key provisions of the Data Protection Acts – this session will focus on key legislative requirements such as processing of personal data, security of personal data, the statutory requirement for record retention, access requests, transfers of personal data outside the EEA, corporate and senior management responsibility, unauthorised disclosure, confidentiality and whistle-blowing.
  • The Eight Data Protection Principles enshrined in law – this session will explain what each principle means, examples of how others have fallen foul of them and most importantly what you can do to help ensure that your firm doesn’t.  This session will use examples of employee and customers records and case studies to explain what your obligations include
  • Employee records – how to deal with personal data collected in the recruitment process, employment records generally including details of sickness and other absences, as well as records of employees’ personal use of email, internet access & taped telephone calls.
  • Practicalities of Data Protection compliance – drafting a data protection/data handling policy and procedures; training of staff; monitoring your firm’s compliance; privacy statements; and the responsibilities of the Data Protection Officer.

How to conduct a Data Protection self-assessment

The afternoon workshop provides attendees with the training and development of relevant skills required to confidently carry out a data protection audit (without which it will be difficult to identify gaps in your business).

Compliance Ireland will provide a step-by-step guide to conducting a self-assessment audit, using specially designed checklists which are fully referenced to the latest legislation to enable attendees to assess and demonstrate their compliance with key sections of the Acts, including:

(a) Drafting a High Level Data Protection Fact Find covering: 
Personal data - the reason it is obtained  
source of data 
Identification of data processors and associated contracts 
Third party disclosures · Registration 
Data Protection Policy 
Staffing and Reporting Structures 
Planning and implementing of data protection standards 
System audits and reviews 
Job descriptions and staff contracts 
Data Collection 
Key Business Processes.

(b) Checklists for
(1) each of the eight data protection principles; 
(2) transfers of personal data outside of the EEA; and 
(3) website Privacy Statements.

Who Should Attend:

  • Compliance Officers
  • HR Managers
  • Directors
  • Managers
  • Supervisors
  • All individuals who hold, control or use personal data are bound by the Data Protection laws and should be aware of their obligations.



Please click here for the latest dates for this course:


Enquiries: If you wish to enquire about a course before booking, please contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it. This email address is being protected from spambots. You need JavaScript enabled to view it.

CPD Details:

Institute of Bankers: Formal CPD Hours

QFA: 2 hours
CPD Member: 2 hours
RS CPD Member: 2 hours
LCOI: 3 hours
Chartered Banker: 6 hours
CeB (Certified Banker): 6 hours

Insurance Institute of Ireland: Formal CPD Hours

CPD Member: 4 hours for MCC Product Categories 4,5,6
ACII/FCII Chartered Insurance Institute CPD Scheme: 4 hours

Irish League of Credit Unions (ILCU)

Operations Stream: 4 hours
Governance Stream: 4 hours

  • AML Consultancy Services +

    We are Compliance Ireland  We are Ireland’s leading specialist provider of regulatory, risk and corporate governance consulting, advisory and compliance training Read More
  • AML Directives +

    The third EU AML Directive came into force for EU member states on 15 December 2007. It resulted from the Read More
  • AML International Bodies +

    AML INTERNATIONAL BODIES  The following are other relevant international AML bodies.  Egmont Group  The Egmont Group of Financial Intelligence Units Read More
  • Financial Action Task Force +

    Financial Action Task Force (FATF) and the FATF Recommendations   FATF is an inter-governmental body that was set up in Read More
  • Criminal Justice Terrorist Offences Act 2005 +

    The Criminal Justice (Terrorist Offences) Act 2005 was signed into law on the 8th March 2005. Its provisions had immediate Read More
  • Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 +

     The Third Anti-Money Laundering Directive (2005/60/EC) was transposed into Irish law by the Criminal Justice (Money Laundering and Terrorist Financing) Read More
  • Credit Union Sectoral Guidance Notes +

    On the 7th February, the Department of Finance published the sectoral AML-CFT guidance notes for Credit Unions. The Guidance Note Read More
  • What to expect from the Central bank moving forward? +

      The work of the AML unit is not complete. Firms should expect more inspections as the annual program of Read More
  • 1
  • 2
  • 3