Data Protection Training
Data Protection Training
One of the biggest problems identified in compliance with data protection law is that people do not fully understand what is expected from them. In today’s digital world, Data Protection Training stands as a crucial e-learning resource, aligned with the European General Data Protection Regulation (GDPR).
To support your application of data protection law in the context of the secondary use of data, we have developed online training modules that you can use to train yourself and your staff.
The Data Protection Training is a modular e-learning tool to support application of data protection law. The focus is on the application of data protection law in the context of the secondary use of data. Within the training you will find explanations what the legal requirements mean, highlighting common misunderstandings, examples from the research context and exercises to test your understanding.
We have divided the Data Protection training into two courses, GDPR Basics and GDPR Advanced. The courses consists of several modules, which allows you to adapt the training to your own pace. Each module incorporates interactive elements designed to enhance participant engagement and comprehension. Following completion of each module, you can assess your progress through a test.
Data Protection eLearning tools are fit for the whole spectrum of users: from an absolute beginner all the way to an advanced researcher.
GDPR Basics – Building the Fundamentals
In the first course, GDPR Basics, you will learn about the fundamentals of European data protection legal framework, through the following four modules.
Module 1 – Personal Data
The first module (Personal Data) focuses on explaining the notion of personal data in the context of the GDPR. The trainee will gain knowledge about the difference between the personal and non-personal data, explore the sensitive realms of data, learn about indirect identifiers, anonymisation and pseudonymisation and data categorisation.
Module 2 – Processing and Purpose
The second module (Processing and Purpose) shows which situations will constitute a processing of data and the importance of purpose in data processing including characteristics of a purpose. It is important to know when you are actually processing personal data because every processing needs to be legally justified and documented. Processing will always happen for a defined purpose. Understanding what a purpose is in the GDPR and how to define it is a basic element for legal compliance with data protection law.
Module 3 – Roles
The third module (Roles) answers questions of the controllers’ responsibilities towards the data and the data subjects, relationship between processor and the controller and purposes and means of processing. The roles of ‘controller’, ‘processor’, ‘joint controller’, along with the concept of ‘third party’ are key to the application of the GDPR. These roles determine who is responsible for protecting personal data and how data subjects may exercise their rights. It is essential to accurately assign these roles to entities handling personal data because it greatly affects their responsibilities towards each other, individuals whose data is being processed, and regulatory authorities.
Module 4 – Lawfulness of the Processing
In the fourth module (Lawfulness of the Processing) trainees will explore legal bases for processing and special requirements for processing special categories of personal data. To be lawful, every processing must be covered by a legal basis. You are only allowed to pursue your processing plans if you have identified a valid legal basis.
GDPR Advanced – Application of GDPR
In the second course, GDPR Advanced, we dive into more advanced knowledge of the application of GDPR through the following modules:
Module 5 – Secondary Use
The fifth module (Secondary Use) clarifies the difference between secondary use of data and further processing and conditions for further processing. Furthermore explains situations in which there is necessary to conduct a compatibility test and reveals opportunistic purposes for further processing. When data are used for different purposes other than the original purpose for which they were collected in the first place (primary use), one may have to fulfil certain conditions to be allowed to do so. In this module, it is explained when this is the case and what rules are needed to follow.
Module 6 – Transparency
In the sixth module (Transparency) trainees learn about different means of providing the information to the data subjects. The means include how, what and when information needs to be provided to the data subjects. The personal data shall be processed in a transparent way, which means that individuals (data subjects) have the right to be informed about the processing and its purpose in an understandable, clear and exhaustive way. Transparency is an effective means of reducing or neutralising imbalances of power between organisations and the individuals from whom they seek to gather personal data.
Module 7 – Fairness and Data Subjects’ Rights
The seventh module (Fairness and Data Subjects’ Rights) reveals what data subjects’ rights stand for and under what circumstances can data processing be deemed fair. Data subjects are safeguarded by a general right, which is that the EU institutions must process their personal data fairly and lawfully, and only for legitimate purposes. This also means that the controller must ensure that the data subject can make effective use of these rights within reasonable time limits.
Module 8 – Minimisation
Module eight focuses on the principles of ‘Data minimisation’ and ‘storage limitation’. These are two of the principles described in the GDPR that aim at limiting the processing of personal data to what is adequate, relevant and necessary. This requirement not only refers to the quantity, but also to the quality of personal data that is being processed.
Module 9 – Accuracy, Integrity & Confidentiality, Data Breach
To be compliant with the GDPR and to protect data subjects from several risks, organisations must adopt a set of technical and organisational measures for data accuracy and security. It is important to ensure adequate standards for data accuracy and for the security of environments where personal data are stored, accessed and used is crucial for every organisation that processes personal data.
Module 10 – Pseudonymisation, Encryption and Anonymisation
By the end of this module, the trainee will understand the crucial differences between pseudonymisation and anonymisation, why encryption is a powerful shield, yet not a perfect one, how to wield these tools effectively in data processing and understand the necessary vigilance required to keep data subjects’ rights protected.
Ready to learn about GDPR?
We invite you to enhance your skills of data protection! Access the Data Protection e-Learning modules on edu.lnds.lu.
Frequently asked questions
How can I enrol to the courses?
Enrol to the Data Protection Training courses on LNDS’ eLearning platform: edu.lnds.lu
Anyone interested in learning more about GDPR and its application, in particular in cases of secondary use of data, is welcome to enrol. The course is free of charge.
What is the scope of the Data Protection Training?
The Data Protection Training service is focused on the European General Data Protection Regulation (GDPR). The courses provides comprehensive learning materials encompassing fundamental and advanced principles concerning data protection, with a specific emphasis on examples pertinent to professionals in the public sector, researchers, and individuals tasked with managing personal data. The curriculum addresses legal requirements, key GDPR principles, practical illustrations, and prevalent errors.
Why and for whom is Data Protection Training necessary?
Anyone who processes personal data within an organisation should complete a GDPR training. Adequate training ensures that employees understand their data protection responsibilities. By demonstrating commitment to compliance, organisations reduce the risk of infringement of individuals’ privacy rights. Failure to do so could result in legal breaches, leading to fines.
Who is the training intended for?
Our eLearning modules are designed to accommodate a broad audience, from absolute beginners, all the way to an advanced researchers. The Data Protection Training modules are specifically designed for employees in the public sector who handle personal data as part of their daily responsibilities, as well as researchers. However, everyone is welcome to take this training.
For Data Protection Officers (DPOs), looking for more detailed support related to governance and compliance frameworks for general data protection, we provide a dedicated GDPR Working Group.
Why do we use modular e-learning tool?
Modular learning is an innovative approach to teaching and learning that breaks down courses into self-contained modules. The modules can be customised, combined, and delivered in a flexible manner. Therefore, they offer a more personalised, efficient, and adaptable learning experience, making it a valuable strategy in today’s educational landscape.
Benefits of modular e-learning tool:
Flexibility and Customisation: Modular learning breaks down traditional courses into smaller, manageable pieces. Learners can select specific modules based on their interests and needs, allowing for personalised learning experiences.
Real-World Relevance: Modules are directly tied to practical outcomes, such as career advancement. Working professionals can acquire new skills efficiently while continuing their jobs, making modular learning attractive to both learners and employers.
Enhanced Engagement: Focusing on smaller content units encourages active participation. Learners can delve into specific topics, apply their knowledge, and see immediate results.
Efficient Delivery: Educators can create and update modules more efficiently than entire courses. This ensures timely and relevant content delivery.
Technology Integration: Modular learning aligns with digital trends, leveraging tools like learning management systems (LMS) and fast-loading websites. It helps educators stay relevant in a rapidly changing technological landscape.