GDPR: The Big Picture

By John Elliott
The EU’s General Data Protection Regulation will affect the way IT teams everywhere design, develop, deploy, and run systems. This course will give you a clear understanding of GDPR and what IT teams need to do to support organizational compliance.
Play course overview
Course info
Rating
(56)
Level
Beginner
Updated
May 31, 2018
Duration
3h 6m
Table of contents
Course Overview
Course Overview 1m
Introduction to GDPR
The Who, What, When, Why, and Where of GDPR 8m Module Summary 1m
Key Data Protection Concepts and Principles
Balancing People’s Rights 4m What Is Personal Data? 3m Data Subjects, Controller, and Processors 4m The Anatomy of GDPR 3m All Processing Must Be Lawful 7m The Core Data Protection Principles 7m Putting the Principles into Practice 9m Module Summary 2m
Data Subject Rights
Rights in the Information Lifecycle 3m Rights to Be Informed About What Will Happen to a Person’s Data 4m Right of Data Subjects to Access Their Data (DSARs) 4m Rights of Correction and Erasure (Forgotten) 5m Right to Restrict Processing 2m Right to Data Portability 3m Marketing, Profiling, and Automated Decision Making 6m Summary of Subject Rights 1m Penalties and Planning for Rights Requests 6m
Controller and Processor Responsibilities
Data Protection by Default, Governance, and Accountability 8m Data Protection Impact Assessments (DPIA) 4m (Data) Processors 3m Security and Breach Notification 4m The Data Protection Officer (DPO) 7m Taking Data Outside of the EU 5m Penalties and Consequences 3m
Security, Risk, and Impact Assessments
The Risk to Data Subjects 9m Determining What’s Appropriate 4m Encryption and Control Assurance 6m The Breach Response Timetable 5m Module Summary 2m
What’s a GDPR Program Look Like?
Governance, Finding Data, and Deleting Unnecessary Data 7m Understanding the Current State and Assessing Risks 3m Risk Prioritization and Remediation 2m In-flight Projects, Preparing for Breaches, and Keeping Records 4m Module Summary 2m
Integrating GDPR into IT
Introducing the Case Study, Fair and Lawful Processing 8m Technical Principles and Respecting Rights 5m The Key Obligations for the Controller 3m GDPR in the IT Lifecycle 2m
Five GDPR Common Myths
Consent, Citizens, PII, Data Deletion, and Extreme Fines 5m The Big Picture 2m
Description
Course info
Rating
(56)
Level
Beginner
Updated
May 31, 2018
Duration
3h 6m
Description

In this course, GDPR: The Big Picture, you’ll discover which organizations must comply with the EU’s General Data Protection Regulation and how GDPR will affect all IT teams. First, you’ll start by meeting the key terms used in the GDPR and seeing how the regulation aims to balance the things that an organization wants to do with personal data with people’s rights, including their right to privacy. Next, you'll find out the key data protection principles and what they mean for systems, before discovering the specific rights that people have over data about them, and what IT must do to respond to those rights.

After that, you'll learn about the core things that GDPR requires an organization to do, including the way it wants you to manage the security of people’s data and what to do when the organization has a breach of data security. Finally, you’ll think about the application of GDPR by discovering an organizational journey from the beginning of the process to GDPR compliance and by exploring how GDPR affects a typical application development project.

By the end of this course, you’ll have the core GDPR knowledge that anyone working in IT needs to understand. You’ll be able to take account of GDPR when working in projects across the IT lifecycle from design and development through deployment to running systems. You’ll also be comfortable discussing GDPR with your organization’s legal, compliance and governance teams.

About the author
John Elliott
About the author

John Elliott is a data protection specialist. He helps organizations comply with regulations in a sensible and pragmatic way, balancing business needs, risk and regulations.

More from the author
Cyber Security Essentials: Your Role in Protecting the Company
Beginner
1h 3m
Sep 15, 2020
Payment Card Industry Data Security Standard (PCI DSS): Executive Briefing
Beginner
22m
Jun 24, 2020
PCI DSS: Achieving and Maintaining Compliance
Intermediate
4h 1m
May 22, 2020
More courses by John Elliott
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello everyone. My name is John Elliott, and welcome to my course, GDPR: The Big Picture. I'm a data protection officer for a few companies and I specialize in helping organizations, and especially IT teams, comply with regulations. The European Union's General Data Protection Regulation will change the way that every organization in the world looks at the people's data. In this course, we're going to discover why the GDPR exists, and get to grips with the full key foundations of the regulation, the data protection principles, the rights people have over data about them, the obligations for organizations, and finally, what can happen when things go wrong. We'll take a really close look at the information security requirements in the regulation, consider the essential steps in a GDPR program, and discuss how GDPR will affect system design. By the end of this course, you'll have a great understanding of what the GDPR is, and more importantly, what it is not. You'll be able to plan and manage IT projects in a way that's compliant with the law and respectful of people's fundamental rights and freedoms, which GDPR aims to protect. I do hope you'll join me on this journey into the general data protection regulation with this GDPR: The Big Picture course, at Pluralsight.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT