Mary Seery Kearney – Barrister at Law Delivers GDPR Putting it into Action
1. Privacy – understanding the concept of privacy in the globalised and digitalised world
2. GDPR – origins of the EU legislation, purpose, objectives and reasoning
3. Championing GDPR – the benefits of GDPR
4. Steps for my work environment
a. Data Mapping
i. Distinguishing between ‘personal data’ and ‘business to business documentation’ – when does GDPR apply and not apply?
ii. What data is collected by me in my workplace?
iii. Examining the data journey through the business?
iv. Identifying risks
v. Carrying out a data mapping exercise
b. Applying transparency
i. The privacy notice/data protection policy application
ii. What data can we process and under what conditions
iii. Automated decision making
c. Lawful basis of processing
i. When does consent apply and not apply
1. Employees and consent
2. Consent objections
ii. When can I engage another lawful basis for processing
d. Deciding data retention periods
e. Marketing Contexts
i. Distinguishing between marketing and normal business operating procedures
f. Are we data controlling, data processing or data sharing?
i. DPA, DSA
g. GDPR and other workplace policies – cross referencing your policy structures