GDPR Data Processing Agreement Requirements Simplified

Welcome to GDPR Data Processing Agreement Requirements Simplified!

⇉ Watch the promo video to learn why you should enroll in this course

⇉ Sample Vendor Assessment Questionnaire

⇉ A Quiz comprising 20 questions to apply what you have learned

⇉ 1 Assignment to bridge the gap between understanding the GDPR provisions and applying them

⇉ A Sample Data Processing Agreement

This course is designed to provide a high level introduction to Data Processing Agreement (DPA) requirements under the General Data Protection Regulation (GDPR).

A DPA is a legally binding document that is entered between the data controller and the data processor in writing or electronic form. The DPA stipulates the scope, purpose, role and responsibilities of a data controller, data processor or a sub-processor.

Under the GDPR, a data controller is a natural (Individual) or legal person (organization or company), public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. A processor or sub-processor is a natural or legal person, public authority which processes personal data on behalf of data controller.

This means that if an individual or organization is acting as a data controller and engages a data processor to process personal data of EU citizens/resident on their behalf, then the individual or organization is required to enter into a data processing agreement with a processor based on Article 28 requirements of the GDPR.

Information in this course can be used to create a vendor management policy to ensure compliance with the GDPR. This course will be updated with documentation related to creating a vendor management policy and checklist for vendors.

Who should Enroll in this Course:

• This course is for anyone who wants to learn about Data Processing Agreement requirements under the GDPR

• Anyone who would like to know the mandatory clauses to include in a DPA

• Anyone interested in learning about responsibilities and liabilities of Controllers, Processors, and Sub-processors who sign a DPA

• Anyone interested in Privacy

What You Will Learn In this Course:

• What is a DPA

• Why is it Important

• When is it Required

• The Minimum Information included in a DPA

• The Mandatory Contractual Clauses to Include in a DPA

• GDPR Fines for Non-Compliance with the DPA Requirements

Meet Your Instructor:

This Course is taught by Rita Mutyaba who has more than 5 years' experience working in the Privacy field including developing privacy processes, drafting privacy documentation, performing privacy impact assessments, identifying key performance indicators, and creating training materials. She has also earned the International Association of Privacy Professionals (IAPP) CIPP/E, CIPP/US, and CIPM Privacy Certifications.

Please note that the contents of this course do not constitute legal advice. If you need legal advice, please contact your Data Protection Officer or data privacy counsels.

What is Included?

• Course Outline

• Data Processing Requirements as stipulated in Article 28 of the EU GDPR

• An example of a Data Processing Agreement

• An example of Standard Contractual Clauses that can be included in a DPA

• Sample Vendor Assessment Questionnaire

• A Quiz comprising 20 questions to apply what you have learned