Strokovnjak/strokovnjakinja za varstvo osebnih podatkov

Candidates are able to:

• substantiate the role of a person authorised for personal data protection in an organisation;
• explain the notions, concepts and principles relating to personal data protection;
• plan suitable measures to protect personal data collections;
• draft the legal documents required for an organisation’s compliance with regulations governing personal data protection (particularly internal acts, contracts and assent forms);
• explain the idea of cloud services, recognise the risks related with such services and adopt suitable measures to mitigate the risks;
• explain the concept of privacy by design and use it in various methods of personal data processing;
• keep a record of personal data processing activities and identify various risks in individual types/methods of processing;
• identify cases of processing that require a privacy impact assessment and produce a simple privacy impact assessment;
• run procedures and make decisions on the rights of individuals pursuant to the regulations governing personal data protection (regarding familiarisation with own personal data, the right to personal data portability, right to be forgotten, right to rectification, right to object);
• carry out internal control procedures regarding the compliance of personal data processing with regulations governing personal data protection;
• cooperate with a supervisory body dealing with personal data protection pursuant to the regulations governing personal dataprotection;
• explain the system of accountability of a personal data manager and processor, and the system of administrative control over them;
• organise internal training for the employees and management of an organisation to the topic of personal data protection;
• communicate independently with internal and external audiences about important events and necessary measures related with personal data protection in an organisation.