Semester: 1
ECTS: 6
Lectures: 15
Practice sessions: 30
Independent work: 135
Module Code: 23-131-0444
Semester: 1
ECTS: 6
Lectures: 15
Practice sessions: 30
Independent work: 135
Module Code: 23-131-0444

Module title:


Data protection

Lecturers and associates:



Module overview:


The course aims to provide a detailed understanding of data management principles, with a special emphasis on managing personal data in accordance with legal regulations concerning personal data protection. The objectives of this course are to equip students with a comprehensive understanding of the data management framework and legal framework for personal data protection, develop students´ expertise in interpreting and applying data protection regulations within various organizational contexts, prepare students for the role of Data Protection Officer (DPO), focusing on responsibilities and best practices associated with the position, and enhance the strategic and operational skills of students in establishing, managing, and auditing data management systems.
In this module students will learn:
the basic concepts and best practices of data management.
the specifics of managing personal data within the framework of global data protection regulations.
the role and responsibilities of the Data Protection Officer (DPO) within an organization.
how to develop and implement data protection strategies that are aligned with legal regulations on personal data protection and internationally accepted standards.
skills for conducting data protection impact assessments and audits.
strategies for incident response and managing data breaches in the context of Personally Identifiable Information (PII).
the rights of data subjects and how to enable subjects to exercise their rights.
communication and reporting techniques relevant to stakeholders concerning data management issues.

Literature:


Required readings:
1. Gallotti, C., Ramacciotti, S., Cottafavi, M. (2022). Information security - Edition 2022: Risk management. Management systems. The ISO/IEC 27001:2022 standard. The ISO/IEC 27002:2022 controls, Cesare Gallotti
2. Korff, D., Gerorges, M. (2019). The DPO Handbook. (https://azop.hr/wp-content/uploads/2021/01/the-dpo-_handbook_-t4data.pdf)

Supplementary readings:
1. Edwards, J., and Weaver, G. (2024). The Cybersecurity Guide to Governance, Risk, and Compliance (1st ed.). Wiley.