Your organization does not need a DPO, but you want to appoint a internal data protection liaison to ensure compliance and internal data protection expertise? Then this course is for you, as it introduces GDPR, including knowledge and skills needed to ensure a proper understanding of the basics and how to apply both on an organizational level as well as for the conduct of clinical trials. Topics include definitions of personal data, scope, goal of collection, legal basis, subject rights, privacy statements, controller & processor and their responsibilities, need for a DPO and DPIA, amongst others.
We are offering this course as a recorded session of 8 hours in one package. The sessions cannot be ordered separately and do not contain exercises:
+ Intro to GDPR; personal data and data processing principles
+ Roles in GDPR (controller, processor and third party) and contracts with processors
+ Legal basis for personal data processing; processing of sensitive personal data
+ ICF, privacy statement & protocol
By the end of this TRIUM Training you should be able to:
- List important GDPR roles, related responsibilities and relevant definitions
- Explain what documentation needs to be in place to provide evidence of compliance for controllers and processors
- Describe the need of personal collection goals, correct choice of legal basis and consequent data subject rights and privacy statements
- Critically assess when reporting of a data breach is required to the local data protection legal entity and related timelines
- Tailor GDPR compliant ICF, protocol and contract templates to your specific trial needs
Can perform the task and/or exhibit the knowledge at an essential or foundational level. May require some coaching or supervision.