Privacy & Data Protection Essentials Courseware - English. Ruben Zeegers

      Target group

      Everyone that wants or needs to have a basic understanding of data protection and European legal requirements as defined in the GDPR. The Essentials exam is exceptionally suitable for everyone that needs to make informed decisions regarding the privacy and data protection of their own data.

      Requirements for certification

      • Successful completion of the EXIN Privacy & Data Protection Essentials exam.

      Examination details

      The Rules and Regulations for EXIN’s examinations apply to this exam.

      Bloom level

      The EXIN Privacy & Data Protection Essentials certification tests candidates at Bloom Level 1 and Level 2 according to Bloom’s Revised Taxonomy:

      • Bloom Level 1: Remembering – relies on recall of information. Candidates will need to absorb, remember, recognize and recall. This is the building block of learning before candidates can move on to higher levels.

      Training

      Contact hours

      The recommended number of contact hours for this training course is 7. This includes group assignments, exam preparation and short breaks. This number of hours does not include homework, the exam session and lunch breaks.

      Indication study effort

      20 hours, depending on existing knowledge.

      Training organization

      You can find a list of our accredited training organizations at www.exin.com.

      2. Exam requirements

      The exam requirements are specified in the exam specifications. The following table lists the topics of the module (exam requirements) and the subtopics (exam specifications).

      Exam specifications

      1. Privacy and Data Protection Fundamentals & Regulation

      1.1 Definitions

      The candidate can …

      1.1.1 give valid definitions of privacy.

      1.1.2 relate privacy, in specific personal data, to the concept of data protection.

      1.2 Personal Data

      The candidate can …

      1.2.1 give a definition of personal data according to the GDPR.

      1.2.3 describe the data subject’s rights regarding personal data.

      1.2.5 list the roles, responsibilities and stakeholders.

      1.3 Legitimate Grounds and Purpose Limitation

      The candidate can …

      1.3.1 list the six legitimate grounds for processing.

      1.3.2 describe the concept of purpose limitation.

      1.3.3 describe proportionality and subsidiarity.

      1.4 Further Requirements for Legitimate Processing of Personal Data

      The candidate can …

      1.4.1 describe the requirements for data processing.

      1.4.2 describe the purpose of personal data processing.

      1.5 Rights of Data Subjects

      The candidate can …

      1.5.2 is aware of the right to be forgotten.

      1.6 Data Breach and Related Procedures

      The candidate can …

      1.6.1 describe the concept of data breach.

      2 Organizing data protection

      2.1 Importance of Data Protection for the Organization

      The candidate can …

      2.1.2 indicate what activities are required to comply with the GDPR.

      2.1.3 give a definition of data protection by design and by default.

      2.1.5 describe the data breach notification obligation as laid down in the GDPR.

      2.2 Supervisory Authority

      The candidate can …

      2.2.1 describe the general responsibilities of a supervisory authority.

      2.4 Binding corporate Rules and Data Protection in Contracts