GENERAL DATA PROTECTION REGULATION (GDPR) RESOURCES
GDPR Interactive Whiteboard – This GDPR training program (~5 mins) is an interactive whiteboard that summarizes the General Data Protection Regulation (GDPR) succinctly.
GDPR Whiteboard – The GDPR summarized in whiteboard form. Professor Solove distills the 200+ pages of the GDPR to just one page!
GDPR Training Guide – Professor Solove’s information and advice about global privacy awareness training in light of the GDPR. This guide covers Key Elements to GDPR Training, Length of GDPR Training, Frequency of GDPR Training, Consequences for Inadequate Privacy Awareness Training, and Training for GDPR vs. BCRs and the Privacy Shield.
A Short Guide to Binding Corporate Rules (BCRs) for EU Privacy – This short guide will clear up points of confusion and provide a useful roadmap for how to obtain BCRs. This 13-page guide offers 8 steps for organizations to take including: Get Your House in Order, Make Key Logistical Decisions, Figure Out Where to File and Selecting a Lead DPA, Drafting the BCRs, Submitting the Draft Application, The Review Process, Submitting the Final Application, and Approval and Requests for Authorization of Transfer.
European Data Protection Board (EDPB) Documents for GDPR – The European Data Protection Board (EDPB) is an independent European body, which contributes to the consistent application of data protection rules throughout the European Union, and promotes cooperation between the EU’s data protection authorities. On this page, Professor Solove has provided links to key GDPR documents released by the EDPB, as well as documents originally created by the Article 29 Working Party (WP29). The WP29 was succeeded by the EDPB who accepted all of the previously published works.
Global Privacy and Data Protection – This privacy training program provides an overview of privacy principles and regulations. The course is designed to satisfy EU General Data Protection Regulation (GDPR) training requirements but also to work for the US and other jurisdictions. Written and designed by Professor Daniel J. Solove, the leading expert on privacy law, this course focuses on key concepts of privacy common across international jurisdictions as well as explains areas where approaches to privacy diverge.
General Data Protection Regulation (GDPR) – This GDPR training course (~7 mins) provides a brief introduction to the General Data Protection Regulation (GDPR). The course discusses the scope and applicability of the GDPR, the basic terminology of the law, the rights it provides to persons in the EU, and the responsibilities it imposes on organizations. The course explains the importance of compliance with the GDPR and discusses how the GDPR is enforced as well as its very strict penalties, which include fines of up to 4% of total annual worldwide turnover.
Privacy Shield – This privacy training course (~7 mins) provides a brief introduction to the EU-US Privacy Shield Framework. The course discusses the purpose and origin of Privacy Shield and the key Privacy Shield principles (Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, Recourse, Enforcement, and Liability). The course also emphasizes the importance of complying with Privacy Shield and explains the consequences for failing to do so.
EU Privacy Law – This module provides a basic introduction to privacy law in the European Union. It takes a look at several regulations that have been passed throughout the years regarding privacy as a fundamental human right of citizens in the EU. This privacy awareness training course has been recently updated to discuss key features and developments regarding the General Data Protection Regulation (GDPR). Trainees will also learn the main differences between EU privacy law and US privacy law.
Cartoon: Cookies and the GDPR – This cartoon depicts how, after the GDPR, countless websites have cookie notices and require agreeing to accept cookies.
Cartoon: Multi-Jurisdictional Privacy Law Compliance – This cartoon depicts the challenges of multi-jurisdictional privacy law compliance. In 2018, organizations scrambled to comply with the GDPR. In 2019, businesses are scrambling to comply with the California Consumer Privacy Act (CCPA). And, there will be a new referendum on privacy law in California next year — CCPA 2.0. There’s a flurry of legislative activity in the states on privacy. And, each year, more and more countries are passing new comprehensive privacy laws.
Cartoon: Data Subject Access Requests Under the CCPA and GDPR – This cartoon is about data subject access requests (DSARs) — sometimes called “subject access requests” (SARs). The GDPR Article 15 provides for DSARs. The new California Consumer Privacy Act (CCPA) provides individuals with a right to learn about the personal data collected and shared about them over the past 12 months.
GDPR Compliance in a Box – Do you find GDPR compliance to be a challenge? We’re here to help. After careful study and hundreds of hours of analysis by a team of leading experts and technologists, we have developed a comprehensive solution for complete GDPR compliance (patent pending). Our amazing solution is easy and efficient, and we’ve packaged it in just one tiny box.
Cartoon: GDPR Consent – This cartoon is about consent under the GDPR. Under the GDPR Article 6, consent is one of the six lawful bases to process personal data.
Cartoon: GDPR Data Portability – This cartoon is about the GDPR’s right to data portability under Article 20. This right allows data subjects to take their data from one organization and transfer it easily to other organizations.
Cartoon: GDPR Superhero – For global organizations as well as organizations in the EU, the GDPR has brought significant attention and resources to privacy. Finally, many executives are beginning to take privacy seriously.
Cartoon: GDPR Change in Privacy Notices – This cartoon pokes a little fun at the blizzard of changed privacy notice notices due to GDPR enforcement.
GDPR Humor: A Collection of GDPR Cartoons and More – Feeling stressed out about GDPR? Professor Solove can help! Here are all of his GDPR cartoons and attempts at GDPR humor in one post. It’s much better to laugh than to cry…
GDPR Cartoon: Right to Be Forgotten – The GDPR Article 17 provides for a right to erasure — commonly known as the “right to be forgotten.” Data subjects may request that an organization erase their personal data “without undue delay” under a number of circumstances.
GDPR Cartoon: GDPR’s Scope – Daniel Solove turned his short GDPR vignette about GDPR’s territorial scope into a cartoon.
GDPR Cartoon: Lawful Processing – This cartoon focuses on the lawful processing requirement. Under the EU’s General Data Protection Regulation G(DPR), the collection and processing of personal data must be for “specified, explicit and legitimate purposes.”
GDPR Cartoon: Vendor Management – This cartoon depicts the challenges of complying with GDPR’s requirements for vendor management. Under the GDPR, there are serious responsibilities when using a vendor to process personal data.
GDPR Cartoon: GDPR Preparation – This cartoon focused on the preparation that companies faced before the GDPR went into effect. The GDPR strengthens privacy protections in the EU and includes a number of additional rights and responsibilities.
GDPR Cartoon: Taking Privacy Seriously – Professor Solove created this cartoon to illustrate the fact that despite the increasing risk that privacy violations pose to an organization, many organizations are not increasing the funding and resources devoted to privacy.
GDPR Humorous Vignette – A humorous 1-minute video vignette about the GDPR created by Professor Daniel Solove.
Beyond GDPR: The Challenge of Global Privacy Compliance — An Interview with Lothar Determann – In this interview, Professor Solove and Lothar Determann discuss how as formidable as the GDPR is, only aiming to comply with the GDPR will be insufficient for a worldwide privacy compliance strategy.
The Hidden Force That Will Drive GDPR Privacy Compliance – This blog post by Professor Solove focuses on why companies should sweat GDPR, and discusses the major force that will drive GDPR implementation.
The U.S. Congress Is Not the Leader in Privacy or Data Security Law – In this blog post, Daniel Solove outlines how Congress isn’t leading in driving privacy or data security law, and that even the policies and practices of US companies are increasingly being built around the law of the European Union (EU) or the individual U.S. states.
A New US-EU Safe Harbor Agreement Has Been Reached – This blog post from 2016 discusses the passage of the EU-US Privacy Shield.
Why I Love the GDPR: 10 Reasons – In this post, Professor Daniel Solove shares 10 reasons that he believes the GDPR is the most profound privacy law of our generation, and why it deserves praise and admiration.
About Professor Solove and TeachPrivacy
Professor Daniel J. Solove is a law professor at George Washington University Law School and the leading expert on privacy and data security law. He has taught privacy law every year since 2000, has published 10 books and more than 50 articles, including the leading textbook on information privacy law and a short guidebook on the subject. His LinkedIn blog has more than 1 million followers. Click here for more information about Professor Solove.
TeachPrivacy provides HIPAA training, privacy awareness training, information security awareness training, phishing training, FERPA training, PCI training, as well as training on many other privacy and security topics. TeachPrivacy was founded by Professor Solove, who is deeply involved in the creation of all training programs because he believes that training works best when made by subject-matter experts and by people with extensive teaching experience.
Please Contact Us If You Are Interested In
Privacy or Security Training
We can provide you with a login so you can evaluate the programs. Click here for our catalog.