GetGlobal International

CONSULTING

GetGlobal International Consulting includes:

Personal data detection exercises;
Personal Data Risk Assessment;
Data governance and cybersecurity program review;
Review of incident response procedures;
Data processor risk assessment;

GetGlobal International can help you learn if your suppliers comply with the requirements of the Data Protection regulations, working to meet or not considering the implications of these legislations. Our supplier management platform includes a Privacy Data-specific due diligence questionnaire that can be administered as a standalone questionnaire at a reduced rate or as part of the standard.

Data processing reviews and compliance readiness - Our professionals are expert advisors and will review your company's personal data processing activities to create a data inventory, identify risks, and gaps.

Gap Analysis - We can help your business identify gaps in the requirements of the General Data Protection Regulation and assist you in building a practical action plan for troubleshooting.

Awareness Training - Organizations that collect personal data should provide employees with personal data privacy awareness training, conducted to help their staff to better understand their role in meeting the requirements of the Personal Data Protection Regulation.

Vendor Due Diligence - We will help your business to find out if your suppliers are in compliance with GDPR requirements – are they working in compliance or have they not considered the implications of the Personal Data Protection Regulations?

DPO as a service - GetGlobal International will carry out all internal operations to fulfill the obligations of the Personal Data Protection Regulations, performing the work of a DPO.

Our team consists of exceptionally qualified specialists and graduated executives from renowned consultancies.

6 REASONS TO YOU BECOME
A DPO (DATA PROTECTION OFFICER)

1) MOST IMPORTANT ELEMENT:

The data protection officer or DPO is one of the most important elements of the General Data Protection Regulation (GDPR) and other data protection regulations.

2) MARKET RECOGNITION:

The huge need in the Data Protection Officer (DPO) market makes qualified and certified professionals highly valued by companies. So, if what you are looking for is to boost your private career, getting certified can be a big help.

3) KNOWLEDGE UPDATE:

It’s possible that you have several years of experience in data protection and have even participated in GDPR implementation projects. However, there are several implicit changes in the law and the unstoppable advancement of technology that makes sharing of best practices and updating your knowledge very advisable. This is an important change, enjoy and upgrade!

4) ABILITY TO DEMONSTRATE DILIGENCE BEFORE INSPECTION:

The paradigm shift that Privacy regulations bring, involves knowing and effectively demonstrating the appropriate use of personal data. The fact that a company's Data Protection Officer has successfully passed a proper training course and an actual certification exam, demonstrates the commitment gained by the entity through the right professional.

5) SHARING MAJOR CONCERNS AND NETWORKS:

It is important not to feel alone in the face of regulatory changes, which denote uncertainties such as a lack of definition, a lack of interpretative criteria, or new challenges encountered in the implementation plan. Therefore, participating in a training course with other professionals who are in the same situation will likely allow you to determine your position relative to the rest of the market and return home with lessons learned and anticipated problems. In addition, the courses presented in a face-to-face format allow students to meet other data protection professionals, who can be of great help at any time. Having a good network of expert contacts in the field can simplify your future work and exchanging experiences will be helpful when problems arise.

6) BECAUSE YOU DESERVE:

You have or want a new responsibility, you have been or want to be designated as a DPO, and, as such, you will have many new functions, obligations, and challenges. Is it not essential to receive a training course? This will allow you to engage in the challenges ahead more safely. Would you like to receive first-hand all the information about the next Data Protection Officer (DPO) boot camp? Then join our waiting list. See you soon!

How to Become a Certified International Data Protection Officer.

GetGlobal International operates "boot camp" (face-to-face) classes that train companies and professionals about international rules and regulations related to data protection. There are already strict data protection laws being enforced around the world. In fact, there are companies around the world that are completely unaware they must be compliant with such laws or face stiff penalties imposed by multiple countries. Such penalties could be devastating to businesses everywhere.

Furthermore, technology experts anticipate that the United States will begin Federal data protection legislation in the near future.

In fact, the U.S. has already seen some individual states pass data protection laws.

California recently passed the first major data protection law, which goes into effect in 2020. GetGlobal is ready to advise companies about this California law and train DPOs (Data Protection Officers) to help companies comply with this new law, as well as others, such as the European GDPR (General Data Protection Regulation) and the Brazilian GDPR.

GetGlobal is comprised of technology consultants and cyber-lawyers from around the world. They've developed a curriculum for their “boot camp” classes. Upon completion of these classes, attendees will receive a Data Protection Officer (DPO) certification and will be able to apply for the EXIN certification.

How Do GetGlobal Privacy Data Boot Camps Work?

GetGlobal International is an EXIN training provider.

EXIN is a Dutch company that certifies professionals and offers a wide range of testing criteria in the rapidly changing field of IT qualifications. It continually innovates by conducting internal examinations independently, and with partners, to enrich its portfolio and expand the scope of the tests offered. EXIN also accredits partners to be able to train and offer tests for professionals, such as GetGlobal International.

GetGlobal DPO Program

Once successfully completing a one-week “boot camp,” the professionals will be prepared to seek employment as a DPO and obtain the EXIN certification.

How it works:

During the training week of 40 hours, the professionals will take classes on all aspects of the European GDPR (General Data Protection Regulation) through two programs, the Fundamental European GDPR, and the Advanced European GDPR. The two programs will be taught by Europeans instructors.

During the same week, they will also learn everything that comprises the CCPA (California Consumer Privacy Act of 2018) from an American lawyer and specialist in Cyberlaw.

Students will also learn about the Brazilian GDPR and its fundamentals, through a 4-hour online class with a Brazilian lawyer, also specialized in data protection.

The cost to participate in GetGlobal’s “boot camp” and learn everything about these regulations is US $2,700.

With an additional $970, the professionals will be able to obtain a 16-hour Cyber Security online course (4 classes of 4-hours each) with a well-known specialist.

In the end, with all these lessons, professionals who complete both the “boot camp” and the Cyber Security online study will be ready to take the EXIN DPO certification test.

EXIN DPO certification requires mandatory knowledge of the European GDPR and Cyber Security; therefore, the Brazilian GDPR and the California Consumer Privacy Act are extra content, which will make you a Global DPO.

PREVIOUS EDITIONS

BOOT CAMP - NEW YORK - MARCH 4TH, 2019

BOOT CAMP - LISBON - FEBRUARY 24TH TO 28TH, 2020

GetGlobal's Data Privacy Boot Camp in Lisbon was a great success. With renowned instructors who have great knowledge in privacy, data protection and information security, the participants were able to learn in five days, everything about the most important international regulations and become true Global DPOs.

NEXT EDITIONS

BOOT CAMP - BRUSSELS - COMING SOON

FAQs

How to qualify as a DPO?

To understand the high demand for DPOs from companies in Europe and Brazil, GetGlobal International, in partnership with EXIN, which has been active in the professional certification market for over 40 years, offers a specific professional qualification program intended specifically for this new professional challenge.
What qualifications should the DPO have?

A DPO needs to have specialized knowledge of laws, industry standards, information security, and data protection practices. However, this does not mean that he/she must be a lawyer or IT graduate; he/she is a mix of both professions. These professionals must have an understanding of the inner workings of their IT infrastructure, information management systems, and business processes that handle personal data. Excellent management and communication skills are also a necessity for dealing with internal staff, including senior management. GetGlobal International addresses all of these topics in its training.
How to hire a qualified DPO?

Hiring a qualified DPO is a challenge, especially for small and midsize companies. The right candidate should have managerial level experience in cybersecurity, IT, and/or governance, risk, and compliance, as well as extensive legal knowledge of the subject at hand. If the contractor or candidate has a high level of information security knowledge but no reasonable knowledge of data protection laws and practices, they can seek certain certifications that may fill this gap.
Can I be a freelancer DPO?

Yes, due to the lack of internally qualified professionals, small and midsized organizations tend to outsource DPO work from data protection consulting firms or law firms.
Why does a company need a DPO?

GDPR requires companies to appoint a DPO in certain situations, for example, when the organization processes or stores large amounts of personal data belonging to European citizens. In other regulations, the hypotheses for dispensing with a DPO have not yet been defined. So, in principle, it should be considered that all companies dealing with mass or bulk personal data will need to name one.
What are the functions of a DPO?

The DPO is a person who will be involved in all personal data protection matters and whose main duties involve informing and advising the controller or processor and their employees of their obligations under the Data Protection Regulations and to monitor compliance with these legislations. This includes overseeing documentation, processes, and records, providing advice upon request, regarding the Data Protection Impact Assessment (DPIA), and acting as a point of contact for the holders' requests regarding the processing of their personal data and the exercise of their rights.
Are Data Protection regulations only for large companies?

It is a mistake to think that Privacy regulations are only a concern of large companies. Small and medium-sized businesses are also affected by the law and may be at serious risk of penalties if they are not in compliance. While larger organizations will have the resources to deal with the necessary adjustments and huge fines and lawsuits; small and medium-sized businesses can simply be eliminated from the market because of the nature of the breach and/or the immediate costs to deal with it.
Does the DPO follow instructions or act independently?

Some basic safeguards are established so that the DPO can perform tasks with autonomy within its organization. Those responsible in the organization are required to ensure that the DPO does not suffer interference in the performance of their duties. Regardless of whether they are caregiver employees, DPOs must be able to perform their duties and tasks independently. This means that Data Protection Officers must not be pressured or interfered with during the performance of their duties. For example, what outcome should be achieved, such as investigating a complaint or whether the supervisory authority should be consulted. Besides that, they should not be influenced to decide on a data protection law related matter, for example, an interpretation of the law. The controller or processor remains responsible for compliance with data protection laws and must be able to demonstrate compliance. However, the autonomy of DPOs does not mean that they have decision-making powers that go beyond their duties, retaining their primary advisory and mentoring role. The controller or processor remains responsible for compliance with data protection laws and must be able to demonstrate compliance. If the controller or processor makes decisions that are incompatible with the data protection legislation and the DPO's opinion, the DPO should be able to apply his/her clear opinion, even if it is inconsistent with those who make the decisions.
When do Data Protection Regulations take effect?

Some data protection regulations are already in place, such as the GDPR that came into force in May 2018. The Brazilian GDPR (LGPD) goes into effect in August 2020 and the California Consumer Privacy Act (CCPA) will become effective in January 2020.
What are the means required by the Data Protection Regulations for the DPO to perform its functions?

The Data Protection Regulations require the organization to support the Data Protection Officer with the resources necessary to perform the tasks and access to personal data and protection operations. In particular, the following points will be considered:
• Active support of the DPO functions by senior management (as at the board level).
• Enough time for the DPO to perform his/her functions. This is particularly important when the DPO works part-time. Or when the worker performs data protection in addition to other obligations. Otherwise, conflicting priorities may result in neglecting DPO tasks. Having enough time to devote to the Data Protection Officer tasks is essential. It is good practice to set a percentage of time for the DPO function, where it is not done full time. It is also good practice to determine the time required to perform the function, the appropriate priority level for DPO tasks, and for the DPO (or the organization) to develop a work plan. Other things to consider:
• Adequate support in terms of financial resources, infrastructure (facilities, facilities, equipment), and personnel, where appropriate.
• Official communication of the DPO designation to all staff to ensure that his/her position and function is known within the organization.
• Required access to other services, such as Human Resources, Legal, IT, Security, etc. Data Protection Officers may receive support, contributions, and essential information from these other services.
• Continuing education. DPOs should be given the opportunity to stay current on data protection. The goal should be to constantly increase the character of DPO specialists. They should be encouraged to participate in data protection training courses and other forms of professional development, such as participation in privacy forums, workshops, etc.
• It may be necessary to establish a DPO team. In such cases, the internal structure of the team and the tasks and responsibilities of each of its members must be defined. In addition, when the DPO role is performed by an outside contractor, a team of professionals working for that entity can effectively perform the tasks of a DPO under the responsibility of a designated customer contact. In general, the more complex and sensitive that processing operations are, the more resources must be provided to the DPO.

Data privacy nowadays is global!