| Module Code: |
H7GDPR |
|
Long Title
|
General Data Protection Regulation
|
|
Title
|
General Data Protection Regulation
|
| Module Level: |
LEVEL 7 |
| EQF Level: |
6 |
| EHEA Level: |
First Cycle |
| Module Coordinator: |
Philip Shanahan |
| Module Author: |
Philip Shanahan |
| Departments: |
School of Business
|
| Specifications of the qualifications and experience required of staff |
|
| Learning Outcomes |
| On successful completion of this module the learner will be able to: |
| # |
Learning Outcome Description |
| LO1 |
Analyse the legal obligations imposed upon operators, and understand the implications on owners and controllers of personal data |
| LO2 |
Analyse the rights of data subjects and the enforcement of data protection laws where there is non-compliance |
| LO3 |
Develop procedures to ensure data protection compliance within their organisation |
| LO4 |
Apply data protection rules across a range of situations that may arise in a business context |
| LO5 |
Enhance customer confidence and trust in their organisation through a transparent in-house data protection framework |
| LO6 |
Demonstrate data protection compliance in an organisation through compliance checking and audit |
| LO7 |
Align data protection compliance with their organisations risk management strategy |
| Dependencies |
Module Recommendations
This is prior learning (or a practical skill) that is required before enrolment on this module. While the prior learning is expressed as named NCI module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).
|
| No recommendations listed |
Co-requisite Modules
|
| No Co-requisite modules listed |
Module Content & Assessment
| Indicative Content |
|
Introduction to Law
•Sources of law, legislation – primary and secondary, Constitution, EU law, international law •Regulatory bodies including the Data Protection Commissioner, Competition and Consumer Protection Commissioner, Central Bank •Administration of justice •Introduction to privacy law, Constitutional protections. EU Charter, European Convention on Human Rights, data privacy at common law and equity
|
|
Data Protection – Legal Framework
•Scope and application •Definitions, data controller, data processor, data subject, personal data, processing •Legitimate basis for data processing •Principles of data protection •Data security, breach notification •Processing sensitive personal data, prohibitions and exceptions •Children
|
|
Rights, Supervision and Enforcement
•Data subject rights, information, access and restrictions, rectification, block, erasure, object to use, notification obligations, portability, restriction of processing •Data Protection Commissioner, oversight role •Enforcement of data protection – by data subjects, DPC, information notices, enforcement notices, criminal offences, fair procedures and judicial review •Damages, breach of constitutional right to privacy, ECHR, statutory breaches
|
|
General Data Protection Regulation
•Data Protection Officer, suitability, functions, protection •Accountability •Privacy impact assessments •Data breach reporting •Access requests •Policy and procedures •Privacy notices, website, documentation, children •Training •Compliance monitoring
|
|
Data Protection in the Workplace
•Monitoring of employees, use of CCTV •Security of and access to HR records •Transfers of undertakings •Sensitive data •Use of biometrics •Security •Blacklists •Multinational employers •Whistleblowers •Surveillance and workplace monitoring •Employment disputes •Customer data •Privacy investigators •Employees right to access
|
|
Data Protection in Practice
•International transfers •Data protection and direct marketing •Digital identities and anonymities •Cloud computing •Surveillance
|
|
Policy and Procedures
•Developing policy and procedures •Developing privacy impact assessments •How policy differs from procedures •Key components of a data protection policy •Deciding on what is to be included in policy and procedures •Aligning data protection policy with risk management strategy •Data retention and record management
|
|
Managing Data Protection Compliance
•Internal data protection audit/compliance testing •Managing data protection audits •Relationship with the Data Protection Commissioner
|
| Assessment Breakdown | % |
|---|
| Coursework | 60.00% |
| End of Module Assessment | 40.00% |
Assessments
| Reassessment Requirement |
Repeat failed items
The student must repeat any item failed
|
Reassessment Description
Repeat Assessments will be conducted in accordance with current college Assessment Regulations which are available on the Learner portal, in the Learner handbook and through the College internet site. These policies can also be viewed at: https://www.ncirl.ie/Students/Exams
Specifically, where a learner fails to achieve a pass on the written exam on this module, he/she must resit another written exam. Failure to achieve a pass on the work-related assignment means he/she will initially be provided with feedback from the lecturer and then asked to re-evaluate the research done and resubmit based the feedback received. An appropriate timescale will be provided. If the learner fails the second written exam, he/she will be afforded a third attempt. A second failure on the work-related assignment means he/she will be given a new assignment and will be given appropriate time to complete and submit.
A third failure on either assessment will mean that the learner must repeat the module.
|
NCIRL reserves the right to alter the nature and timings of assessment
Module Workload
| Module Target Workload Hours 0 Hours |
| Workload: Online |
| Workload Type |
Workload Description |
Hours |
Frequency |
Average Weekly Learner Workload |
| Lecture |
Online live classes x 3 (3 x 3 hours) |
9 |
Every Second Week |
4.50 |
| Total Weekly Contact Hours |
4.50 |
| Workload: Part Time |
| Workload Type |
Workload Description |
Hours |
Frequency |
Average Weekly Learner Workload |
| Independent Learning Time |
Independent learning/research |
105 |
Every Week |
105.00 |
| Lecture |
1 x full day workshop |
7 |
Once per semester |
0.58 |
| Directed Learning |
Directed reading followed by formative assessment |
12 |
Every Week |
12.00 |
| Lecturer-Supervised Learning (Contact) |
Online forum |
10 |
Every Week |
10.00 |
| Total Weekly Contact Hours |
22.58 |
Module Resources
| This module does not have any book resources |
|---|
| This module does not have any article/paper resources |
|---|
| Other Resources |
|---|
-
[Lecturer will recommend reading].
|
|
