Skip to main content

29 Jan 2019

Practical Procedures and Documentation for the GDPR

This course is fully booked.

Target Audience

Human Resources, Office Managers, Administrators or Personnel responsible for data protection.


Data protection in Ireland is now governed by the Data Protection Act 2018, which incorporates the GDPR (EU 2016/679). This has replaced the previous legislation the Data Protection Act 1988, as amended in 2003.

The GDPR has introduced a requirement that all business and organisations that process any personal data should demonstrate that they are being as compliant as possible with the law. This accountability principle requires specific documentation to be produced and maintained.

The purpose of this session will equip the attendees with the practical skills to follow through on their obligations in respect to accountability under the Data Protection Act 2018, which enacted the GDPR in Irish legislation.

Participants will be given guidance on:

  • Whether you need to appoint a Data Protection Officer (DPO)
  • If you need to register with the Data Protection Commission (DPC)
  • How to conduct a Data Protection Impact Assessment
  • Performing a legitimate interest assessment
  • What to include in an Information Security Policy

Laptops will be provided or attendees can bring a laptop that can access the internet and must be able to edit Microsoft Office documents and spreadsheets.

Places limited to 10 attendees.


Liam Lynch

Liam has nearly 30 years of experience working in IT. He started out as a developer in the late 80’s but always had an interest in the technology that he used every day so moved into IT Management. He also had an inherent ability to create secure environments, both physical and digital. He "sees" security.

He has worked with a number of companies over the years, small operations and large corporations. He has found that, in spite of massive expenditure on technological security solutions, these can all be thwarted by “Dave” in accounting opening an “invoice” (i.e. evil software) in an e-mail which has sneaked past all of the filters, firewalls and anti-virus. He thought there has to be a better way. He knows what the threats are out there and how to spot them and protect enterprises from them, and so he developed the most comprehensive Internet Safety Training on the market. He then moved on to creating detailed Data Protection training, turning the “legalese” of the GDPR into normal English that anyone can understand. He has an ability to relate this knowledge to people of any ability and get them to learn how they can protect themselves and the organisations they work for.


Participants will create a:

  • Company Data Protection Policy
  • Privacy Statement for a website
  • Data Inventory
  • Right-to-be-Informed page
  • Data Breach handling procedure
  • Procedure for the handling of each of the Individual’s rights.


€140Nonprofit Organisation
€120Carmichael Resident Organisation
€160Statutory/Corporate Organisation