Degree | Type | Year | Semester |
---|---|---|---|
2502501 Prevention and Integral Safety and Security | OB | 3 | 1 |
There are no prerequisites.
This subject has a seven teaching units.
Didactic Unit 1
Introduction: the General Data Protection Regulation (Regulation (EU) 2016/679), the Personal Data Protection Directive in the criminal field (Directive (EU) 2016/680) and the new LOPDGDD (Organic Law 3/2018) .
1. Introduction
2. The right to data protection and regulatory background.
3. First approximation to the General Data Protection Regulation (RGPD), Directive (EU) 2016/680 and the LOPDGDD.
Didactic Unit 2
subjects
1. Responsible for Treatment
2. Treatment Manager
3. Data Protection Delegate
4. Representative.
Didactic Unit 3
Beginning
1. Principles relating to treatment.
2. Legality, loyalty, transparency, purpose, etc.
3. Special categories of data
Didactic Unit 4
Rights
1. Transparency and information
2. Access and portability
3. Deletion
4. Limitation of treatment
5. Opposition
6. Automated individual decisions (profiles)
Didactic Unit 5
Obligations
1. Proactive responsibility
2. Data protection by design and by default
3. Record of treatment activities
4. Prior consultation
5. Data Protection Impact Assessment
6. Security
7. Notification of security breaches
Didactic unit 6
International transfers, self-regulation and sectoral regulations.
1. International transfers
1.1. General principle and adequacy decisions
1. 2. Adequate guarantees
1.3. Binding corporate rules
1.4. Exceptions for specific situations
2. Self-regulation
2.1. codes of conduct
2.2. Certifications
3. Sectoral regulations (video surveillance, police data processing, etc.)
Didactic unit 7
Liability regime and guarantee system
1. Control Authorities
2. The sanctioning system: infractions, sanctions and other corrective measures.
3. Claim rights of the interested parties.
The theoretical classes consist of explaining the key concepts of each unit, always accompanied by examples to facilitate understanding, facilitating student participation and debate.
The practical classes consist of solving practical situations raised by the teacher on aspects previously worked on in the theoretical classes.
Tutorials with teachers will be arranged by email.
Note: 15 minutes of a class will be reserved, within the calendar established by the center/degree, for the students to complete the surveys to evaluate the performance of the teaching staff and the evaluation of the subject/module.
Annotation: Within the schedule set by the centre or degree programme, 15 minutes of one class will be reserved for students to evaluate their lecturers and their courses or modules through questionnaires.
Title | Hours | ECTS | Learning Outcomes |
---|---|---|---|
Type: Directed | |||
Evaluation | 4 | 0.16 | 4, 1, 2, 5, 10, 9, 15, 14, 12, 13, 6, 7 |
Theoretical and practical classes | 40 | 1.6 | 4, 1, 2, 5, 10, 9, 15, 14, 12, 13, 6, 7 |
Type: Supervised | |||
Tutorials | 12 | 0.48 | |
Type: Autonomous | |||
Resolution of practical cases. Realization of works. personal study | 94 | 3.76 | 4, 1, 2, 5, 10, 9, 15, 14, 12, 13, 6, 7 |
Continuous evaluation: 4 practical activities will be carried out, on the contents previously worked on, which will have a teacher rating along with a brief comment.
Final written or oral test: It can consist of a multiple choice exam, of theoretical questions about the contents studied, or of practical case studies.
RE-EVALUATION
In case of not passing the subject according to the aforementioned criteria (continuous evaluation), a recovery test may be done on the date scheduled in the schedule, and it will cover the entire contents of the program.
To participate in the reassessment the students must have been previously evaluated of a set of activities, the weight of which equals a minimum of two-thirds of the total grade of the subject. However, the qualification that will consist of the student's file is a maximum of 5-Approved.
Students who need to change an evaluation date must present the justified request by filling in the document that you will find in the moodle space of Tutorial EPSI.
PLAGIARISM
Without prejudice to other disciplinary measures deemed appropriate, and in accordance with current academic regulations, "in the event that the student makes any irregularity that could lead to a significant variation in the grade of an evaluation act, it will be graded with a 0 This evaluation act, regardless of the disciplinary process that can be instructed In case of various irregularities occur in the evaluation acts of the same subject, the final grade of this subject will be 0 ".
The tests / exams may be written and / or oral at the discretion of the teaching staff.
Title | Weighting | Hours | ECTS | Learning Outcomes |
---|---|---|---|---|
Continuous evaluation activities | 50% | 0 | 0 | 3, 4, 1, 2, 5, 11, 8, 10, 9, 15, 14, 12, 13, 17, 16, 6, 7 |
Written test that allows assessing the acquisition of knowledge by the student. | 50% | 0 | 0 | 3, 4, 1, 2, 5, 11, 8, 10, 9, 15, 14, 12, 13, 17, 16, 6, 7 |
Manuals and studies:
• Duran, B.. (2016). The figure of the controller in the right to data protection. Madrid: Wolters Kluwer.
• Lopez, J.. (2017). Comments to the European Data Protection Regulation. Madrid: Sepin.
• Pinar, J.L. (Dir.). (2016). General data protection regulation: towards a new European privacy model. Madrid: Reuses.
• López Calvo, J. (2018). The new regulatory framework derived from the European Data Protection Regulation (adapted to the Draft Organic Law on Data Protection of November 10, 2017”. Madrid. Wolters Kluver.
• Troncoso Reigada, A. -coordinator- (2021). "Commentary on the General Data Protection Regulation and the Organic Law on Data Protection and Guarantee of Digital Rights". Pamplona. Editorial Civitas.
Normative:
• Spanish Constitution, Official State Gazette, 311 § 31229 (1978)
• Organic Law 15/1999, on the Protection of Personal Data, Official State Gazette, 298 § 23750 (1999).
• Royal Decree 1720/2007, of December 21, which approves the regulations for the development of Organic Law 15/1999 on the protection of personal data, Official State Gazette, 17 § 979.
• Royal Decree 3/2010, of January 8, which regulates the National Security Scheme in the field of Electronic Administration, Official State Gazette, 25 § 1330.
• Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the protection of natural persons in relation to the processing of personal data and the free circulation of these data and by which the Directive 95/46/EC (General Data Protection Regulation)
• Directive (EU) 2016/680 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data by the competent authorities for prevention purposes, investigation, detection or prosecution of criminal offenses or the execution ofcriminal sanctions, and the free circulation of said data and repealing Framework Decision 2008/977/JHA of the Council.
• Organic Law 3/2018, of December 5, on the protection of personal data and guarantee of digital rights.
Electronic resources and documentation:
Spanish Data Protection Agency: https://www.agpd.es/
• Spanish Data Protection Agency, Catalan Data Protection Authority and Basque Data Protection Agency (2016). Guide to the General Data Protection Regulation for data controllers. Retrieved from http://www.agpd.es.
• Spanish Data Protection Agency, Catalan Data Protection Authority and Basque Data Protection Agency (2016). Guide for compliance with the duty to inform. Retrieved from http://www.agpd.es.
• Spanish Data Protection Agency, Catalan Data Protection Authority and Basque Data Protection Agency (2016). Guidelines for the preparation of contracts between controllers and processors. Retrieved from http://www.agpd.es.
• Spanish Data Protection Agency (2016). Guidance and guarantees in personal data anonymization procedures. Retrieved from http://www.agpd.es.
• Spanish Data Protection Agency (2018). Practical guide for Impact Assessments on data protection subject to the RGPD. Retrieved from http://www.agpd.es.
Catalan Authority for the Protection of Dades: http://apdcat.gencat.cat/
• Catalan Authority for the Protection of Dades (2017). Guide on the assessment of impact related to the protection of data to the RGPD. Retrieved from http://apdcat.gencat.cat/.
No special software is required.