Workshops
Module 1: Foundations of Data Protection
There is no description for this curriculum
Curriculum content
-
The hospitality industry is among the most susceptible sectors when it comes to data breaches globally. Improper handling of personal data can result in hefty fines, eroded guest trust, and significant damage to a brand’s reputation—challenges that no business can afford to overlook. It’s essential to understand that data protection is not solely an IT or Management concern, but that all employees play a crucial role. For managers requiring more detailed information use the module A Hospitality Managers Guide to Data Protection. This resource will provide relevant guidelines to manage data protection in the workplace. The module begins by simply contextualizing Data Protection legislation, including the newly introduced Data Use and Access Act 2025 (DUAA). It conveys a vital message: every employee plays a crucial role in safeguarding the privacy of both guests and colleagues in the workplace. The module delves into the various types of personal data, including sensitive data, and explore relevant examples tailored to different departments within the hospitality industry. Additionally, we examine the personal data that businesses maintain about their employees. Legal rights pertaining to data are highlighted, underscoring the paramount importance of respecting those rights. To facilitate the retention of key actions for data security, a set of 6 golden rules are introduced. These principles are not just theoretical; they are designed to be practically applied in the work environment, ensuring that data remains secure and protected. In hospitality, most data problems come from everyday mistakes and these are explored including using strong passwords, handling e mails securely and identifying and reporting risks. The importance of reporting any requests by guests to see their data is considered and awareness of children’s rights under the new DUAA 2025 along with sharing information is enhanced using examples. Furthermore, the role of the Data Protection Officer (DPO) is clearly defined, highlighting the importance of escalating any concerns that arise. This module also touches on PCI compliance in the context of card payment handling, showcasing its relationship with Data Protection standards. To further enhance your knowledge, a detailed module on Handling Customer Card Payments Securely is readily available, providing practical insights into PCI compliance tailored to the hospitality sector. An end quiz of 22 questions ensures key ponts are retained and there is a downloadable action plan. Key benefits: Understand why handling personal data securely matters in their role Identify different types of personal and sensitive data for guests and employees Respect the legal rights that individuals have over their personal data Apply 6 golden rules to day to day handling of personal data in the workplace Identify ways to keep personal information secure in the workplace Use strong passwords and be aware of scam e mails Understand the importance of reporting potential risks Identify how to respond to a guest SARs request Be aware of PCI compliance standards with a view to learning more if needed Know situations when personal data can be shared and follow the guidelines to do this securely Know where to find further information if want to research further
-
Data protection law and regulations control how information relating to individuals (known as personal data) is collected and used by businesses and other organisations. This course provides an introduction to data protection, highlighting the practical steps staff should take to comply with the law and international best practice.
-
The course covers the following aspects • Introduction • How data privacy comes into play • Data privacy principles • Transparency and notice • Purpose limitation • Data minimization • Accuracy and quality • Storage limitation • Security and accountability • Ethical considerations in data privacy • Best practices in data privacy • Privacy by design • Consent management and user control • Data anonymization and pseudonymization • Secure data storage and transmission • Employee training and awareness • Data breaches and consequences • Types of data breaches • Legal and financial consequences of data breaches
-
Have you ever wondered what could happen if sensitive customer data fell into the wrong hands? In the fast-paced world of financial services, protecting personal information isn’t just a legal requirement—it’s essential for maintaining trust and safeguarding your organization’s reputation. In this course, you’ll discover the core principles of GDPR and learn how to apply them in your daily work, even if you have little prior experience. Through practical examples, clear explanations, and real-world scenarios, you’ll gain the confidence to recognize sensitive data, handle it securely, respond to incidents, and follow your organization’s policies with ease. By the end, you’ll be ready to protect both your customers and your company, making GDPR compliance a natural part of your everyday routine.
-
(Updated Aug 2024) Privacy Issues is a course that raises awareness of the critical information all staff should know about privacy. Private information (data) is increasingly shared with third parties through tools, analytics, website cookies and search engine algorithms – sometimes without our knowledge or consent. Despite increasingly sophisticated data collection and protection mechanisms, privacy remains a concern for businesses, organizations and individuals. No-one can assume they are not being monitored, or be completely sure their privacy is not being breached or information misused. In this course psychologist Peter Quarry interviews lawyer Damien Smith about privacy issues and concerns and how businesses need to implement strategies to protect privacy.
-
Data protection law and regulations control how information relating to individuals (known as personal data) is collected and used by businesses and other organisations. This course provides an introduction to data protection, highlighting the practical steps staff should take to comply with the law in the DIFC.
-
A robust cybersecurity policy protects secure, critical or sensitive data and prevents it from falling in to the hands of malicious third parties. Accounts that contain highly sensitive data often require multiple layers of security — or multifactor authentication (MFA). Personal security can’t just be restricted to your computer. All of your devices, even those without internet connectivity, need protective measures.
-
Cybercrime continues to rise in scale and complexity, affecting both businesses and private individuals. This course provides an introduction to cybercrime, along with broader information security issues. It contains interactive case studies throughout, which highlight the practical steps staff should take to stay safe.