I’ve successfully completed the Understanding the GDPR MOOC offered by the University of Groningen’s Security, Technology and e-Privacy (STeP) Research Group on FutureLearn.
- It’s a four week course but I completed a good amount of on-the-job research prior to taking the course and, therefore, managed to complete the entire thing in about a week.
- The topics covered are both comprehensive and realistic. It doesn’t get bogged down in the details and does an excellent job of covering the issues companies need to know in order to begin a gap analysis and ensure compliance.
- The General Data Protection Regulation (GDPR) is still very new and many of the questions professionals, researchers, companies, corporations and governments have are not possible to answer. The reason for the lack of answers is simply this: when the issue is taken to court, the courts will hold a full investigation and trial. The results of that legal process will stand as Independence for suture decisions. There is very little in the way of legal precedence currently established, so the academic and professional focus is on the ‘spirit of the requirements’ and the ‘primary objectives behind the establishment of the law.’
- The course has a series of quizzes that must be passed at 75% or higher (total cumulative score) in order to receive a certificate. There’s only one opportunity to take each quiz – they cannot be redone. It’s possible to open up the videos, articles and lecture notes while taking the quiz and there is no time limit – so it is (in essence) open book. It is not possible to search everything and auto-find the answers. So, be sure to do your readings, watch all the videos and pay attention to the notes provided during the practice quizes!
- Successful completion of the full (paid) version results in a certificate that can be used for continuing education credits (this is useful if you hold a professional certification in a related area!).
The MOOC is well worth the time and effort. I highly recommend it to anyone involved in GDPR compliance or information security.