Data Protection Practitioner course

5 days

Practice DPO tasks with hands-on assignments in policymaking, impact assessments, awareness planning and third-party assurance.

Data Protection Practitioner prepares you for a successful progression and certification of a Data Protection Officer.  You will learn how to build a GDPR-compliant data protection program and practice DPO tasks with hands-on assignments in policymaking, data protection impact assessments, incorporating data protection requirements and awareness planning. The course evaluates practical considerations in design and implementation, technology and tools supporting data protection, privacy enhancing technologies, and security by design. You’ll evaluate what data is required to support good governance and decision-making and how to translate the concept of management systems to a Data Protection Management System (DPMS). Lastly you will prepare yourself for an (external) compliance audit and define and implement a basic 3rd-party assurance process. This is an advanced level training. If you’re looking for an entry level training in privacy and data protection, have a look at our Data Protection Foundation Course.

“SECO combines a perfect blend of background reading, thought provoking tasks and open discussion. My knowledge base has increased exponentially over the 5- week programme, and it’s something that I would recommend to anyone seeking greater depth of transferable and practical knowledge in Data Protection.”

James Tarrant, Compliance Officer at iwoca, London- United Kingdom

Authors & Lead Trainers

Bart Baars
Author & Trainer

Privacy consultant
Privacy Officer

Anouk Dekoninck

Data Protection Program
Manager at PwC

At a Glance

Advanced level

Data Protection Practitioner

5 days

Advanced training for (aspiring) Data Protection Officers. GDPR-consultants, privacy consultants or compliance officers, IT or information security professionals looking to specialize in a privacy-related area.

Practice DPO tasks with hands-on assignments, from policymaking to data protection impact assessment to awareness planning.

Translate corporate goals into a vision on handling personal data. Develop a strategic data protection policy.

Incorporate data protection requirements including those based on privacy by design principles into new and already existing procedures. Describe generic data protection requirements for projects.

Create data inventories and data flow maps, draft a GDPR-compliant privacy notice.

Perform a Data Protection Impact Assessment (DPIA) and define data protection requirements based on the outcomes.

Design a data protection and privacy awareness program.

Integrate data protection-related decisions, policies, procedures, requirements and roles into a Data Protection Management System (DPMS).

Prepare for GDPR-compliance audits, design data protection reports.

What’s included

  • Official SECO-Institute course materials
  • Training from passionate instructors with exceptional skills
  • Access to the SECO member portal
  • Practice exam
  • Exam voucher
  • Membership to SECO’s Alumni Network after passing the exam


Day 1 – Setting the stage – strategic considerations


• Data Protection Management Framework
• Provisions and common principles that govern the design of Privacy & Data Protection frameworks
• Main characteristics of a Vision on Data Protection and a (strategic) Data Protection Policy
• Policy implementation
• Privacy notice
• Data inventory

Day 2 – Data Protection Impact Assessment


• Risk Management and Data Protection Risk Assessment
• Threat actors, typical vulnerabilities and risk controls
• Risk-based approach and the importance of risk assessment
• Data Protection Impact Assessment (DPIA) in the context of the GDPR
• DPIA models and DPIA in practice
• Business, organisational and technical requirements relating to the protection of personal data

Day 3 – Operations


• Data subject rights management
• Contract management: managing processing agreements (Contents of a processing agreement, Controllers and processors)
• Complaints procedure
• Data breach procedure
• Administration and documentation – Register of processing activities

Day 4 – Design and Implementation


• Privacy Awareness (Privacy risks and human behaviour, Awareness-raising activities)
• Privacy / security by design / default
• Privacy-enhancing technologies
• Anonymisation and pseudonymisation
• Data protection requirements for projects

Day 5 – Governance


Data protection reports
• Metrics
• Selecting the right information
• Strategic monitoring
Data Protection Management System
• Roles and responsibilities
• Tasks of the DPO
• Establishing a Data Protection Program
• Privacy audits
• Third party assurance

Collect your badge of honor


  • Language: English
  • Delivered: Online via a certified proctor
  • Questions: 10 multiple choice, 5 open questions, one case
  • Time: 120 minutes

Join our Alumni Network

Dates & locations

This program is conducted by our training partner, Security Academy Online.

Find a Local Training Partner

Organize a class dedicated for your team