Data Protection Practitioner course

5 days

Practice DPO tasks with hands-on assignments in policymaking, impact assessments, awareness planning and third-party assurance.

Data Protection Practitioner prepares you for a successful progression and certification of a Data Protection Officer.  You will learn how to build a GDPR-compliant data protection program and practice DPO tasks with hands-on assignments in policymaking, data protection impact assessments, incorporating data protection requirements and awareness planning. The course evaluates practical considerations in design and implementation, technology and tools supporting data protection, privacy enhancing technologies, and security by design. You’ll evaluate what data is required to support good governance and decision-making and how to translate the concept of management systems to a Data Protection Management System (DPMS). Lastly you will prepare yourself for an (external) compliance audit and define and implement a basic 3rd-party assurance process. This is an advanced level training. If you’re looking for an entry level training in privacy and data protection, have a look at our Data Protection Foundation Course.

“SECO combines a perfect blend of background reading, thought provoking tasks and open discussion. My knowledge base has increased exponentially over the 5- week programme, and it’s something that I would recommend to anyone seeking greater depth of transferable and practical knowledge in Data Protection.”

James Tarrant, Compliance Officer at iwoca, London- United Kingdom

Authors & Lead Trainers

Bart Baars
Author & Trainer

Privacy consultant
Privacy Officer Tennet

Anouk Dekoninck
Trainer

Data Protection Program
Manager at PwC

At a Glance

Advanced level

Data Protection Practitioner

5 days

Advanced training for (aspiring) Data Protection Officers. GDPR-consultants, privacy consultants or compliance officers, IT or information security professionals looking to specialize in a privacy-related area.

Practice DPO tasks with hands-on assignments, from policymaking to data protection impact assessment to awareness planning.

Translate corporate goals into a vision on handling personal data. Develop a strategic data protection policy.

Incorporate data protection requirements including those based on privacy by design principles into new and already existing procedures. Describe generic data protection requirements for projects.

Create data inventories and data flow maps, draft a GDPR-compliant privacy notice.

Perform a Data Protection Impact Assessment (DPIA) and define data protection requirements based on the outcomes.

Design a data protection and privacy awareness program.

Integrate data protection-related decisions, policies, procedures, requirements and roles into a Data Protection Management System (DPMS).

Prepare for GDPR-compliance audits, design data protection reports.

Syllabus

Setting the stage – strategic considerations

Topics:

• Data Protection Management Framework
• Provisions and common principles that govern the design of Privacy & Data Protection frameworks
• Main characteristics of a Vision on Data Protection and a (strategic) Data Protection Policy
• Policy implementation
• Privacy notice
• Data inventory

Data Protection Impact Assessment

Topics:

• Risk Management and Data Protection Risk Assessment
• Threat actors, typical vulnerabilities and risk controls
• Risk-based approach and the importance of risk assessment
• Data Protection Impact Assessment (DPIA) in the context of the GDPR
• DPIA models and DPIA in practice
• Business, organisational and technical requirements relating to the protection of personal data

Operations

Topics:

• Data subject rights management
• Contract management: managing processing agreements (Contents of a processing agreement, Controllers and processors)
• Complaints procedure
• Data breach procedure
• Administration and documentation – Register of processing activities

Design and Implementation

Topics:

• Privacy Awareness (Privacy risks and human behaviour, Awareness-raising activities)
• Privacy / security by design / default
• Privacy-enhancing technologies
• Anonymisation and pseudonymisation
• Data protection requirements for projects

Governance

Topics:

Data protection reports
• Metrics
• Selecting the right information
• Strategic monitoring
Data Protection Management System
• Roles and responsibilities
• Tasks of the DPO
• Establishing a Data Protection Program
Compliance
• Privacy audits
• Third party assurance

Collect your badge of honor

Exam

  • Language: English
  • Delivered: Online via a certified proctor
  • Questions: 10 multiple choice, 5 open questions, one case
  • Time: 120 minutes

Dates & locations

Online Live

5 days

10am – 5.00pm CEST

Find a Local Training Partner

Organize a class dedicated for your team