Data Protection Practitioner course
Practice DPO tasks with hands-on assignments in policymaking, impact assessments, awareness planning and third-party assurance.
Data Protection Practitioner prepares you for a successful progression and certification of a Data Protection Officer. You will learn how to build a GDPR-compliant data protection program and practice DPO tasks with hands-on assignments in policymaking, data protection impact assessments, incorporating data protection requirements and awareness planning. The course evaluates practical considerations in design and implementation, technology and tools supporting data protection, privacy enhancing technologies, and security by design. You’ll evaluate what data is required to support good governance and decision-making and how to translate the concept of management systems to a Data Protection Management System (DPMS). Lastly you will prepare yourself for an (external) compliance audit and define and implement a basic 3rd-party assurance process. This is an advanced level training. If you’re looking for an entry level training in privacy and data protection, have a look at our Data Protection Foundation Course.
“SECO combines a perfect blend of background reading, thought provoking tasks and open discussion. My knowledge base has increased exponentially over the 5- week programme, and it’s something that I would recommend to anyone seeking greater depth of transferable and practical knowledge in Data Protection.”
James Tarrant, Compliance Officer at iwoca, London- United Kingdom
Author & Trainer
Privacy Officer Tennet
Data Protection Program
Manager at PwC
At a Glance
Data Protection Practitioner
Advanced training for (aspiring) Data Protection Officers. GDPR-consultants, privacy consultants or compliance officers, IT or information security professionals looking to specialize in a privacy-related area.
Practice DPO tasks with hands-on assignments, from policymaking to data protection impact assessment to awareness planning.
Translate corporate goals into a vision on handling personal data. Develop a strategic data protection policy.
Incorporate data protection requirements including those based on privacy by design principles into new and already existing procedures. Describe generic data protection requirements for projects.
Create data inventories and data flow maps, draft a GDPR-compliant privacy notice.
Perform a Data Protection Impact Assessment (DPIA) and define data protection requirements based on the outcomes.
Design a data protection and privacy awareness program.
Integrate data protection-related decisions, policies, procedures, requirements and roles into a Data Protection Management System (DPMS).
Prepare for GDPR-compliance audits, design data protection reports.
Day 1 – Setting the stage – strategic considerations
• Data Protection Management Framework
• Provisions and common principles that govern the design of Privacy & Data Protection frameworks
• Main characteristics of a Vision on Data Protection and a (strategic) Data Protection Policy
• Policy implementation
• Privacy notice
• Data inventory
Day 2 – Data Protection Impact Assessment
• Risk Management and Data Protection Risk Assessment
• Threat actors, typical vulnerabilities and risk controls
• Risk-based approach and the importance of risk assessment
• Data Protection Impact Assessment (DPIA) in the context of the GDPR
• DPIA models and DPIA in practice
• Business, organisational and technical requirements relating to the protection of personal data
Day 3 – Operations
• Data subject rights management
• Contract management: managing processing agreements (Contents of a processing agreement, Controllers and processors)
• Complaints procedure
• Data breach procedure
• Administration and documentation – Register of processing activities
Day 4 – Design and Implementation
• Privacy Awareness (Privacy risks and human behaviour, Awareness-raising activities)
• Privacy / security by design / default
• Privacy-enhancing technologies
• Anonymisation and pseudonymisation
• Data protection requirements for projects
Day 5 – Governance
Data protection reports
• Selecting the right information
• Strategic monitoring
Data Protection Management System
• Roles and responsibilities
• Tasks of the DPO
• Establishing a Data Protection Program
• Privacy audits
• Third party assurance