Stay updated on our activities
Are you willing to go that extra mile to become the next generation Data Protection Officer? Because this is what we, at EIPA, have done when preparing this course for you! In a time of unprecedented challenges to our status quo, with organisations forced to adapt overnight to the new normal, data protection has been ranking high on the European agenda. More than ever, you will play an essential role in supporting your organisation to safeguard the privacy rights in a time of accelerated digital transformation.
This is why a multifaceted approach in delivering this course is paramount. Experts and practitioners at the forefront of data protection will guide you along the legal framework of the European data protection legislation, while elaborating on some of the most pressing privacy-related issues that have emerged in the context of the pandemic. This will involve applying an interactive and on-the-job methodology: role playing, concrete and realistic case studies, with both successful and non-successful outcomes and peer-to-peer discussions. By the end of the course, you will be provided with all the tools to design or augment a thorough data protection compliance programme in your organisation.
What will you learn
You will learn about:
- The European legal framework for data protection (including the GDPR);
- Key data protection concepts, principles and obligations;
- Actors, roles and responsibilities;
- The role of the DPO (Data Protection Officer), the EDPS (European Data Protection Supervisor) and the national supervisory authorities;
- Severity assessment of data breaches and assurance role of the DPO (accountability, requirements and demonstrating compliance);
- Cyber security, data protection audits, privacy and digital sovereignty;
- Options and solutions for cross-border data transfer and third-country data transfers;
- e-Privacy design and impact assessment;
- Grounds for processing, including legitimate interest and consent;
- The rights of data subjects and how to handle them.
We believe practical know-how is the key to effective learning. This course therefore includes:
- Detailed explanations of the key concepts, principles, actors and roles in the field of data protection and security;
- Role play and group exercises;
- Preparatory workshop for the final certification examination (optional);
- Insights with case-law examples;
- Input and coaching on practical issues encountered by participants from the DPO network, European institutions and agencies, Europol, Eurojust, EDPS, national authorities and other data protection experts;
- A highly interactive approach – the structure of the course will give you opportunities to ask questions and share experiences during the dedicated Q&A sessions.
To optimise your experience, we also recommend that you follow the optional preparatory workshop for the certification examination, when time will be devoted to a recap of the essentials, exercises, a discussion and a Q&A session.
- You will be able to process and transfer personal data, and comply with data protection requirements in your day-to-day work.
- You will be better aware of severity assessments of data breaches, data protection audits, cyber security and privacy.
- You will have a thorough understanding of how things work in practice and a vision of the EU’s future in this field.
- You will have a solid basis for continuous learning as a Data Protection Officer afterwards.
- You will benefit directly from the insights of data protection experts and from networking opportunities during the online breaks.
- You will obtain the EIPA attendance certificate.
- You will take the EIPA Data Protection Certification examination.
- You will be able to qualify as a data protection professional at European level.
- You will develop your professional international network in the field of data protection.
After taking this course, you can join EIPA’s dedicated community of practice together with other, former participants. You will also have access to the course materials for a duration of three months after the course.
On completion of the course, participants can take part in an exam leading to the awarding of the EIPA Data Protection Professional Certificate.
A few details about the examination:
- Examinees can use their own device to take the examination.
- The examination can be taken twice a year at EIPA headquarters in Maastricht.
- The examination lasts 2 hours.
- The maximum score obtainable is 100 points and in order to pass the examination, examinees need to obtain 60 points.
In order to guarantee a fair process, two randomly allocated reviewers from the examination board will evaluate the essays separately. The Chair of the examination board will have the last word after seeing the conclusions of both reviewers.
The examination is offered in English only. The time limit for the examination is sufficient for the vast majority of candidates, including non-native English speakers. No points are deducted due to possible grammar or language mistakes.
Handling of exams
EIPA will take all available precautions to ensure the appropriate and secure handling of completed essays.
In the event you did not manage to reach the set threshold and did therefore not pass the exam, you are offered the opportunity to do one examination re-sit for €150 within one year.
The Examination Board
The exam is under the supervision of an examination board. The examination board meets regularly to discuss the certification course requirements and approve the examinations. They discuss as needed to review and resolve any submitted certification appeals. The examination board consists of experts who have proven knowledge of and practical expertise in the field of data protection, one of whom will serve as chair.
Data Protection issues continue to change and it is very important to keep yourself ahead and update your knowledge regularly. Therefore, the EIPA certificate is valid for a period of two years. In order to update your knowledge and maintain the validity of your certificate you will need to attend EIPA’s refresher course on data protection every two years. You will receive an updated certificate after taking part in this.
You can find our full Certification policy here: www.eipa.eu/dataprotection
- Data Protection Officers and other data protection professionals;
- Legal and IT professionals;
- Anyone, from either the public or private sector, with proven working experience in the processing of personal data;
- Anyone who needs a certification at European level in order to advance their professional career;
- Candidates who wish to take and pass the examination.
This course will take place as a hybrid event, which gives participants the possibility to participate either face-to-face or online via a live stream. In the registration form section Additional information | Order notes please add whether you will participate in-person or online.
European Institute of Public Administration (EIPA)
O.L. Vrouweplein 22
6211 HE, Maastricht
Ms Eveline Hermens
Tel: +31 43 3296259
The fee includes documentation and refreshments. Lunches, a reception or dinner are included if mentioned in the programme. Accommodation and travel costs are at the expense of the participants or their administration.
EIPA member fee
EIPA offers a discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency.
Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Spain, Sweden.
For all other participants, the regular fee applies.
Some lunches as well as the dinner will be served at a restaurant in town. Special dietary requirements (e.g. vegetarian, diabetic) can be indicated once you receive the confirmation of the course.
Confirmation of registration will be forwarded to participants on receipt of the completed online registration form.
Prior payment is a condition for participation.
For administrative reasons you will be charged €150 for cancellations received within 15 days before the activity begins. There is no charge for qualified substitute participants.
EIPA reserves the right to cancel the activity up to 2 weeks before the starting date. In that case, registration fees received will be fully reimbursed. EIPA accepts no responsibility for any costs incurred (travel, accommodation, etc.).
|08.30||Registration of participants|
|09.00||Introduction to the course
Florina Pop, Data Protection Expert, EIPA, Maastricht (NL)
|09.15||Data protection: the basics and the European legal framework
|10.00||Roles and actors in the field of data protection
Reyes Otero Zapata, Data Protection Officer, Council of the European Union, Brussels (BE)
|11.15||Case studies and examples
Reyes Otero Zapata
|11.45||The role of the Data Protection Officer (DPO)
Diana Alonso Blas, Data Protection Officer and Head of Data Protection Service, Eurojust, The Hague (NL)
Dr Barbara Eggl, Data Protection Expert, Frankfurt (DE)
|14.45||Workshop on the role of the DPO
Diana Alonso Blas, Reyes Otero Zapata and Dr Barbara Eggl
|16.00||Data subject rights
Dr Barbara Eggl, Data Protection Expert, Frankfurt (DE)
|17.00||End of first day|
|19.00||Dinner in a restaurant in town|
|09.00||Registration of participants|
|09.15||Supervising data protection compliance: The role of the data protection authorities.
Examples from EU institutions
Ute Kallenberger, Head of Inspections, European Data Protection Supervisor (EDPS), Brussels (BE)
|10.45||Supervising data protection compliance: The role of the data protection authorities.
Examples from the national level
Speaker to be confirmed
|13.30||Information on the certification examination and Q&A (interactive session)
Lukas Adomavicius, Research Assistant, EIPA, Maastricht (NL) & Graham Sutton
|14.00||Data protection impact assessment
Dr Barbara Eggl
|15.30||End of the day|
|08.45||Registration of participants|
|09.00||Data protection and data security: it’s all about the protection of information
Daniel Drewer, Data Protection Officer, Europol, The Hague (NL)
|10.30||Data protection audit: only nice to have or a must for DPOs?
|13.00||Current cyber threat landscape
Muyiwa Olufon, Director, EMEA Information Security, Nike (NL)
|14.15||Data breaches: accountability of the DPO as assurance provider (interactive session)
Daniel Drewer and Muyiwa Olufon
|15.30||End of the day|
|08.45||Registration of participants|
|09.00||Cross-border data transfers – options and solutions
Diana Alonso Blas
|10.00||Group exercise: cross-border data transfers in practice (interactive session)
Diana Alonso Blas
|11.15||Group exercise: cross-border data transfers in practice (interactive session)
Diana Alonso Blas
|13.30||ePrivacy Directive and the proposed ePrivacy Regulation
Speaker to be confirmed
|15.00||Recap of the essentials: preparation for the certification examination
|16.00||End of the day|
|08.45||Registration of participants|
|09.00||Optional preparatory workshop: preparing for the certification examination
Marta Moretti, Senior Counsel Europe and New Markets, BeiGene GmbH (CH) and Lawyer and Teaching Assistant at LUISS University, Rome (IT)
|15.30||End of the examination and of the course.|
What former participants say
Leave a review
A great course which made the most out of the limited time of one week. There were great lecturers, a tight but nice schedule, enough time to socialize with other participants, all set in a beautiful town in the centre of Western Europe. The only weak part was the coffee.
Overall the course is good, but in my opion to focused in the European Institutions and not in the private sector.
Great course which was organised at the right time!
It is an excellent training ! Great organization and very useful.
Excellent training !
The course was very well organised; all presenters were highly knowledgeable; presentations very effective and to the point. EIPA team were very supportive and friendly. One important aspect has been the possibility of networking with your colleagues from all around of Europe (EU institutions and the private sector). Social events/dinners were organised in very nice places. Indeed, I was surprised about the quality of the food! I definitely recommend this course to who needs a deep knowledge of the GDPR.
I would recommend this very good course to private sector lawyers with already some experience in the data protection field. You may attend the course without any previous knowledge, but to a more experienced lawyer the fantastic line of speakers gives an excellent opportunity to rise discussions in more complex matters and actually get answers that help to solve the matters. Additionally, I would say that, having a lot of experience with similar course programs, this one was very well organized and left a feeling that it was time well spent. I do hope that EIPA will offer additional expert level courses in the future.
Thanks for a great week with in-depth covering of all the aspects of the EU's new General Data Protection Regulation + quite a lot of other related information. It was a tremendous lot of information to assimilate during one short week, but with the help of great tutors, in-depth discussions with fellow students, practical exercises and workshops, and comprehensive presentations, I feel that it was possible to assimilate the essence of the material and that I now have a good platform for further development of my skills in this area and thus beeing able to render my clients with useful services and advice:)
A really great course with varied presenters from across the spectrum of Data Protection. The organisation of the course was excellent and the location in Maastricht was fantastic. I felt the course offered a lot of opportunities to network and to benefit from the experience and knowledge of fellow participants. Would highly recommend it to anyone with an interest in Data Protection.
Course that addresses the main themes of the General Data Protection Regulation, with a good balance between theory and practice.
A very detailed course on GDPR and European Regulations. It will be of particular interest to those in EU Institutions or in Public sector organisations.
Very good overall course that I would highly recommend to those who want to improve their Data Protection skills. On a side note, I would advise further marketing effort on the private sector thus increasing the quality of the examples and networking opportunities.
The course was very well organized by EIPA (logistics, meals, documentation, final exam, etc.) and the lecturers were real experts who shared their knowledge and experience in data protection matters in a very practical and enthusiastic way. I really liked this course and would like to recommend it to anyone who has to work in this area.
This is a very useful course with great lecturers, which is very well organized.
An excellent program. I was overwhelmed with the number of experts with practical experience on Data Protection. It was an eye opener and a great experience. I took down two sets of notes, one for my pre-exam revision and the 2nd for my to do list. I kept reflecting on my organisational processes and policy documents, what I learnt will go a long way in making my organisation up to date with international best practices. On the soft side of the program, keep up the good planning. Congratulations to the whole team!
A well-structured course on Data Protection, ranging from understanding the philosophy and core objectives to applying the methods suggested in GDPR. The experts are very helpful and willingly share insights of the topics and practices. The peers are excellent and dynamic. Discussions both in and out of the classes are indeed helpful to clarify the insights and applications of them. Very helpful team of organisers and supporting staffs. Very impressed with the course.
Among the many other Data Protection trainings I've attended I found EIPA's a great source of information. Nevertheless, the key success factor here is the way the training is developed and implemented. You'll not find a mere revision of GDPR (and other related data privacy laws) contents, but how they have been implemented by the panelists in their respective fields of knowledge and current professional roles, mostly in EU institutions. The approach given to the sessions (combining theoretical and practical information) makes it easy to understand the sharpen topics of the law. A special mention to the high level of knowledge from my colleagues (coming mostly from public bodies and institutions) that enriched debates. The schedule was really tough and intense but also lightened by social events and networking spare time. Highly recommendable.
A well built course, very much worth it - the topics of lectures take you through the main components of Data Protection, crucial institutions, complex issues, the current state of affairs, future trends. The lecturers are professionals representing key European institutions. Discussions flow freely alongside theory and includes group work as well as plenty networking with your peers.
I was positively surprised with this course. I had the opportunity to learn from the best-of-the-best in the field of Data Protection which was both an overwhelming and enlightening experience! The course programme accomplished the challenging task of balancing practical and theoretical content. I could also benefit from the extraordinary diversity of the colleagues with so many different experiences, knowledge and professional backgrounds which enriched this learning experience even more. A special note also to praise the very good organization, logistics, and the resources provided for the course, and to thank the courtesy and care with which the participants were treated. I would definitely recommend this course to any professional in the Data Protection field has an important reference in their professional path!
Despite the fact that the course had to be online, i certainly enjoyed having this course. Because it gave me a good documented and practical view and insights of the GDPR. Compliments on the organisation and the lecturers.
Very good and complete training. Both the lecturers and organizers made from this first online training of one week a success. Although the exchanges are more difficult and participants are not equally involved in the online environment, the information transmitted was exhaustive and the lectures explicit.
This course guides you through a really inspiring journey in the world of data protection. It's highly recommended both for newcomers in the field and for privacy professionals!
I would like to thank you once again for the courses and the organisation of the seminar. The presentations were of high quality and the speakers were very exciting. Even though I am very aware of all the topics linked to data protection, it was great to have new views on all of that. I will report my director and of course recommend the courses to my colleagues.
I really appreciate the training. I would have loved to have more time debating. I will participate in future events/trainings as I found the speakers to be excellent professionals.
The training is excellent in respect of the knowledge one acquires during its course on all subjects concerning the world of the GDPR. Beginners definitely reach a very good level of understanding of all related matters and more advanced professionals are also benefited especially through the discussion of real-life examples. The presenters do a very good job of constructively interacting with participants and are very kind - their expertise and knowledge are with no doubt. The organizers of the event are true professionals, always there to help and proactively take care of all relevant issues.
I am very pleased with the quality of this course, of the course materials and of the speakers. It has been a very intense week, and although, due to Covid, the entire course was held on-line, everything was on spot and there was a good connection with the presenters and with the other participants during breaks.
This DPO course is perfect for both beginners and more advanced professionals. It provides a good foundation of knowledge, but also, thanks to the talent of the speakers and the interactivity with the participants, an in-depth understanding of particular topics. It is also very well structured and organised. I highly recommend it. Thank you!
IT Project Officer - Smalls
I recommend without reservations the DPO certification course by the EIPA. It is both theoretically impeccable and practically rich. Most importantly, it is imparted by seasoned professionals who share real life applications of what otherwise you will only read in textbooks. It’s worth every penny!
Data Protection Officer - Apex Fund Services, S.A. Luxembourg