Stay updated on our activities
Data Protection: Refresher and Advanced Course for DPOs and Data Protection Experts
The combination of these courses Refresher and Advanced Course for DPOs and Data Protection Experts and the Data Protection:Hands-on Module will allow you to immerse yourself in one week solely dedicated to data protection issues. These two courses will provide you with substantial knowledge in the field of data protection as well as practical knowledge on how to apply it, in the form of interactive workshops.
You can choose to book only the Refresher and Advanced for DPOs and Data Protection Experts course if you want to renew your DPO certification. If you do not want to renew your DPO certification and only want to complement your knowledge with practical ‘on the job’ workshops, you can book only the Hands-on module.
Module 1 – Refresher and Advanced Course for DPOs and Data Protection Experts
We believe in constantly updating professional knowledge, particularly in the field of data protection. In a time of unprecedented challenges posed by ever-evolving technologies and different ways to use personal data, continuous learning and updating your expertise is crucial.
The data protection officer (DPO) is a key element of accountability in every organisation as required by the General Data Protection Regulation (GDPR) And Regulation 2018/1725 (EUDPR). However, the expectations and knowledge required for the DPO are multifaceted. That requires not only mastering the GDPR or the EUDPR, but also being familiar with practical aspects of ensuring secure personal data processing and responding to data breaches.
This is why a multifaceted approach in delivering this Refresher and Advanced Course for DPOs and Data Protection Experts course is paramount. Experts and practitioners at the forefront of data protection will guide you along the legal framework of the European data protection legislation, while elaborating on some of the most pressing privacy-related issues that have emerged in the context of the pandemic.
This course is designed to help you to refresh and update your data protection knowledge. Concrete examples regarding the data protection legislative framework, analysis of the new CJEU case law, guidelines from the European Data Protection Supervisor (EDPS) as well as relevant and realistic case studies will help you to refine your expertise and deepen your understanding of your duties and responsibilities. You will be able to benefit from the knowledge of the trainers to support the performance of your daily tasks, make it easier to deal with challenging and complex issues in a structured way, and take decisions that are pragmatic, but still compliant.
Module 2 – Hands-on Module
User-generated data and the exponential industrial value of data is increasing every day. Therefore, putting together a formal set of data protection policies and procedures is essential, regardless of the size of your company or the sector it operates within. This significant step in data protection compliance is crucial to ensuring your business is built to protect the information you process on employees, customers, partners and all other parties whose data may come into your possession. Lastly, it is crucial to put in place safeguards after experiencing a data breach.
Do you need practical knowledge on how to deal with data protection related issues? Are you in doubt about how to implement requirements set out in the GDPR or EUDPR in your organisation? Do you have the knowledge but lack practical experience in the data protection field?
This course is designed to provide practical, hands-on experience to complement your existing knowledge in the field of data protection. The hands-on module is primarily focused on enhancing the day-to-day work of DPOs and anyone working in the field of data protection. You will benefit from the trainers’ knowledge and practical experience by participating in the interactive workshops.
The hands-on module is an extraordinary opportunity to put your data protection knowledge into practice. This course employs a methodology focused on practical workshops that will be moderated by practitioners in the field. The workshops will use various simulations that will allow you to learn by doing.
Should you be interested in participation in this seminar remotely, please contact us.
What will you learn:
- How to deal with controllers’ expectations and manage diverging objectives in the business environment (stakeholder management);
- How to ensure data protection by design and by default in a fast-changing digital and legal environment;
- How to assess data protection compliance and how it is interlinked with IT security;
- Risk analysis and management;
- How to assess issues related to personal data transfers;
- What actions to take in case of personal data breaches;
- How to implement controls;
- The tasks and responsibilities of the DPO;
- How to audit an ICT provider;
- The difference between anonymisation, pseudo-anonymisation and encryption;
- How to conduct a data protection impact assessment;
- What is a data processing agreement and its practical implications;
- How to counter opposition from the rest of the organisation – a view from the DPO perspective;
- How to ensure data protection compliant migration to a cloud computing service provider;
- How to draft a data breach protocol and effectively raise awareness;
- How to act after a significant data breach, including audit and lessons learnt.
Course methodology/highlights:
We believe that practical know-how is the key to effective learning. This course therefore includes:
- Individual preparation for the course – you are invited to bring along any information about the mission, vision, values and data protection (GDPR and EUDPR) framework and governance within your organisation for case study;
- Group and individual assignments;
- Practical exercises on DPO roles and responsibilities;
- An interactive approach: the module’s structure will give you the opportunity to ask questions and share and discuss experiences, knowledge, needs and challenges with the trainers and other participants;
- There will be time for note-taking on what you learn, so you can apply it to your own situation
NB: The successful completion of this course will renew your DPO certification.
You will be able to
- facilitate the development of an effective data protection strategy and plan;
- draft specific policies and procedures;
- manage data breaches;
- ensure data protection compliant transfers of personal data;
- define the pragmatic approaches to ensure GDPR compliance within your organisation;
- support your organisation in identifying gaps to be addressed in view of GDPR and EUDPR compliance;
- advise your organisation on how to manage personal data;
- support a data protection communication and training plan;
- develop your professional international network in the field of data protection.
Before or after course support
After taking this course, you can join EIPA’s dedicated community of practice together with former participants. You will also have access to the course materials for three months after the course.
- Managers and DPOs exposed to questions related to data protection and the management of the related risks, plans and solutions;
- Data protection experts and advisors;
- Certified DPOs;
- Anyone in the public or private sector who is responsible for their organisation’s compliance with the GDPR and EUDPR.
Course venue
European Institute of Public Administration (EIPA)
O.L. Vrouweplein 22
6211 HE, Maastricht
the Netherlands
Programme Organiser
Ms Eveline Hermens
Tel: +31 43 3296259
e.hermens@eipa.eu
Fee
The fee includes documentation and refreshments. Lunches, a reception or dinner are included if mentioned in the programme. Accommodation and travel costs are at the expense of the participants or their administration.
Discounts
EIPA member fee
EIPA offers a discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency.
Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Spain, Sweden.
For all other participants, the regular fee applies.
Early bird discount
The early bird discount is not cumulative with other discounts or promo codes, except for the EIPA member fee.
Meals
Dietary preferences can be indicated on the registration form.
Hotel reservations
EIPA has special price arrangements with a number of hotels. All hotels are within 10 minutes walking distance from EIPA. Should you wish to make use of this possibility, please book directly via the links below. Payment is to be made directly and personally to the hotel upon checking out.
Confirmation
Confirmation of registration will be forwarded to participants on receipt of the completed online registration form.
Payment
Prior payment is a condition for participation.
Cancellation policy
For administrative reasons you will be charged €150 for cancellations received within 15 days before the activity begins. There is no charge for qualified substitute participants.
EIPA reserves the right to cancel the activity up to 2 weeks before the starting date. In that case, registration fees received will be fully reimbursed. EIPA accepts no responsibility for any costs incurred (travel, accommodation, etc.).
Download the brochure
I have a question
Our experts
Programme
Module 1 – Refresher and Advanced Course for DPOs and Data Protection Experts | |
08.45 | Registration of participants |
09.00 | Welcome: objectives of the course Florina Pop, Senior Lecturer/Data Protection Expert, EIPA, Maastricht (NL) |
09.15 | Recent Jurisprudence of the CJEU. Schrems I & II Updates Xavier Tracol, Senior Legal Officer, Data Protection Office, EUROJUST, The Hague (NL) |
10.00 | Break |
10.30 | Data Processing Agreements & Contracts Elisa Moro, Data Protection Specialist, Council of the European Union, Brussels (BE) |
11.15 | Q&A |
11.30 | Break |
11.45 | Transfers of Personal Data – New Challenges Elisa Moro |
12.45 | Lunch break at Hotel Derlon |
14.15 | Workshop on Data Processing Agreements & Contracts (with transfer of data) Elisa Moro |
15.15 | Q&A |
15.30 | End of day 1 |
09.00 | Recent Jurisprudence of the ECtHR and the CJEU (I) Xavier Tracol, Senior Legal Officer, Data Protection Office, EUROJUST, The Hague (NL) |
10.00 | Q&A |
10.15 | Break |
10.45 | Recent Jurisprudence of the ECtHR and the CJEU (II) Xavier Tracol |
11.30 | Q&A |
11.45 | Respond to Data Subject’s Rights: Practical Approaches Dr Barbara Eggl |
12:45 | Lunch break at EIPA |
14.30 | Workshop: Data Subject’s Rights Dr Barbara Eggl |
15.30 | End of day 2 |
19.00 | Dinner in restaurant Bouchon d’en Face, Wycker Brugstraat 54, 6221 ED Maastricht (Tel: +31 43 311 6438 |
09.00 | Data Breach Management: How to Respond to a Data Breach – DPO Perspective Florina Pop |
09.45 | Assignment: analyse data breach: case studies and examples Florina Pop |
10.30 | Break |
11.00 | Controller – Joint Controller – Processor Emma Rodríguez Montes, Data Protection Specialist in the Data Protection Office, EUIPO, Alicante (ES) |
11.45 | Q&A |
12.00 | Case study: Controller – Joint Controller – Processor Emma Rodríguez Montes |
13.00 | Lunch break at Hotel Derlon |
14.30 | Data Protection Safeguards Technical safeguards for digital and physical data Brian Honan, Director, BH Consulting, Dublin (IE) |
15.30 | Assignment: identify data protection safeguards for a particular use case Brian Honan |
16.15
| Opportunities and Challenges EU Data Protection Landscape – GDPR and EUDPR. Conclusions Dr Barbara Eggl |
17.15 | End of the day |
Module 2 – Data Protection: Hands-on Module | |
08.45 | Registration of participants |
09.00 | Welcome: objectives of the course Florina Pop, Senior Lecturer/Data Protection Expert, EIPA, Maastricht (NL) |
09.15 | Mapping the Data – the Task of the DPO? (interactive workshop) Cristobal Lander Rodriguez, Deputy DPO, EUIPO, Alicante (ES) |
10.15 | How to Audit an ICT Provider – a Methodology (interactive workshop) Brian Honan, Director, BH Consulting, Dublin (IE) |
11.15 | Q&A |
11.30 | Break with Limburg treat |
12.00 | Migration to a Cloud Computing Service Provider – a Toolkit (interactive workshop) Brian Honan |
13.00 | Q&A |
13.15 | Lunch break at EIPA |
14.45 | Filling in the Gaps in your Risk Assessment. Focus on Codes of Conducts (interactive workshop) Cristobal Lander Rodriguez |
15.45 | Break |
16.15 | Work on a Data Protection Impact Assessment Template: A Step-by-Step Approach (interactive workshop) Emma Rodríguez Montes, EUIPO, Alicante (ES) |
17.15 | End of day 4 |
09.00 | Anonymisation, Pseudonymisation and Encryption (interactive workshop) Xabier Lareo, Technology and Security Officer at European Data Protection Supervisor (EDPS) |
10.00 | Q&A |
10.15 | Coffee break |
10.45 | How to Counter Opposition from the Rest of the Organisation – DPOs (interactive workshop) Gloria Folguera Ventura, DPO, EUIPO, Alicante (ES) |
11.45 | Q&A |
12.00 | Lunch Break at Hotel Derlon |
13.15 | Strategy of Influence: How to Master the Art of Effective Communication in your Organisation (interactive workshop) Frank Lavadoux, Senior Lecturer, EIPA, Maastricht (NL) |
14.15 | A Data Processing Agreement: Just Another Agreement? (interactive workshop) Dr. Carlo Piltz, Lawyer/Partner at Piltz Legal, Berlin (DE) |
15:15 | Q&A |
15:30 | Conclusions and end of the course |