Data Protection Certification Course

Project number: 2111502

- Online Course -

Request brochure

Date & pricing

14/06/2021 - 18/06/2021
Register before: 09/06/2021

€ 2.000,00 per attendee

€ 1.800,00 for EIPA members*

Data Protection Certification Course

(26 customer reviews)

From:  1.800,00

Our certified Data Protection Certification online course is designed to provide you with optimum preparation. It will answer your questions related to becoming a Data Protection Officer and high-level professional and it will help you deal with everyday data protection issues.

About this online course

Are you willing to go that extra mile to become the next generation Data Protection Officer? Because this is what we, at EIPA, have done when preparing this course for you! In a time of unprecedented challenges to our status quo, with organisations forced to adapt overnight to the new normal, data protection has been ranking high on the European agenda. More than ever, you will play an essential role in supporting your organisation to safeguard the privacy rights in a time of accelerated digital transformation.

This is why a multifaceted approach in delivering this course is paramount. Experts and practitioners at the forefront of data protection will guide you along the legal framework of the European data protection legislation, while elaborating on some of the most pressing privacy-related issues that have emerged in the context of the pandemic. This will involve applying an interactive and on-the-job methodology: role playing, concrete and realistic case studies, with both successful and non-successful outcomes and peer-to-peer discussions. By the end of the course, you will be provided with all the tools to design or augment a thorough data protection compliance programme in your organisation.

What will you learn?

  • The European legal framework for data protection (including the GDPR);
  • Key data protection concepts, principles and obligations;
  • Actors, roles and responsibilities;
  • The role of the DPO (Data Protection Officer), the EDPS (European Data Protection Supervisor) and the national supervisory authorities;
  • Severity assessment of data breaches and assurance role of the DPO (accountability, requirements and demonstrating compliance);
  • Cyber security, data protection audits, privacy and digital sovereignty;
  • Options and solutions for cross-border data transfer and third-country data transfers;
  • e-Privacy design and impact assessment;
  • Grounds for processing, including legitimate interest and consent;
  • The rights of data subjects and how to handle them.

Course methodology/highlights and level

We believe practical know-how is the key to effective learning. This course therefore includes:

  • Detailed explanations of the key concepts, principles, actors and roles in the field of data protection and security;
  • Role play and group exercises;
  • Preparatory workshop for the final certification examination (optional);
  • Insights with case-law examples;
  • Input and coaching on practical issues encountered by participants from the DPO network, European institutions and agencies, Europol, Eurojust, EDPS, national authorities and other data protection experts;
  • A highly interactive approach – the structure of the course will give you opportunities to ask questions and share experiences during the dedicated Q&A sessions and online breakout rooms.

To optimise your experience, we also recommend that you follow the optional preparatory workshop for the certification examination, when time will be devoted to a recap of the essentials, exercises, a discussion and a Q&A session.

Our expert Daniel Drewer, DPO of Europol, briefly introduces our course: it doesn’t matter if our participants start in the public administration, in the area of police, justice or the banking authority, because the challenges for the data protection function are all the same.

Watch the video

How will it help you?

  • You will be able to process and transfer personal data, and comply with data protection requirements in your day-to-day work.
  • You will be better aware of severity assessments of data breaches, data protection audits, cyber security and privacy.
  • You will have a thorough understanding of how things work in practice and a vision of the EU’s future in this field.
  • You will have a solid basis for continuous learning as a Data Protection Officer afterwards.
  • You will benefit directly from the insights of data protection experts and from networking opportunities during the online breaks.
  • You will obtain the EIPA attendance certificate.
  • You will take the EIPA Data Protection Certification examination.
  • You will be able to qualify as a data protection professional at European level.
  • You will develop your professional international network in the field of data protection.

After-course support

After taking this course, you can join EIPA’s dedicated community of practice together with other, former participants. You will also have access to the course materials for a duration of three months after the course. Keep in touch and share your ideas with this growing community of professionals on EIPA’s Data Protection LinkedIn group.

Target group

  • Data Protection Officers and other data protection professionals;
  • Legal and IT professionals;
  • Anyone, from either the public or private sector, with proven working experience in the processing of personal data;
  • Anyone who needs a certification at European level in order to advance their professional career;
  • Candidates who wish to take and pass the examination.
Florina Pop

Florina Pop

Data Protection

Reyes Otero Zapata

Reyes Otero Zapata

Council of the European Union
EU Decision Making, Administrative Law, Data Protection

Barbara Eggl

Barbara Eggl

Independent consultant on Data Protection
Data Protection Expert, former DPO ECB

Diana Alonso Blas

Diana Alonso Blas

Data Protection

Nataša Pirc Musar

Nataša Pirc Musar

Law Firm Pirc Musar & Lemut Strle
Data Protection

Fabrizio Rossi

Fabrizio Rossi

CAF Desk Officer

Daniel Drewer

Daniel Drewer

Data Protection

Muyiwa Olufon

Muyiwa Olufon

Cyber security

Marta Moretti

Marta Moretti

Avvocati Associati Franzosi Dal Negro Setti
Data protection, antitrust, state aid and life sciences


On completion of the course, participants can take part in an exam leading to the awarding of the EIPA Data Protection Professional Certificate.

A few details about the examination:

  • Examinees can use their own device to take the examination.
  • The examination can be taken twice a year at EIPA headquarters in Maastricht, but currently online only (until further notice).
  • The examination lasts 2 hours.
  • The maximum score obtainable is 100 points and in order to pass the examination, examinees need to obtain 60 points.

Examination process
In order to guarantee a fair process, two randomly allocated reviewers from the examination board will evaluate the essays separately. The Chair of the examination board will have the last word after seeing the conclusions of both reviewers.

The examination is offered in English only. The time limit for the examination is sufficient for the vast majority of candidates, including non-native English speakers. No points are deducted due to possible grammar or language mistakes.

Handling of exams
EIPA will take all available precautions to ensure the appropriate and secure handling of completed essays.

Examination re-sit
In the event you did not manage to reach the set threshold and did therefore not pass the exam, you are offered the opportunity to do one examination re-sit for €150 within one year.

The Examination Board
The exam is under the supervision of an examination board. The examination board meets regularly to discuss the certification course requirements and approve the examinations. They discuss as needed to review and resolve any submitted certification appeals. The examination board consists of experts who have proven knowledge of and practical expertise in the field of data protection, one of whom will serve as chair.

Certificate validity
Data Protection issues continue to change and it is very important to keep yourself ahead and update your knowledge regularly. Therefore, the EIPA certificate is valid for a period of two years. In order to update your knowledge and maintain the validity of your certificate you will need to attend EIPA’s refresher course on data protection every two years. You will receive an updated certificate after taking part in this.

You can find our full Certification policy here:

Practical information

Online Course
For this online course we make use of Zoom or Webex

Programme Organiser
Ms Eveline Hermens
Tel.: + 31 43 3296259

EIPA offers a discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency.

Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Spain, Sweden.

For all other participants, the regular fee applies.

Prior payment is a condition for participation.

Cancellation policy
For administrative reasons you will be charged € 50 for cancellations received within 7 days before the activity begins. There is no charge for qualified substitute participants.

EIPA reserves the right to cancel the activity up to 1 week before the starting date. In that case, registration fees received will be fully reimbursed.

I have a question

Course > I have a Question

The programme

08.30 Access of participants to online platform (Amsterdam CET)
09.00 Introduction to the course

Florina Pop, Data Protection Expert, EIPA, Maastricht (NL

09.10 Data protection: the basics and the European legal framework
Graham Sutton, former Policy Adviser on data protection at the Home Office, London (UK)
09.50 Break
10.00 Roles and actors in the field of data protection
Reyes Otero Zapata, Data Protection Officer, Council of the European Union, Brussels (BE)
10.45 Break
11.00 Case studies and examples (interactive session)
Reyes Otero Zapata
11.30 Lunch break
12.30 Data subject rights
Dr Barbara Eggl, Data Protection Expert, Frankfurt (DE)
13.15 Case studies (interactive session)
13.45 Break
14.00 The role of the Data Protection Officer (DPO)
Diana Alonso Blas, Data Protection Officer and Head of Data Protection Service, Eurojust, The Hague (NL)
14.45 Workshop on the role of the DPO (interactive session)
Diana Alonso Blas, Barbara Eggl and Reyes Otero Zapata
15.30 End of first day
09.00 Access of participants to online platform (Amsterdam CET)
09.15 Supervising data protection compliance: The role of the data protection authorities.
Examples from EU institutions
Ute Kallenberger, Head of Inspections, European Data Protection Supervisor (EDPS), Brussels (BE)
10.15 Break
10.30 Supervising data protection compliance: The role of the data protection authorities.
Examples from the national level
Dr Nataša Pirc-Musar, former Data Protection commissioner in Slovenia and former Chair of Joint Supervisory Body of Europol (JSB), Ljubljana (SI)
11.30 Q&A
12.00 Lunch break
13.00 Information on the certification examination and Q&A (interactive session)
Fabrizio Rossi, Research Assistant, Public Management, EIPA, Maastricht (NL) & Graham Sutton
13.30 Data protection and data security: it’s all about the protection of information
Daniel Drewer, Data Protection Officer, Europol, The Hague (NL)
14.30 Break
14.45 Q&A
15.30 End of second day
09.00 Access of participants to online platform (Amsterdam CET)
09.15 Data protection audit: only nice to have or a must for DPOs?
Daniel Drewer
10.00 Break
10.15 Data breaches: accountability of the DPO as assurance provider
Daniel Drewer
11.15 Break
11.30 Q&A
12.00 Lunch break
13.00 Current cyber threat landscape
Muyiwa Olufon, Director, EMEA Information Security, Nike (NL)
14.00 Q&A
14.15 End of third day
09.00 Access of participants to online platform (Amsterdam CET)
09.15 Data protection impact assessment (DPIA)
Barbara Eggl
10.15 Break
10.30 Cross-border data transfers – options and solutions
Diana Alonso Blas
11.30 Break
11.45 Group exercise: cross-border data transfers in practice (interactive session)
Diana Alonso Blas
12.45 Lunch break
13.45 ePrivacy Directive
Rosa Barcelo, Partner, Squire Patton Boggs, Data Privacy and Cybersecurity, Brussels (BE)
14.45 Break
15.00 Recap of the essentials: preparation for the certification examination
(interactive session)
Florina Pop
16.00 End of fourth day
09.00 Access of participants to online platform (Amsterdam CET)
09.15 Optional preparatory workshop: preparing for the certification examination
Marta Moretti, Senior Counsel Europe and New Markets, BeiGene GmbH (CH) and Lawyer and Teaching Assistant at LUISS University, Rome (IT)
10.00 Break
10.15 Optional preparatory workshop: preparing for the certification examination (continuation)
Marta Moretti
10.45 Q&A
11.30 Break
13.00 Certification examination/Re-sit examination
15.30 End of the examination and of the course