Data Protection Compliance in the EU – 3-day Training

04/12/2017 - 06/12/2017
Location: Maastricht (NL)
Project number: 17115031


Data Protection Compliance in the EU – 3-day Training

From:  1.275,00

This is an advanced training course where you will further develop your professional skills necessary to be a top-performing data protection professional. Numerous practical examples, combined with a high level of interactivity, provide you with all you need to know about data protection compliance in theory and practice, as well as an insight into how to handle the myriad issues that arise in the workplace on a daily basis in such a challenging and quickly developing working area.

Registration for this course is closed. Do you want to receive updates about the next editions of this course? Please subscribe to our newsletter.

This course has been specifically designed to give professionals responsible for data protection issues within their organisations the key resources and practical information they need in their daily work. This is an advanced training course where you will further develop your professional skills necessary to be a top-performing data protection professional. Numerous practical examples, combined with a high level of interactivity, provide you with all you need to know about data protection compliance in theory and practice, as well as an insight into how to handle the myriad issues that arise in the workplace on a daily basis in such a challenging and quickly developing working area.

How will it help you?
By following this advanced training you will further develop the professional skills necessary to be a top-performing data protection professional. The programme has a practice-oriented focus, providing you with in-depth knowledge of the current issues relating to data protection compliance in theory and practice. The objective is to enable you to deepen your working knowledge of data protection and to qualify you as data protection specialists. You will all receive a certificate of attendance after completing the training course.

Who will most benefit?
This advanced course is designed for anyone whose work relates to the processing of personal data. It is aimed, in particular, at data protection officers working in the public sector, privacy officers, compliance officers, information officers, information security officers, ICT employees, record managers, lawyers, human resources officers, and any other data protection professionals.

Other options of this Data Protection Training and Certification Exam:

EIPA DPO Professional Certification & Examination

The certification is offered in cooperation with the network of DPOs and for the EPSO Competition for Administrators in the Field of Data Protection it is considered an asset by the European Union.

1. Individuals wishing to obtain EIPA’s professional certificate must:
a. Study the course materials.
b. Complete 2,5 days of face-to-face training (to be held in Maastricht in 4-6 December 2017).
c. Pass the examination Thursday 7 December 2017 (held in Maastricht twice every year).

The preparatory workshop will give participants ample opportunity to ask questions or discuss certain issues. The examination consists of a multiple-choice test and open questions covering a broad range of relevant knowledge and topics that are not, or only partially, dealt with in this advanced training course.

To pass the exam candidates must have basic knowledge and good understanding of data protection. To this end EIPA will provide access to the course materials after payment of the fee. Candidates must prepare for the exams in advance.

Topics covered in the examination:
Current EU legal framework including European Convention and OECD Guidelines Directive 95/46/EC and national legislation in practice; Regulation 45/2001 in practice; The existing regimes in the former third pillar area; Data protection principles and main concepts; Actors and roles; Data subject rights; Transfers of personal data, contractual clauses, BCRs, etc.; Case law on personal data protection from ECHR and CJEU; Data protection supervisory authorities; Access to documents and data protection; Big data, cloud computing, analytics, the internet of things; Data security; Cybersecurity; Privacy by design; Privacy impact assessment; Data protection audit.

2. Individuals who are already EIPA-certified and who already obtained their certificate can use this course to update their knowledge and maintain the validity of their certificate.
They do not need to pass the examination again; participation in the advanced course extends the validity of the certification with two years.

08.45 Registration of participants
09.00 Welcome: purpose and organisation of the seminar
Cristiana Turchetti, Project Leader, EIPA, Maastricht
09.15 Taking data protection into the 21st century: The current EU legal framework and the ongoing EU data protection reforms
This session will explain the current legal framework, the key changes of the proposed EU Data Protection reform package and the likely timescales for completion and implementation.
Irina Vasiliu, Data Protection Unit, DG Justice, European Commission, Brussels (BE)
10.45 Coffee break
11.15 Supervising data protection compliance: The role of data protection authorities
Verónica Perez Asinari, Head of Supervision and Enforcement, EDPS and
N.N., German Data Protection Authority (DPA)
12.30 Lunch at EIPA’s restaurant
14.00 Cross-border data transfers – options and solutions. How to ensure adequacy?
This presentation will be most useful to those who are new to ‘international transfers’.
Diana Alonso Blas, Data Protection Officer and Head of Data Protection Service, Eurojust
16.00 Coffee break
16.30 Case study on International Transfers
Diana Alonso Blas and Verónica Perez Asinari
18.00 End of first day
20.00 Dinner at a restaurant in Maastricht
09.00 Data Protection Audit
Auditing as part of the DPO’s assurance activities
Diana Alonso Blas and Daniel Drewer, Data Protection Officer, Head of Unit, Europol
10.30 Coffee break
11.00 Data controller/data processor relationship
There is frequently uncertainty about the roles and responsibilities of those processing personal data. It can often be a challenge to make the distinction between a data controller and a data processor.
Philippe Renaudière, Data Protection Officer at the European Commission, Data Protection Officer of the EU Council, Brussels (BE)
12.30 Lunch at Hotel Derlon
14.30 The jurisprudence of the ECHR and CJEU
The session will explain the key case law on personal data protection and the interaction with other fundamental rights including access to documents
Christopher Docksey, Hon. Director-General, EDPS
15.45 Coffee break
16.15 Reform of the e-privacy directive
The e-Privacy Directive complements the Data Protection Directive by, among others, setting-up specific rules concerning the processing of personal data in the electronic communication sector. In April 2016 the European Commission launched a Public Consultation on the Evaluation and Review of the e-Privacy Directive. The Consultation has been closed in July 2016 and the Summary report is now published. The session will present the main findings of the consultation and the major steps of the reform process.
Fenneke Buskermolen, Unit Digital Privacy and Data Protection, European Commission, Brussels
Session: Technical-Organisational Measures for the Protection of Personal Data
17.15 Data Protection Officers as assurance providers for data protection and data security compliance
Daniel Drewer
18.30 End of day two
09.00 Big data, cloud computing, analytics, the internet of things: privacy, regulatory & governance issues
Cloud computing, big data, analytics, and the internet of things are not just buzzwords but actual phenomena with both high potential for the European Union economy and strong personal data protection implications; they need to be accurately analysed and dealt with in a practical manner in order to strike the right balance between sometimes opposing interests. The speaker will elaborate on the personal data protection implications of such phenomena from a business law perspective.
Fernando Pocas da Silva, DPO of EU-LISA, Tallinn (EE)

Workshop: Data Protection and Data Security Compliance

Daniel Drewer and Brian Honan Director, BH Consulting, Dublin (IE)

11.00 Coffee break

Data breaches

Philippe Renaudière

Group exercises
12.15 Follow up of data breaches: Severity assessment of data breaches
Philippe Renaudière and Fernando Silva

Technical-organisational safeguards for the protection of personal data

Brian Honan

13.30 End of the seminar

Course venue
European Institute of Public Administration (EIPA)
O.L. Vrouweplein 22
6211 HE, Maastricht
the Netherlands

The fee includes documentation, access to the course materials, certificate of attendance, lunches, one dinner, and refreshments. Accommodation and travel costs are at the expense of the participants or their administration.


  1. EIPA offers participants who already hold the EIPA professional DPO certification a discounted fee of €1060, (additional 10% is not applicable).
  2. EIPA offers a 10% discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency.

Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Spain, Sweden, United Kingdom.

For all other participants, the regular fee applies.

Lunches and dinner will be served at a restaurant in town. Special dietary requirements (e.g. vegetarian, diabetic) can be indicated once you receive the confirmation of the seminar.

Hotel reservations
EIPA has special price arrangements with a number of hotels. All hotels are within 10 minutes walking distance from EIPA. Should you wish to make use of this possibility, please book directly via the links below. Payment is to be made directly and personally to the hotel upon checking out. At the time of booking, please mention in the requested field the EIPA project number for your course.

Confirmation of registration will be forwarded to participants on receipt of the completed registration form.

Prior payment is a condition for participation. Please indicate the method of payment on the registration form.

Cancellation policy
For administrative reasons you will be charged €150 for cancellations received within 15 days before the activity begins. There is no charge for qualified substitute participants. EIPA reserves the right to cancel the activity up to 2 weeks before the starting date. In that case, registration fees received will be fully reimbursed. EIPA accepts no responsibility for any costs incurred (travel, accommodation, etc.). The mention of a speaker’s name in the programme does not commit EIPA. In the event that an announced speaker does not appear, EIPA will do its utmost to find a suitable replacement.


There are no reviews yet.

Be the first to review “Data Protection Compliance in the EU – 3-day Training”

Your email address will not be published. Required fields are marked *