The data protection officer (DPO) is a key element of accountability as required by the General Data Protection Regulation (GDPR),which has been applicable since 25 May 2018. The designation of a DPO is mandatory for public authorities and other organisations if their core activities require regular and systematic monitoring of data subjects on a large scale or consist of processing on a large scale of special categories of data.

As DPO, you are expected to:

• Inform and advise controllers/processors and employees
• Monitor compliance with the data protection law and internal rules and regulations regarding data protection
• Provide advice on data protection impact assessment
• Cooperate with supervisory authorities.

This course is designed to help you to refresh and update your data protection knowledge. Concrete examples, role playing, peer-to-peer discussions as well as relevant and realistic case studies will help you to refine your expertise and deepen your understanding of your duties and responsibilities. You will be able to benefit from the knowledge and the practical experience of the trainers to support the performance of your daily tasks, make it easier to deal with challenging and complex issues in a structured manner and take decisions in a pragmatic, but still compliant manner.

You will learn:

• How to deal with controllers’ expectations and manage diverging objectives in the business environment (stake holder management)
• How to ensure data protection by design and by default in a fast changing digital and legal environment
• How to assess data protection compliance and how it is interlinked with IT security
• Risk analysis & management
• How to assess issues related to personal data transfers
• What actions to take in case of personal data breaches
• How to implement controls.

Course methodology and highlights:

We believe that practical know-how is the key to effective learning. This course therefore includes:

• Individual preparation for the course: you are invited to bring along any information about the mission, vision, values and data protection (GDPR) framework and governance within your organisation for case study;
• Group and individual assignments;
• Practical exercises on DPO roles and responsibilities;
• Interactive approach: the module’s structure will give you the opportunity to ask questions and share and discuss experiences, knowledge, needs and challenges with the trainers and other participants;
• Room for note taking on what you learn, so that you can apply it to your own situation.

Why EIPA?

• Relevance: EIPA has direct insight into the workings of the European Union;
• Never alone: you will be part of a growing network of colleagues and professionals throughout Europe;
• Quality assurance: all our courses have the EIPA Quality Seal. Upon successful completion, you will go home with an EIPA Data Protection Centre Certificate.

By the end of the course, you will be able to:

• Facilitate the development of an effective data protection strategy & plan
• Draft specific policies & procedures
• Manage data breaches
• Ensure data-protection compliant transfers of personal data
• Define the pragmatic approaches to ensure GDPR compliance within your organisation
• Support your organisation in identifying gaps to be addressed in view of GDPR compliance
• Advise your organisation how to manage personal data
• Support a data protection communication & training plan
• Develop your professional international network in the field of data protection.

Who this course is for

• DPOs and managers exposed to questions related to data protection and the management of the related risks, plans and solutions
• Data protection experts and advisors
• Certified DPOs
• Anyone in the public or private sector who is responsible for their organisation’s compliance with the GDPR.

I have a question