Registration for this course is closed. Do you want to receive updates about the next editions of this course? Please subscribe to our newsletter.
About this online course
The data protection officer (DPO) is a key element of accountability as required by the General Data Protection Regulation (GDPR),which has been applicable since 25 May 2018. The designation of a DPO is mandatory for public authorities and other organisations if their core activities require regular and systematic monitoring of data subjects on a large scale or consist of processing on a large scale of special categories of data.
As DPO, you are expected to:
- Inform and advise controllers/processors and employees
- Monitor compliance with the data protection law and internal rules and regulations regarding data protection
- Provide advice on data protection impact assessment
- Cooperate with supervisory authorities.
This course is designed to help you to refresh and update your data protection knowledge. Concrete examples, role playing, peer-to-peer discussions as well as relevant and realistic case studies will help you to refine your expertise and deepen your understanding of your duties and responsibilities. You will be able to benefit from the knowledge and the practical experience of the trainers to support the performance of your daily tasks, make it easier to deal with challenging and complex issues in a structured manner and take decisions in a pragmatic, but still compliant manner.
You will learn:
- How to deal with controllers’ expectations and manage diverging objectives in the business environment (stake holder management)
- How to ensure data protection by design and by default in a fast changing digital and legal environment
- How to assess data protection compliance and how it is interlinked with IT security
- Risk analysis & management
- How to assess issues related to personal data transfers
- What actions to take in case of personal data breaches
- How to implement controls.
Course methodology and highlights:
We believe that practical know-how is the key to effective learning. This course therefore includes:
- Individual preparation for the course: you are invited to bring along any information about the mission, vision, values and data protection (GDPR) framework and governance within your organisation for case study;
- Group and individual assignments;
- Practical exercises on DPO roles and responsibilities;
- Interactive approach: the module’s structure will give you the opportunity to ask questions and share and discuss experiences, knowledge, needs and challenges with the trainers and other participants;
- Room for note taking on what you learn, so that you can apply it to your own situation.
Why EIPA?
- Relevance: EIPA has direct insight into the workings of the European Union;
- Never alone: you will be part of a growing network of colleagues and professionals throughout Europe;
- Quality assurance: all our courses have the EIPA Quality Seal. Upon successful completion, you will go home with an EIPA Data Protection Centre Certificate.
How will it help you?
By the end of the course, you will be able to:
- Facilitate the development of an effective data protection strategy & plan
- Draft specific policies & procedures
- Manage data breaches
- Ensure data-protection compliant transfers of personal data
- Define the pragmatic approaches to ensure GDPR compliance within your organisation
- Support your organisation in identifying gaps to be addressed in view of GDPR compliance
- Advise your organisation how to manage personal data
- Support a data protection communication & training plan
- Develop your professional international network in the field of data protection.
Who this course is for
- DPOs and managers exposed to questions related to data protection and the management of the related risks, plans and solutions
- Data protection experts and advisors
- Certified DPOs
- Anyone in the public or private sector who is responsible for their organisation’s compliance with the GDPR.

Fernando Poças da Silva
Practical information
Online Course
For this online course we make use of WebEx
Programme Organiser
Ms Eveline Hermens
Tel.: + 31 43 3296259
e.hermens@eipa.eu
Discounts
EIPA offers a 10% discount to all civil servants working for one of EIPA’s supporting countries, and civil servants working for an EU institution, body or agency.
Who are the supporting countries?
Civil servants coming from the following EIPA supporting countries are entitled to get the reduced fee: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Spain, Sweden.
For all other participants, the regular fee applies.
Payment
Prior payment is a condition for participation.
Cancellation policy
For administrative reasons you will be charged € 50 for cancellations received within 7 days before the activity begins. There is no charge for qualified substitute participants.
EIPA reserves the right to cancel the activity up to 1 week before the starting date. In that case, registration fees received will be fully reimbursed.
I have a question
The programme
08.50 | Access of participants to online platform (Amsterdam CET) Join WebEx Meeting |
09.15 | Welcome; objectives of the course Rita Beuter, Senior Expert, EIPA, Maastricht (NL) |
09.30 | Opportunities and challenges EU data protection landscape – GDPR and EU DPR Dr Barbara Eggl, Data Protection Expert, former DPO European Central Bank, Frankfurt (DE) |
10.15 | Break |
10.30 | How to ensure security of personal data processing An overview of the threats posed to personal data and how to protect against Fernando Poças da Silva, Banco de Portugal, DP Cabinet, Lisbon (PT) |
11.15 | Q&A |
11.30 | Break |
11.45 | Risk Management Tools and methodologies used to conduct risk assessments and risk management Fernando Poças da Silva |
12.30 | Data Protection Impact Assessment: practical approach Barbara Eggl |
13.00 | Assignment: conducting a data protection impact assessment |
13.30 | End of the day |
08.50 | Access of participants to online platform (Amsterdam CET) Join WebEx Meeting |
09.15 | Data Protection Safeguards Technical safeguards for digital and physical data Fernando Poças da Silva |
10.00 | Assignment: identify data protection safeguards for a particular use case |
10.20 | Controller – joint controller – processor Barbara Eggl |
11.00 | Break |
11.15 | Data Breach Management: how to respond to a data breach Barbara Eggl and Fernando Poças da Silva |
12.15 | Break |
12.30 | Examples and Q&A |
13.15 | End of the day |
08.50 | Access of participants to online platform (Amsterdam CET) Join WebEx Meeting |
09.15 | Data Breach Management: how to respond to a data breach (continued) |
Assignment: identify data protection safeguards for a particular use case | |
09.45 | Respond to Data Subject’s Rights: practical approaches Barbara Eggl |
10.45 | Break |
11.00 | Transfers of personal data – new challenges Barbara Eggl |
12.00 | Break |
12.15 | Recent Jurisprudence of the ECtHR and the CJEU Christopher Docksey, Hon. Director General, EDPS, Brussels (BE) |
12.50 | Q&A |
13.00 | Break |
13.15 | Recent Jurisprudence of the ECtHR and the CJEU (continued) |
13.45 | Q&A |
14.15 | Conclusions and end of the Refresher and Advanced course |
What people say
“The quality of the refresher course has tremendously improved over the last two years. Congrats to all the participants!”
Tracol
“High-quality courses given by an enthusiastic and very professional team of teachers. It was really a nice training.”
Triby
“A very useful and timely training. Well organised. Having the material electronically is a good step forward. A good mix of speakers from public and private sector. The training would benefit from having more speakers from the private sector. Thank you.”
DPO participant
“Very well organised and pertinent to the subject”
Oreste Cassar
“A valuable insight into a most topical issue.”
Miguel
“The quality of the refresher course was high and the addressed topics relevant and useful for DPO's daily work. Congratulations to EIPA and the training staff.”
João Leitão Figueiredo
“Despite the remote course, enthusiastic training staff with interesting topics.”
DPO participant
“Excellent presentations and real-case insights on the challenges faced by DPOs and how to handle them”
Pierre Langlois