Obtain all the competences and knowledge necessary to lead all the processes for implementing and complying with the requirements of the General Data Protection Regulation (GDPR) in an organization.

This four-day intensive course enables participants to develop the necessary expertise to demonstrate their knowledge, skills and competence, for implementing, managing and aligning a privacy framework based on General Data Protection Regulation requirements.

Participants will be able to understand the gap between the General Data Protection Regulation and the current organizational processes including, privacy policies, procedures, working instructions, consent forms, data protection impact assessments, etc. in order to associate organizations in the adoption process to the new regulation which will help them be accountable in front of a possible inspection.

  • Project managers or consultants wanting to prepare and to support an organization in the implementation of the new procedures and adoption of the new requisites presented in the GDPR which will come into force by the 25th May 2018;
  • Auditors who wish to fully understand the GDPR implementation process;
  • Data Protection Officers and Senior Managers responsible for the personal data protection of an enterprise and the management of its risks;
  • Members of an information security team;
  • Members of a lawyer firm;
  • Expert advisors in personal data protection and information security;
  • Technical experts and compliance experts wanting to prepare for a Data Protection Officer job.
  • To understand the history of personal data protection in Europe;
  • To gain a comprehensive understanding of the concepts, approaches, methods and techniques required for the effective alignment with the General Data Protection Regulation;
  • To understand the new requirements that the General Data Protection Regulation brings for EU organizations and non-EU organizations and when it is necessary to implement them;
  • To acquire the necessary expertise to support an organization in assessing on the implementation of this new requirements;
  • To acquire the necessary expertise to manage a team implementing the GDPR;
  • To develop the knowledge and skills required to advise organizations on best practices in the management of personal data;
  • To improve the capacity for analysis and decision making in the context of personal data protection.
  • Day 1:
    • Privacy Foundations:
      • Introduction to personal data protection;
      • Presentation of the General Data Protection Regulation;
      • Fundamental concepts included in the GDPR;
      • Explaining definitions under the General Data Protection Regulation;
      • Exercise.
    • European Framework:
      • Presentation of the history of personal data protection in the EU;
      • European Institutions related with personal data protection (EDPS, EDPB, WP29, DPAs);
      • Fundamental Principals presented in the GDPR and its implications;
      • Explaining the rights of the data subjects and how to give attendance to them;
      • Detailing the responsibilities, necessities, obligations and need of a Data Protection Officer;
      • Explaining the obligations and responsibilities of the controller and processor;
      • Personal data protection documents and accountability (Code of conduct, privacy policies, consent form, etc.);
      • Analyzing the possible sanctions that organizations could face under the GDPR;
      • Practical case on a consent form.
  • Day 2:
    • International Framework :
      • Introduction of the internet governance;
      • Look into the UN resolutions involving personal data protection;
      • Safe international transfer of personal data to non EU states;
      • Green lists: Countries with an adequate level of personal data protection;
      • Binding Corporate Rules;
      • International agreements: PNR’s (Australia, Canada, US), Privacy Shield;
      • Explicit consent for international transfer; when do you need it?;
      • Personal data protection in USA, Canada, South America;
      • Exercise.
    • Data protection and information technologies:
      • Fundamentals in information security risk management;
      • Analysing fundamental principles of confidentiality and Integrity (and Availability);
      • Implication of the GDPR for access policies;
      • GDPR security measures (pseudonymization and cryptography);
      • Exercise.
  • Day 3:
    • Privacy and Security:
      • Understanding the implication of technology in personal data protection;
      • Big data: systematic and automated profiling;
      • Big data and the GDPR;
      • Internet of things: Devices that gather (non-stop) personal data and the alignment with the GDPR;
      • Presentation of the new era with quantum computing;
      • Exercise.
    • Management and Incident Response:
      • Understanding what is a personal data breach;
      • Explaining how to react under a personal data breach;
      • Introducing different types of incidents;
      • Necessity of a continuity plan and policies for accountability;
      • Exercise.
  • Day 4:
    • Data Protection Impact Assessment:
      • Understanding what is Data Protection Impact Assessment according to the GDPR;
      • Answering on why, when and how should a DPO assess in the process of carrying out a DPIA;
      • Explaining in detail the steps to follow in a DPIA;
      • Introducing and explaining the Personal Data Life Cycle;
      • Exercise on the relation of the Personal Data Life Cycle and the Fundamental Principles under the GDPR;
      • Practical case scenario on conducting a DPIA;
      • Certification Exam.
  • Knowledge on general data protection regulation is preferred.

This training is based on both theory and practice:

  • Sessions of lectures illustrated with examples based on real cases;
  • Practical exercises based on a full case study;
  • Review exercises to assist the exam preparation;
  • Practice test similar to the certification exam;
  • Examination and Certification.
  • Duration: 3 hours
  • The “PECB Certified Data Protection Officer” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
    • Domain 1: Data Protection Concepts and Rights of the Data Subject
    • Domain 2: Data controllers, processors and the DPO
    • Domain 3: Data Protection Impact Assessment and Privacy Impact Assessment
    • Domain 4: Data Protection Measures and Approaches
    • Domain 5: Remedies, Liabilities and Penalties
    • Domain 6: Transfer of Personal Data to Third Parties
  • For more information about exam details, please visit Examination Rules and Policies .
  • Certification fees are included on the exam price
  • In case of exam failure, you can retake the exam within 12 months for free

Winning Rate:

77.77%

Testimonials about the trainer

The Next 3 Courses

  • 11
    Dec
    GDPR

    Dates : 11-Dec - 14.Dec.2017

    Location : Lausanne – Switzerland

    Languages : English

    Status : Confirmed

    Details
  • 08
    Jan
    GDPR

    Dates : 08-Jan - 12.Jan.2018

    Location : Paris – France

    Languages : English

    Status : Scheduled

    Details
  • 05
    Feb
    GDPR

    Dates : 05-Feb - 09.Feb.2018

    Location : Lausanne – Switzerland

    Languages : English

    Status : Scheduled

    Details
  • 26
    Feb
    GDPR

    Dates : 26-Feb - 02.Mar.2018

    Location : Brussels - Belgium

    Languages : English

    Status : Scheduled

    Details
  • 19
    Mar
    GDPR

    Dates : 19-Mar - 23.Mar.2018

    Location : Paris – France

    Languages : English

    Status : Scheduled

    Details
  • 09
    Apr
    GDPR

    Dates : 09-Apr - 13.Apr.2018

    Location : Lausanne – Switzerland

    Languages : English

    Status : Scheduled

    Details
  • 23
    Apr
    GDPR

    Dates : 23-Apr - 27.Apr.2018

    Location : Paris – France

    Languages : English

    Status : Scheduled

    Details
  • 04
    Jun
    GDPR

    Dates : 04-Jun - 08.Jun.2018

    Location : Lausanne – Switzerland

    Languages : English

    Status : Scheduled

    Details
  • 18
    Jun
    GDPR

    Dates : 18-Jun - 22.Jun.2018

    Location : Paris – France

    Languages : English

    Status : Scheduled

    Details