EUGDPR Institute Methodology
  • Holistic approach: Legal + IT + change management

  • Based on real business scenarios, discussion cases and practical experiences

  • provide tools, templates and other giveaways

  • Quality learning and networking time


GDPR Roadmap
  • Introduction to privacy and data protection
  • The "GDPR Institute Roadmap": practicalities, steps and tips for setting and implementing the GDPR project governance
  • GDPR legal basics: cases and examples, principles, penalties, responsibilities of data processor and controller, privacy by design and default
  • Privacy program: risk-based approach, design and build, privacy in HR, marketing, IT, legal and procurement departments
  • Transfers of personal data: to third countries, third parties and the cloud, binding corporate rules, standard contractual clauses; bid data and analytics, options and solutions
  • Standard and customised privacy controls: good practices, avoiding sources of risks, protecting information assets, encrypting and anonymising, reducing soft and hardware vulnerabilities, evaluating privacy solutions and tools
  • Privacy control accountability framework

Practical hands-on GDPR solutions

GDPR in Practice
  • Data protection impact assessment, the DPIA "GDPR Institute Roadmap", need, timing, process, internal/external consultation, flows, standard risks, approvals and communication
  • Codes of conduct and certification mechanisms
  • Data privacy audits and monitoring: e-discovery, data audits, activity tracking
  • Privacy awareness training: examples of initiatives
  • Data subjects’ rights in practice: dealing with requests and complaints
  • Incidence response: contingency plan for a data breach: responding to investigations
  • Scenario based-case for a data breach


The Data Protection Officer
  • Role, functions, skillsets, requirements, tasks, position, resources
  • Designation of the Data Protection Officer: mandated and voluntary DPO's, independence, conflicts of interests, liability, etc.
  • Relationship with the board, IT, HR and other departments: communication

Demonstrate and document compliance with the GDPR (article by article)
  • Detailed list of standard documents and examples to prove GDRP compliance, including for certifications

An On-line certification is conducted after the course
  • Exam 50 questions (multiple choice)


The EUGDPR Institute professional Certification, Training & Examination

The DPO certification is offered to all participants interested in getting structured, hands-on guidance based on our global training experience since 2016. Consultants, CxO, DPO, managers and administrators in the field of GDPR, Data Privacy and Protection. Individuals wishing to obtain The EUGDPR Institute professional certificate is a must. Individuals wishing to obtain The EUGDPR Institute professional certificate must;
  • Study the pre-reading course materials provided when registration is accepted.
  • Complete days of (online) class room training and certification
  • Register for the three certifications including workshops and cases.

The GDPR Foundation, DPO, Practitioner, Professional and Director seminars will give participants the opportunity to get complete guidance, ask questions and group discussion on key GDPR issues. The examination consists of a multiple-choice test covering a broad range of relevant GDPR knowledge and topics that are dealt with, in these advanced GDPR training courses.
To pass the exam participants must have basic GDPR knowledge and a good understanding of data privacy and protection mandates and issues. We will provide you with the necessary course materials. Candidates must be prepared to read the curriculum for the exam in advance. The validity of the certification is two years

Key topics covered in the training and examination

Current EU legal framework including the GDPR Directive and national legislation in practice; Data protection principles and central concepts; Actors and roles and responsibilities to address the accountability component; Data subject rights; Transfers of personal data, contractual clauses, Access to documents and data protection; Binding Corporate Rules, etc.; Case law on personal data protection; Data protection supervisory authorities; Big data, cloud computing, analytics, the internet of things; Data security; Cybersecurity; Privacy by design; Privacy impact assessment; Data protection audit.

Taking data protection regime into the 21st century and the role and responsibility of the DPO
The GDPR roadmap and framework. The need for a data protection officer can be useful instruments to implement the fundamental changes many organisations need to streamline their IT and data processes and get full control over their IT platforms and databases. The role of the DPO is vital to facilitate;
  • Adherence by all parties concerned to an approved code of conduct to achieve GDPR compliance
  • Demonstrate compliance with the obligations of all stakeholders incl. the Data Controller and allow data subjects to evaluate the level of data protection of products and services
  • Implement controls for the exchange of information by electronic means between stakeholders (controllers, processors and supervisory authorities) for binding corporate rules; mutual assistance
  • Enhance transparency and compliance with GDPR regulation to ensure adequate standards of protection to and by a third party, country or territory or a specified sector within standard GDPR protection clauses; formats and procedures

The DPO training and certification seminar will take a deep dive into the following (global) GDPR issues;

The data controller/data processor relationship will address the ramifications of the controller/processor relationship and how GDPR will change the way companies operate at a global level as it is a Global Golden Standard. Issues and the challenges to make the distinction between a data controller and a data processor;
  • Supervising data protection compliance: What is the role of data protection authorities
  • Cross-border data transfers – options & solutions. Ensure adequacy in international data transfers.
  • A case study and workshop on Privacy by design and privacy by default to explaining the concept of privacy by design and the data privacy impact assessment.
  • How to proactively embed privacy into the design to processes, information technologies, communication networks, and the related governance/operational performance.
  • Security issues/interoperability: What are the implications to provide data portability
  • Cybercrime is aggressive and hostile to GDPR and is increasing exponentially and threatening European citizens, businesses, and public administration bodies.
  • Big data, cloud computing, analytics, the internet of things: privacy, regulatory & governance issues will be analysed to strike the right balance between sometimes opposing interests.