Events

Data Protection Officer course

Enabling you to manage privacy compliance effectively

Privacy is no longer just a compliance or security issue. It has become a strategic topic at boardroom level since significant changes to the European legislation were announced. In today’s business environment, increasing focus is being placed on privacy and (cyber) security compliance, governance and incident management. To be successful, companies need privacy professionals who are capable to manage privacy and security in a risk based and integrated manner.

What makes this course different?

  • A hands-on approach focused on privacy risk management
  • Not just theory but real-life scenarios and business-focused solutions
  • A holistic approach of the legal, governance and operational/technical aspects of the privacy challenge
  • Useful tools and takeaways: The “first 90 days as DPO” action plan, quick reference guide, etc.

Target audience

  • The nominated DPO, CISO CIO or CRO
  • Any privacy professional, seasoned or novice
  • Non-privacy professionals who have privacy as part of their responsibilities
  • A board member or business manager seeking to get in-depth privacy knowledge

Course design

The Data Protection Officer Course runs over four consecutive days and one follow-up session after + 90 days and is divided into 5 modules.

The course is fully hands-on with lots of different business scenarios as well as practical tools you can take home for immediate use on the job.

Each day, a number of useful tips will be given to help you with the exam afterwards.

About 90 days after the course, we organise a feedback session on the lessons learned and the status of your "first 90 days as DPO" action plan.

Module 1 - Privacy fundamentals

  • Getting to know each other's situation and background and establishing each participant’s main goals
  • Learning the ins and outs of the applicable privacy legal framework as well as the interaction with different supervisory authorities
  • Analysing the potential impact of data protection requirements on your organisation
  • Applying the legal theory in practice via a scenario-based, interactive approach

At the end of this module, you will understand what the main (current and upcoming) privacy and data protection obligations are, what the law requires and how it is being enforced and applied in practice. In addition you will have learned how these legal and compliance requirements have an impact on your professional environment.

Module 2 - Privacy in practice

  • How should a DPO (or any privacy professional) interact with the rest of your organisation
  • How to “up and down-sell” privacy in your organisation and not have privacy get “lost in translation”
  • How to understand and connect the dots between the technical/operational, the people/management as well as the compliance side of privacy and data protection (basic concepts of security / IT / Privacy ROI / employee monitoring etc.)
  • What you should know when you engage with your colleagues at IT, legal and compliance, IT security, sales & marketing, HR, and even the board

At the end of this module, you will have learned the relevant basis concepts to get to know how other departments such as security / IT / HR / Marketing etc. work and think in relation to the privacy risks/requirements.

You will have obtained useful insights and tools (eg how to set up a privacy compliant security policy) to apply directly in your job and how to better ”sell” privacy within your organisation.

Module 3 - Privacy Governance

  • How to set up a realistic and manageable risk based governance structure
  • How to choose and start implementing a suitable (auditable) privacy program methodology for your organisation
  • How to effectively set up and monitor privacy compliance using tools such as e.g. privacy impact assessment, data mapping analysis, establishing a effective accountability framework, prepare for a data privacy audit from a data protection authority (DPA) etc. 
  • Using scenarios, we will start from scratch to build up a framework that enables you, the DPO, to efficiently manage and achieve privacy compliance in a phased, structured, long-term manner

At the end of this module, you will know what the main components are of a risk based privacy management program.

We will have explained which actions in each phase of your program will enhance the effective data privacy information gathering as well as its compliance monitoring in practice. Finally, this module will have provided you with useful tips on how to ensure your program can stand (external or internal) audit scrutiny.

Module 4 - Privacy applied

  • How to establish a "first 90 days as DPO" action plan for your particular organisation
  • Group based and individual Q&A session to recap what has been learned
  • Practice oriented, multiple-choice certification exam

At the end of this module, you will have a clear, actionable 90 days data privacy roadmap adapted to your particular organisation and maturity level taking into account not only the compliance but also the security/operational as well as the people/management aspect of the data privacy challenge. The hands-on course and its final exam will provide you with a strong basis to take up your data privacy responsibilities within your organisation.

Module 5 - "90 days privacy action plan" follow-up session

About 90 days after the course, we will organise a feedback session to discuss how you brought the 90 day action plan into effect. We will discuss the success factors and the challenges and assist you in fine-tuning your program.

The day will end with a key note speech by a seasoned data privacy expert.

DPO Course: Continuous Professional Education

Deloitte's DPO course has been accredited as Continuous Professional Education (CPE) by the following institutions:

FSMA

Compliance Officers who are accredited by the Belgian financial regulator Financial Services and Marketing Authority are entitled to submit 40 CPE hours for attending the European Privacy Academy’s DPO course.

IAPP

The European Privacy Academy’s DPO course is pre-approved by the International Association for Privacy Professionals for a maximum of 12 CPE credits for the holders of CIPP/E and CIPM designations.

What our participants are saying

  • “Very interesting course with useful tips & tricks on introducing privacy awareness into your organisation”
  • “It exceeded my expectations”
  • “I will recommend this course to other people”

The two most important conclusions drawn out of the feedback received from our DPO course participants:

  • All attendees of the DPO course would likely or very likely recommend this course
  • The attendees to the most recent DPO course were privacy professionals active in various industry sectors in both international and local Belgian companies. The interactive approach of the course made it possible to cover the different challenges that all participants have to face and also provided the opportunity to learn from each other’s experiences. 

Upcoming DPO courses

Practical information

Price: € 2,490 (excl. 21% VAT) 
Course language: English

Venue
European Privacy Academy
Dolce La Hulpe
Chaussée de Bruxelles 135
B-1310 La Hulpe
Belgium

November 2017 module

Session breakdown

  • Module 1 - 4: 13 - 16 November 2017
  • Module 5: 5 February 2018

November 2017 course

Register here

May 2018 module

Session breakdown

  • Module 1 - 4: 7 - 10 May 2018
  • Module 5: 17 September 2018

May 2018 course

Register here

More information

Other Data privacy courses offered by Deloitte include several department-specific courses.

For more information regarding any of the data privacy services and course offered by Deloitte, please contact:

Maarten Stassen

Senior manager, +32 2 800 29 11, email: mstassen@deloitte.com

Erik Luysterborg

Partner, +32 2 800 23 36, email: eluysterborg@deloitte.com

Get in Touch

Erik Luysterborg

Erik Luysterborg

Partner, Risk Advisory

Erik leads the Security & Privacy group as well as the European Data Protection & Privacy service line. He deals with security and privacy issues related to both traditional (out) sourcing as well as ... More