An fiscal


Data Protection by Design and by Default 


Confused by General Data Protection Regulation (GDPR) Article 25 Data Protection by Design and Default? Unsure where to start?

This workshop will guide you through a process-oriented methodology to meet the requirements of Data Protection by Design and Default.

General information

There will be four segments of the workshop:
1. Building a Model: Actors and Violations

In this session, participants will be introduced to the privacy by design concept and then learn how to identify individuals at risk, threat actors and potential privacy violations. Participants will work through an interactive example to explore building a privacy model from scratch.

2. Controls: Architecture, Strategies and Tactics

This session will examine the available controls to mitigate the risks from privacy violations. Participants will first look at system architecture and it's role in creating privacy friendly processes. Next will be a systematic walk through of strategies and tactics than can be used.

3. Analyzing Privacy Risks

Participants will discuss the consequences to individuals of privacy violations. This will be used to help build a privacy risk model based on FAIR, the Factors Analysis on Information Risk.

4. The Design Process

In this session, all the elements will come together in a cohesive process to architect a privacy friendly system, secure data, supervise the use of data and balance individual interests against organizational activities. Participants will have the opportunity to apply the design process to real world examples.


What you’ll learn?

  • Developing a privacy model of your process, system, solution or service
  • Identifying threat actors and individuals
  • Understanding the variety of privacy violations
  • Using architectural and strategic controls to mitigate privacy violations
  • Using the privacy model to identify risks of privacy violations
  • A process oriented approach to design to facilitate risk mitigation

In addition to learning the material, participants will be walked through several examples and exercises throughout the course.

Practical information

“Data Protection by Design and by Default” - Workshop

Price (VAT Excluded): 595 EUR / delegate


  • August 3, 2018, Bucharest – English delivery


* Discounts apply for groups of more than 3 participants from the same company.

** The dates are subject to change if the minimum number of participants is not met.


Robert Jason Cronk (CIPT Instructor) – Privacy Engineering Consultant, Enterprivacy Consulting Group.

With more than fifteen years of experience in the Information Technology industry and as a licensed attorney in Florida, Robert Jason Cronk is a privacy engineering consultant with Enterprivacy Consulting Group, a privacy consulting firm, where his current focus is on helping companies overcome the socio-technical challenges of privacy through privacy engineering and Privacy by Design. He is a CIPP/US, CIPM, CIPT, FIP, a Privacy by Design ambassador, a licensed attorney in Florida, an author, blogger, speaker and passionate advocate for understanding privacy. His unique background includes a combination of entrepreneurial ventures, work in small and large businesses, strong information technology experience and legal training.

Prior to Enterprivacy Consulting Group, Cronk worked in the information security department of Verizon as a technical consultant. He is also a serial entrepreneur and has co-founded three companies across the diverse industries of online entertainment, construction and music. He earned his JD, with honors, from Florida State University and his Bachelors in Mathematics and a Certificate of Information Systems Management from the University of Rochester.


For more information regarding our courses, please feel free to get in touch with us.

George Daniliuc – Knowledge Manager, Deloitte Academy

Mobil: +40 723 349 221


Subscribe here to be notified about Deloitte Romania events and publications of your choice.