Data Protection Officer (DPO) Training Bundle

The Data Protection Officer (DPO) Bundle Course runs over four consecutive days, being comprised of two independent courses (CIPP/E + CIPM), but when taken together, they form the best fit to prepare for the Data Protection Officer (DPO) position.

The training is seasoned with lots of different business scenarios as well as practical tools you can take for immediate use after training completion.

Each day, a number of useful tips will be given to help you with the exam afterwards.

New Horizons Bulgaria is an official Authorized Training Partner for the International Association of Privacy Professionals (IAPP), thus offering official training sessions, which include:

• Official courseware
• Authorized instructors (with actual professional experience)
• Examination vouchers (for both CIPP/E & CIPM Certifications)
• Sample Exam questions
• Complimentary 1st year IAPP Professional Membership

The IAPP welcomes professionals from around the world who are thriving in today’s information economy. It’s the only place that brings together the people and resources you need to succeed in a data-powered world.

Extended Network

You’ll gain access to a community of thousands of professionals—like yourself—who are finding inspiration and ideas, working smarter and putting privacy on the map.

Career Boost

You’ll benefit from a wealth of information designed to keep you ahead of the curve on emerging issues. Get certified to raise your professional profile even further.

Members Only Content

Get exclusive privacy-related content, expert analysis, legislative alerts and original reporting.

Resource Center

The Resource Center is a one-stop-shop for templates, forms, charts and checklists—it’s everything you could possibly need to make your job easier, organized in one easy-to-find place.

Local chapters

Meet other members in your area through your local KnowledgeNet Chapter. Meetings take place across the world. And best of all—they’re free for members.

Free web conferences

10+ free web conferences a year give you instant access to the latest and greatest in privacy—not to mention CPE credit! Plus, get discounted rates on hundreds of other live and on-demand programs

• Daily and weekly e-publications summarizing top privacy news
• Discounted rates on education products and programs, including study materials for our globally recognized certification programs and annual events
• The Privacy Advisor, the IAPP’s monthly members-only newsletter
• Professional networking opportunities, including free KnowledgeNet chapter meetings to keep you connected in your local community
• Privacy salary surveys that benchmark compensation trends, roles and functions among privacy departments
• Privacy job postings
• Access to members-only tools, research, articles and more in the IAPP’s online Resource Center
• The IAPP Membership Directory, an online tool that allows you to search for and network with other IAPP members
• Free web conferences
• Access to the Privacy Tracker blog
• Cooperative programs with other national and international organizations
• Advocacy for the privacy profession

Data Protection in Europe covers the essential pan-European and national data protection laws, as well as industry-standard best practices for corporate compliance with these laws. Those taking this course will gain an understanding of the European model for privacy enforcement, key privacy terminology and practical concepts concerning the protection of personal data and trans-border data flows.

The training is based on the body of knowledge for the IAPP’s ANSI accredited Certified Information Privacy Professional/Europe (CIPP/E) certification program.

What You'll Learn?

• Introduction to European Data Protection
• European Regulatory Institutions
• Legislative Framework
• Compliance with European Data Protection Law and Regulation
• International Data Transfers

Target audience:

• Data Protection Officers
• Data Protection Lawyers
• Records Managers
• Information Officers
• Compliance Officers
• Human Resource Officers
• Anyone who uses, processes and maintains personal data

Prerequisites: None

Course content / topics

Module 1: Data Protection Laws
Introduces key European data protection laws and regulatory bodies, describing the evolution toward a harmonised legislative framework.

Module 2: Personal Data
Defines and differentiates between types of data, including personal, anonymous, pseudo-anonymous and special categories.

Module 3: Controllers and Processors
Describes the roles and relationships of controllers and processors.

Module 4: Processing Personal Data
Defines data processing and GDPR processing principles, explains the application of the GDPR and outlines the legitimate bases for processing personal data.

Module 5: Information Provision
Explains controller obligations for providing information about data processing activities to data subjects and supervisory authorities.

Module 6: Data Subjects’ Rights
Describes data subjects’ rights, applications of rights and controller and processor obligations.

Module 7: Security of Processing
Discusses considerations and duties of controllers and processors for ensuring security of personal data and providing notification of data breaches.

Module 8: Accountability
Investigates accountability requirements, including data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer.

Module 9: International Data Transfers
Outlines options and obligations for transferring data outside the European Economic Area, including adequacy decisions and appropriate safeguards and derogations.

Module 10: Supervisions and Enforcement
Describes the role, powers and procedures of supervisory authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance.

Module 11: Compliance
Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, including employers processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing.

Implementing privacy in an organization: The “How” of privacy from a management perspective

Privacy Program Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organization through process and technology—regardless of jurisdiction or industry.

The Privacy Program Management training is based on the body of knowledge for the IAPP’s ANSI accredited Certified Information Privacy Manager (CIPM) certification program.

What You'll Learn?

• How to create a company vision
• How to structure the privacy team
• How to develop and implement a privacy program framework
• How to communicate to stakeholders
• How to measure performance
• The privacy program operational lifecycle

Target audience:

• Data Protection Officers
• Data Protection Managers
• Auditors
• Legal Compliance Officers
• Security Manager
• Information Managers
• Anyone involved with data protection processes and programs

Prerequisites: None

Course content / topics

Module 1: Introduction to privacy program management
Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management.

Module 2: Privacy governance
Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks.

Module 3: Applicable laws and regulations
Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy.

Module 4: Data assessments
Relates practical processes for creating and using data inventories/maps, gap analysis, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments.

Module 5: Policies
Describes common types of privacy-related policies, outlines components and offers strategies for implementation.

Module 6: Data subject rights
Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten.

Module 7: Training and awareness
Outlines strategies for developing and implementing privacy training and awareness programs.

Module 8: Protecting personal information
Examines a holistic approach to protecting personal information through privacy by design.

Module 9: Data breach incident plans
Provides guidance on planning for and responding to a data security incident or breach.

Module 10: Measuring, monitoring and auditing program performance
Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance.

The “how” of privacy and technology, and why you need it.

The CIPT is the first and only certification of its kind worldwide. It was launched by the IAPP in 2014 to meet the growing need that only tech pros can fill—securing data privacy at all stages of IT product and service lifecycles.

The IAPP’s certifications in privacy and data protection law and practice have plugged thousands of professionals into the information economy. Now technology pros like you can take privacy knowledge—and your career—to a higher level.

What You'll Learn?

• Critical privacy concepts and practices that impact IT
• Consumer privacy expectations and responsibility
• How to bake privacy into early stages of IT products and services for cost control, accuracy and speed-to-market
• How to establish privacy practices for data collection and transfer
• How to preempt privacy issues in the Internet of Things
• How to factor privacy into data classification and emerging tech such as cloud computing, facial recognition and surveillance
• How to communicate privacy issues with partners such as management, development, marketing and legal

Target students:

• Data Protection Officers
• IT Managers and Administrators
• Records Managers
• System Developers
• IT Security specialist
• Anyone who builds and develops IT systems

Prerequisites: None

Course Content

MODULE 1: Fundamentals of Information Privacy

• Unit 1: Common Principles and Approaches to Privacy. This unit includes a brief discussion of the modern history of privacy, an introduction to types of information, an overview of information risk management and a summary of modern privacy principles.
• Unit 2: Jurisdiction and Industries. This unit introduces the major privacy models employed around the globe and provides an overview of privacy and data protection regulation by jurisdictions and industry sectors.
• Unit 3: Information Security: Safeguarding Personal Information. This unit presents introductions to information security, including definitions, elements, standards and threats/ vulnerabilities, as well as introductions to information security management and governance, including frameworks, controls, cryptography and identity and access management (IAM).
• Unit 4: Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies. This unit examines the web as a platform, as well as privacy considerations for sensitive online information, including policies and notices, access, security, authentication and data collection. Additional topics include children’s online privacy, email, searches, online marketing and advertising, social media, online assurance, cloud computing and mobile devices.

MODULE 2: Privacy in Technology

• Unit 1: Understanding the Need for Privacy in the IT Environment. This unit highlights the impact that regulatory activities, security threats, advances in technology and the increasing proliferation of social networks have on IT departments.
• Unit 2: Core Privacy Concepts. This unit reveals how privacy compliance becomes more attainable through developing information lifecycle plans, data identification and classification systems and data flow diagrams.
• Unit 3: Regulations and Standards Impacting Privacy in IT. This unit introduces privacy laws, regulations and standards that can help IT professionals design better privacy programs and systems to handle personal information throughout the data lifecycle.
• Unit 4: Privacy in Systems and Applications. This unit develops an understanding of the risks inherent in the IT environment and how to address them.
• Unit 5: Online Privacy Issues. This unit presents information about online threats, threat prevention and the role of IT professionals in ensuring proper handling of user data.
• Unit 6: De-identifying and Anonymizing Personally Identifiable Information. This unit reveals the importance of personally identifiable information and methods for ensuring its protection.
• Unit 7: Cloud Computing. This unit evaluates privacy and security concerns associated with cloud services, and standards that exist to advise on their use.