Privacy & Data Protection Practitioner course

Register nowBook as incompany

What will you learn?

  • 9Practice DPO tasks with realistic hands-on assignments like Policymaking, Data Protection Impact Assessment, incorporating data protection requirements
  • 9Practical considerations in design and implementation like supporting technology including tools, privacy enhancing technologies, security by design
  • 9Data required for reporting supporting good governance and decision-making, define and implement a basic 3rd-party assurance process


  • 5 course days
  • 20 hours of self study
  • €3.450,- excluding VAT

Your trainers

Bart Baars
Translate privacy legislation into
business solutions

About Bart

Bart is a seasoned information security professional and privacy expert, with 15 years of experience spanning the Government, Finance, Energy and Telecom sectors. Bart currently works as a privacy officer at TenneT, a leading European electricity transmission system operator (TSO). When not consulting or training, you’ll likely find Bart on higher grounds. As an enthusiastic mountaineer, Bart aims to be the first dutchman to climb the 7-Summits in 7 Years.

About the Privacy & Data Protection Practitioner course

This training prepares you for a successful progression into the role of Data Protection Officer. You will learn how to build a GDPR-compliant data protection program by embedding data protection in your organization’s strategic, tactical- and operational management. You will practice DPO tasks with realistic hands-on assignments in the areas of Policymaking, Impact – and Risk Assessments and incorporating data protection requirements. The course evaluates practical considerations in design and implementation, from technology and tools supporting data protection, privacy enhancing technologies, and security by design. You’ll learn about what data is required to support good governance and decision-making and how to translate the concept of management systems to a Data Protection Management System (DPMS). Lastly you will prepare yourself for an (external) compliance audit, and define and implement a basic 3rd-party assurance process


Who should attend?

This training is ideal if you’re pursuing a career and / or certification as a Data Protection Officer, GDPR-consultant, privacy consultant or compliance officer; if you’re an IT or information security professional and you wish to specialize in a privacy-related area of security; or if you’re an active DPO looking to structure your knowledge and gain more practice. Basic knowledge of privacy and / or data protection is expected. If you do not yet have this, we recommend that you first take the Privacy & Data Protection Foundation entry-level course prior to this course. When in doubt, feel free to contact us.


Classroom training or Online Live?

  • Classroom Training: You’re our guest and threated as such

When you take our Classroom Training you are our guest, and that’s how we’ll threat you! You’ll train in an inspiring training environment handpicked based on the highest quality standards. All trainings include a delicious lunch, when you register to your training you can indicate any dietary requirements that we should consider.

  • Online Live Training: Prepare, train and certify from the comfort of your home or work

For those of you preferring an online experience, we offer Online Live Training through the SECO – Institute Online Learning Platform based on BigBlueButton, a secure platform specifically designed for Online Training that requires collaboration and (hands on) exercises. Course materials are delivered via a designated Student Portal prior to your training. For the SECO – Institute trainings, the examination is also conducted online via a certified Proctor. Everything you need to prepare, train and certify from the comfort of your home or work.

* Our classroom trainings are delivered in Dutch or English, depending on the composition of the student group
* Our Online Live Trainings are delivered either in Dutch or in English. Make sure that you register for the right class!

The following is included:

  • The SECO-Institute course material
  • Practice exam
  • The online SECO Institute Privacy & Data Protection Practitioner exam
  • “S- PDPP” digital badge when you pass the exam
  • A delicious lunch

Course modules

Module 1 – Strategic Considerations

  • Translate the goals and needs of the organisation into a vision on handling personal data
  • Transform this vision into an effective implementation strategy
  • Define data protection principles and develop a data protection policy to support and govern the execution of the strategy
  • Understand the importance of creating a data inventory and the principles guiding the creation of such an inventory
  • Understand the (possible) need for a published privacy notice and the implications thereof

Module 2 – Impact and Risk Assessment

  • The concepts of a DPIA
  • Perform a (basic) DPIA
  • Concepts of risk management and risk assessment
  • Identify threats to data protection and effective measures to mitigate the resulting risks
  • Perform a (basic) risk analysis related to data protection
  • Define data protection requirements based on policy and the outcome of the DPIA for business processes, the internal organisation, and the technology used by the organisation

Module 3 – Operations

  • Understand the impact of data protection on regular operations
  • Specific requirements of laws and regulations (in this case the GDPR in particular)
  • Incorporating data protection requirements in new and existing procedures in a pragmatic but effective manner
  • What is required and/or allowed when it comes to upholding policies, laws and regulations in an organisation

Module 4 – Design and Implementation

  • Technological tools available to support data protection
  • Implement PET (Privacy Enhancing Technologies) and, in particular, cryptography
  • Concepts of privacy by design/default
  • Translate privacy by design/default to practical policies and procedures
  • Demonstrate knowledge of instilling and enhancing awareness and campaigns in an organization
  • Define generic data protection requirements for projects

Module 5 – Governance

  • Required data for reporting that supports good governance and decision-making
  • Translate the concept of management systems to a Data Protection Management System (DPMS)
  • Prepare for an (external) audit on compliance to the GDPR
  • Define and implement a basic 3rd-party assurance process

About the Exam

The Data Protection Practitioner course is the second level of the SECO-Institute Data Protection Certification Track. The exam is included in your training fee but governed and carried out by the SECO – Institute. Upon successful completion, you will receive the S-DPF certification title and a digital badge.

Exam information

  • Exam language: English, but you are allowed to answer open questions and cases in Dutch
  • Type of exam: online exam (exam voucher included in the training fee)
  • Type of questions: 10 multiple choice, 5 open questions, one case
  • Exam time: 120 minutes

About the certificate

he Privacy & Data Protection Practitioner certification exam covers a set of high-level data protection competencies that are essential for DPOs as well as any professional who seeks a career in privacy & data protection. In particular, an S-PDPP certificate attests to your ability to:

  • Translate corporate goals and needs into a vision on handling personal data and build enterprise-wide commitment to data protection;
  • Draft and implement a strategic data protection policy in line with the GDPR’s data protection principles;
  • Draft a GDPR-compliant privacy notice;
  • Create data inventories and data flow maps;
  • Perform a Data Protection Impact Assessment and identify appropriate organisational and technical measures to reduce data protection risks;
  • Incorporate data protection into business processes and projects;
  • Establish procedures for receiving and managing data subject requests and complaints;
  • Identify elements to include in a data processing agreement;
  • Implement a process for managing data processing agreements;
  • Document data breaches and draft a data breach procedure;
  • Create and maintain processing registers;
  • Translate ‘privacy by design and by default’ principles into policies and procedures;
  • Design a privacy awareness program;
  • Ensure compliance with the accountability principle through the use of monitoring tools and effective documentation;
  • Monitor the maturity of a data protection program and identify compliance gaps;
  • Design data protection reports that support good governance and decision- making;
  • Prepare for GDPR compliance audits and investigations by the supervisory authority.

What are the benefits of an S-DPP certificate?

n S-PDPP certificate enables you to demonstrate the knowledge and skills employers look for in Data Protection Officers and privacy professionals. With data protection jobs on the rise and a severe shortage of data protection specialists worldwide, earning an S-PDPP title is a unique opportunity to launch and enjoy a rewarding career in a constantly expanding field.

Privacy & data protection careers: The GDPR has created a persistent demand for Data Protection Officers. In 2017, it was estimated that the new European Regulation would create a minimum of 75,000 DPO jobs worldwide. Consequently, research in 2018 showed that 92% of all companies preparing for GDPR-compliance were planning to appoint a DPO, even if not required by law. As GDPR-compliance is a dynamic process and digitalisation brings new privacy challenges, the demand for Data Protection Officers will only continue to grow. In parallel, as data protection evolves, new privacy and data protection roles emerge. Examples of new data protection job titles include GDPR tester, GDPR paralegal, data protection analyst and GDPR consultant.

IT and information security careers: Data protection skills are not only important for Data Protection Officers. According to, around seven percent of information security jobs advertised today specifically ask for a working knowledge of the GDPR. Examples include information security officers, IT security consultants, IT controllers, data architects and data managers.

Practical Information

  • Course times: 9 am to approximately 4:30 pm. The coffee is ready at 8:30.
  • Lunch is included and consists of a buffet with, among other things, fresh sandwiches. Do you have allergies or dietary requirements? Please communicate this in time.
  • Training location:
    Quinten Matsijslei 25
    2018 Antwerp
  • By participating in a course or training you agree with our terms and conditions

Register now

Book as incompany or stay up to date