General Data Protection Regulation (GDPR) Implementation Training

The General Data Protection Regulation (GDPR) 2016/679 is aimed at unifying data protection regulation for all individuals within the European Union (EU) and the European Economic Area (EEA).  Its scope is broad reaching and impactful, bringing an up-to-date approach to data protection and encompassing modern technology and societal expectations. The GDPR expands the rights of individuals (data subjects) to control how their personal data is collected and processed, and places a range of new obligations on organizations to be more accountable for data protection. 

The GDPR imposes a number of mandatory requirements on organizations to establish practical policies and processes in order to deliver compliant services to internal and external data subjects. And that’s where this course can help.
By attending this two-day course you’ll understand how to implement the requirements of the GDPR into your organization, with a focus on those requirements which can be particularly challenging. 

You’ll get practical guidance on integrating requirements into current practices where appropriate as well as learn ways to ensure that suitable levels of protection are applied to fulfil compliance requirements, which can often reduce costs. You’ll learn what evidence and reporting is required by the regulation, as well as how to align this with your existing governance processes to ensure that GDPR compliance is maintained as part of business as usual.

For both controllers and processors of personal data, this course is relevant to your organization whether they are yet to start or in the process of implementing policies and processes to meet the GDPR requirements.

Who should attend?

Data protection officers, managers or leads, information security managers, project managers, corporate governance managers or similar roles who:

• Require an understanding of data protection and the GDPR to fulfil their role
• Want to understand how the GDPR may be implemented from a practical perspective
• Wishes to understand how to leverage the benefits and address the challenges of complying with the GDPR.

The course is applicable to representatives from any size or type of organization who are involved in the planning or implementation of a data protection compliance programme.  The course is equally applicable to controller and processor organizations.


The mandatory prerequisite for attending this course is the BSI EU General Data Protection Regulation (GDPR) Foundation training course.

By the end of this course delegates will be able to:

• Create accountability
• Conduct a gap analysis
• Compile a data inventory
• Conduct a data mapping exercise
• Determine the legal basis for processing
• Plan and conduct a data protection impact assessment (DPIA) / risk assessment
• Carry out a privacy notice review and update
• Respond to subject access requests (SARs)
• Manage data breaches (including reporting and communication)
• Transfer personal data to third countries or international organizations
• Manage the controller / processor relationships, including joint controller arrangements
• Develop training and awareness programmes
• Maintain a GDPR compliant management approach.

Practical information

  • It's a 2-day course
  • The training can be given in Dutch or English
  • The training materials will be provided in English
  • The standard GDPR isn’t into the training price included. However, during the training course, a loan copy of the standard will be available.
  • Lunch and drinks are included.

For further information regarding reduced rates at the hotel where the training is being conducted, please contact or call +31-(0)20 346 07 80.