The Effective DPO

The effective DPO course builds on your knowledge from the BCS Data Protection Practitioner or similar industry-standard course and aims to give you the skills to be able to put your knowledge gained into practice. 

The course uses our DPAS DPO house as a baseline (see picture) and concentrates on:

• Compliance skills and tools needed to be an effective DPO
• Governance skills required to be an effective DPO
• Organisational skills to be an effective DPO
• The value that Data Protection brings to your Data Strategy

This in turn will enable you to:

• Be more confident and effective in your role
• Use a set of tools to support you in your role as DPO
• Secure more resources for your role as DPO
• Develop a new culture of value in data protection
• To be an effective DPO

The role of the DPO is to support the Data Controller in delivering compliance to the law, regulation, principles and guidance issued to them in the jurisdictions they operate.  

A DPO needs extensive knowledge of the law, not just GDPR, CCPA, or the Data Protection Act 2018, but other laws that have a Data Protection bearing, the Access Medical Records Act 1990 being an example.  

Nigel Gooding, Chief DPO will support delegates through the knowledge requirements, provide them with research skills and up to date support to enable them to act effectively in what is a wide area of knowledge.  

We deal with practical issues such as how to assess a DPIA using our risk-based tools, dealing with Data Breaches and Legitimate Interest assessments. 

Module 1 - Compliance Skills

• Legislative Knowledge

• How to keep up to date knowledge, combined with research skills to access relevant legislation, law, guidance, codes of practice and best practice.

• Audit, Assurance and Risk

• How to undertake an audit and the ability to develop risk-based Audit and Assurance tools and the vehicle and governance model to report back to the Data Controller using a risk-based approach.

• Effective use of Assurance Tools

• The capability and capacity to deliver assurance audits to the highest level in the organisation, use tools, report and hold to account Controllers to deliver roles as outlined in GDPR Article 39 as a minimum.

Module 2 - Governance Skills

• Cultural and visible influencer

• The personal skill set and ability to effect culture change by understanding the organisational culture and be visible in promoting effective Data Protection. A positive strong voice and the ability to lead Data Champions.

• Independent - free from conflicts of interests and politics

• The resilience to show independence from the Data Controller shows a clear firewall and separation of tasks between the role of the DPO & Controller. The ability to rise above internal politics.

•  Ethical standards

• The ability and resilience to uphold ethical standards in the role that transcend organisational delivery challenges vs. the rights of the Data Subjects.

• Stakeholder Management 

• The ability to walk tall in every part of the organisation and understand the need for different proactive interventions based upon user needs.

Module 3 - Organisational Skills

• Understands the organisation

• Has a deep operational understanding of the organisation, internal policies, processes and governance gleaned from practical experience, research skills and training.  Knows where data is processed, shared and the organisational purpose.

• Resources

• Establish a business case, resource management, process, policy and technology requirements to be able to adequately deliver the role of DPO. The ability to tangible cases for change and own personal development.

 Module 4 - Data Value

• Promotes data protection as part of the corporate strategy

• Is able to promote the value of Data Protection beyond “its for compliance reasons” The ability to show how it adds value and plays a key part in the broader Data Strategy and strategic and operational success of the organisation.

• Promotes the value of good data protection 

• Promote the value of Data Protection to the wider employee, customer and in some cases, shareholder audience includes:

• protecting the business & employee
• supporting ethical behaviour
• adding tangible value to data management
• supporting the reputation of the business
• the balancing of risks

• Anyone who has completed the BCS Practitioner Certificate or similar in Data Protection and is looking to enhance their skills in the practical applicability of the knowledge gained.
• Current Data Protection Officers
• Data Protection Managers aspiring to be DPOS
• Information Governance team members who step into the DPO role occasionally 
• Any compliance team member who is looking to gain practical knowledge of compliance 

• 2 days of interactive and practical application training held on MS Teams
• BCS textbook - Data Protection Officer (sent prior to the course)
• DPAS mentor to help you for 12 months to answer questions that may arise
• DPAS login to our customer portal which hosts over 40 useful tools, templates, audits, policies and more for you to use within your organisation 
• 14 CPD credits
• Opportunity to network with other data protection professionals