Certified Data Protection Officer

Why Attend

Data protection is taking the world by storm. Anyone who works with personal and company sensitive data needs to understand how to ensure compliance with new data protections laws, both in the UAE, the GCC and globally. This is a practical course that gives participants knowledge and necessary guidance to build a privacy framework within their organization. International Data Protection laws will be covered including General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the newly launched DIFC Data Protection Law.

Download brochure

Course Objectives


  • Define data protection principles and rights of data subjects
  • Determine the lawful basis for processing data
  • Demonstrate how to deal with subject access requests, data breaches and internal investigations
  • Apply appropriate transfer mechanisms for cross border transfer of personal data
  • Create and implement a privacy framework for their organization


Target Audience


This course is suitable for anyone who handles sensitive personal or company data. This includes compliance officers and managers, auditors, IT managers, human resources, database professionals and any information security, incident management, and business continuity professionals whose responsibilities include the secure handling of data.

This course is also suitable for current Data Protection Officers who are seeking to become certified or update their knowledge with the latest laws.
  • Introduction to Data Protection
    • General Data Protection Regulation (GDPR) and DIFC Data Protection Laws 2020
    • Other relevant Data Protection laws
    • Data Protection terminology
    • Personal Data and special categories of data
    • Data Protection principles
    • Role of Controllers and Processors
    • Data Processing Agreements
  • Legal Basis
    • Lawful basis for processing Personal Data
    • Processing special category Personal Data
    • Conditions of consent
    • Understand the reliance on legitimate interests
  • Data Subjects
    • Privacy Notices
    • Rights of Data Subjects
    • Subject Access Requests (SARs)
  • Data Breaches and Complaints
    • Obligations of the Processor
    • Notification to the Commissioner
    • Notification to Data Subjects
    • Breach procedure
    • Remedies, liabilities and sanctions
    • Complaints and mediation
    • Fines
  • Security
    • Security of data
    • Pseudonymization
    • Encryption
  • The Data Protection Officer (DPO) Role
    • The duties and obligations of the DPO
    • High Risk Processing
    • Communicating with Data Subjects
    • Cooperating with the Commissioner
    • Consider the Annual Risk Assessment
  • Cross border transfers
    • Transfers outside of jurisdiction in absence of adequate protection
    • Countries that have adequate level of protection
    • Schrems II case
    • Standard Contractual Clauses
    • Binding Corporate Rules
    • Derogations
  • Governance
    • Understand concept of accountability to demonstrate compliance
    • How to achieve compliance
    • Understand concept of Records of Processing Activities (RoPA)
    • How to mitigate risk
    • Monitoring compliance
    • Understand concept of Data Protection Impact Assessments (DPIAs)

This course has not been scheduled, however you can request for In-House training