Data Protection Impact Assessment (DPIA) Training Workshop

Code4833 CurriculumData Protection/GDPR Sub-CategoryData Protection

There are currently no dates listed for this course.
Contact us by calling 01285 407 177 or email

Course Outline

Data Protection Impact Assessment (DPIA) Workshop – 1 day


This one-day workshop is designed to provide delegates with the practical knowledge needed to perform a data protection impact assessment (DPIA) that will minimise privacy risks and comply with the UK Data Protection Act (DPA) and the EU General Data Protection Regulation (GDPR). 

Use data protection impact assessments to minimise privacy risks and comply with the EU GDPR.

A data protection impact assessment (DPIA) is a key risk assessment process outlined in the requirements of the EU General Data Protection Regulation (GDPR). It helps organisations make an early evaluation of the impact a business process might have on the privacy of the individuals involved, and ensures compliance with the UK Data Protection Act and EU GDPR.

The Information Commissioner’s Office (ICO) already recommends that privacy impact assessments are conducted to assess the privacy risks for all policies and projects involving the use, collection and disclosure of personal information, and the government’s Security Policy Framework mandates their use by all government departments

In order to comply with the GDPR, organisations will be required to perform a DPIA where the processing of personal data involves high risk to the rights and freedoms of individuals. In particular, a DPIA will be required for automated data processing activities, including:
1.    Profiling leading to decisions that produce legal effects for the individual.
2.    Large-scale processing of certain types of data.
3.    Systematic monitoring of a publicly accessible area on a large scale.

The DPIA Workshop will explain how to develop a DPIA, implement the project, monitor the results and take action where required. When conducted at the start of a project, a DPIA will help organisations identify and resolve problems at an early stage, reducing the associated costs and potential damage to reputation.

Course Timetable

•    Day 1: 09.30 – 16.30

What will you learn on this course

•    The principles of data protection impact assessment (DPIA).
•    The legal requirements for a DPIA
•    Getting started: how to conduct a DPIA.
•    Determining whether the risk is acceptable.
•    How to develop a data protection impact assessment procedure.
•    How to create and implement more efficient project processes.
•    Monitoring the results and understanding when to take action.
•    How to track the outcomes in order to take the appropriate remedial actions.
•    Why and how to conduct a data flow mapping exercise

Exam results and certificates

•    Where exams are taken online (either remotely or by computer in the classroom), provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within 10 working days from the date of the exam.
•    Where exams are done in paper form, we aim to make confirmed exam results available within 10 working days from the date of the exam.
•    For both online and paper exams, certificates for those who have achieved a passing grade will be issued within 10 working days from the date of the exam.
•    Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Who should attend the course

The course is aimed at managers who are responsible for ensuring that their organisation is fully compliant with its data privacy obligations. This includes data privacy/protection, compliance, HR, IT and contracts managers. The course is particularly relevant to people who work in organisations that process large quantities of personal information, such as government departments, universities, charities and market research companies.

Entry requirements

While there are no formal entry requirements, this course has been designed to meet the needs of delegates who have some knowledge of data protection and the GDPR. We recommend that delegates who require an introduction to the requirements of the GDPR attend our certified GDPR Foundation training course or purchase the data protection pocket guides. Delegates on the certified GDPR Practitioner course do not need to attend the workshop, as the material is already covered in the DPIA section of the GDPR P course.