Please Note:
Intake is now open – Register today!
This EU GDPR course provides a comprehensive introduction to the legislation for organisations of any size. It explores the new legislation in depth, including implementation requirements, policies & processes. The course provides crucial information on the Privacy Impact Assessment (PIA), a compulsory requirement which allows organisations to understand what impact new business proposals may have on the privacy of involved parties at an early stage in the planning process.
This course will enable participants to obtain competencies and skills which will help them address the challenges imposed by the recent GDPR regulations with respect to data protection.
Accreditation and MQF level
The accreditation status of this programme is a ‘‘Higher Education Programme’’. A CPD Award accredited with 5 ECTS credits (MQF/EQF Level 6) by the Malta Further & Higher Education Authority (MFHEA) will be presented to delegates who obtain a minimum pass in the relative assignment.
Target Audience
- Business directors or managers who want to understand how the requirements of the GDPR will affect their organisation.
- Managers involved in or responsible for GDPR compliance, such as:
- Privacy managers;
- Data protection managers;
- Information security managers;
- IT managers;
- Project managers;
- Corporate governance managers;
- Risk and compliance managers;
- General or privacy counsels;
- Finance, HR or marketing managers.
- Individuals with a basic knowledge of data protection regulation and practices, and looking to develop their career with a professional qualification.
Entry requirements
- Minimum of MQF Level 5 of education (Business, Commerce or IT Related)
- Minimum of 3 years’ experience in a supervisory or management role
- Prior Attendance of a Data Protection related course/seminar
- 2 Years’ work experience in the area of data protection
- This course welcomes individuals from the legal age of 18 onwards.
- Maturity Age is set at 23 years
Mature Students
Mature students aged 23 years or older can participate in this course, even if they lack the entry requirements listed above.
Duration & Mode of Attendance
This part-time course is made up of 8 live online evening webinar sessions which are spread over a period of 9 weeks.
Course Delivery Mode – Live Webinars
This course will be delivered via live online webinars. The course trainers will be visible on screen via a professional webinar platform through which students can follow the trainer presenting live whilst also using a PowerPoint presentation and sharing other resources as necessary. Students will be able to interact with the trainer by sending questions or comments through the same webinar platform. Our student support team will assist all students with simple instructions on how to access the webinar online. A support line will also be made available to communicate with a student support officer in case of technical difficulties encountered during the live webinar.
Trainers will also dedicate very regular Q & A times during the webinar to ensure all students can have the chance to ask questions and reach the intended learning objectives. The email and contact details of the trainer will also be made available in case students would wish to get in touch with the trainer throughout the course period. Online recordings or videos of the webinars are not available for this course.
Short 10 minute breaks will be given during the webinar.
How You’ll Learn
This course will be delivered via live online webinars. The course trainers will be visible on screen via a professional webinar platform, through which students can follow the trainer presenting live, whilst also using a PowerPoint presentation and sharing other resources as necessary.
Students will be able to interact with the trainer by sending questions or comments through the same webinar platform.
The course will also make use of:
- Online Presentations
- Video Lecturing;
- Q&A via online course forum;
- Online Q&A with Educator (Trainer).
The above are considered to be contact hours as all of the above will be under control of the instructor.
Method of Assessment
At the end of the course, students will be presented with the assignment questions, where students have four or five questions and need to choose three. The total word count for the total assignment is 3,000 words. Students need to submit the assignment as per the submission date on the assignment questions document provided.
Grading: The assignment questions will be corrected and students must achieve a pass mark of at least 50 marks, in order to be given a certification.
Language of Course Instruction & Course Materials
The course materials and the live webinars are in English.
Course & Examination Dates
Modules |
Dates |
Time |
Module 1: EU GDPR Principles and Compliance
(MQF/EQF Level 6, 2 ECTS) |
24/05, 31/05, 14/06 |
17:10 – 20:30 |
Module 2: Data Protection Strategy and Design
(MQF/EQF Level 6, 2 ECTS) |
21/06, 05/07, 12/07 |
17:10 – 20:30 |
Module 3: Information Technology for GDPR
(MQF/EQF Level 6, 1 ECTS) |
19/07, 26/07, 02/08 |
17:10 – 20:30 |
Please note that as per terms and conditions, LEAD Training Services reserves the right to alter course dates, times and venue in exceptional circumstances beyond its control.
Total Hours of Learning
This is an accredited course, which requires students to commit themselves and to be responsible for their own studies. Below is a suggested guideline of the number of hours each student should dedicate to self-studying and preparing for the final written assignment.
Total Course Contact Hours
(Live Online Webinars) |
27 |
Total Course Suggested Self-Study Hours
(reading for interest & further knowledge) |
90 |
Total Course Supervised Placement and Practice Hours
(Work placement supervision) |
0 |
Total Course Suggested Assessment Hours
(Take home assignment) |
8 |
Course Outline
Module 1: EU GDPR Principles and Compliance (MQF Level 6, 2 ECTS)
ECTS credits: 2
Trainer: Dr. Karl Sammut
The General Data Protection Regulation (GDPR) came in force on 25 May 2018, giving HR departments a major challenge to get their house in order as the way organisations collect and process data about employees and job candidates will be changing.
At the end of the module/unit the learner will have been exposed to the following:
- The six data protection principles
- Data Accountability and Governance
- The EU GDPR, its various provisions and relevant terminologies, and the differences between the
- Data Protection Act and the EU GDPR
- Data Portability and Inventory
- Data Protection by Design and Default
- Expanded Territorial Scope
- Processors
- Right to be forgotten
- Security
- Sanctions and Fines
- One Stop Shop Regulation – The Powers of Supervisory Authorities
- Approved Certification Mechanism
- Local Deviations
- Special categories of personal data
- Data subjects, their rights and the ability to deal with subject access requests.
- Privacy by design.
- Privacy Impact Assessments
- The role of the data protection officer (DPO)
- Incident response and breach reporting.
- International data transfers.
- EU regulations and Local laws.
- Conditions for processing data
- Written records of processing
- Consent which must be obtained (and maintained)
- Fair processing notices
- Notifications of data breaches
- Privacy and other rights of data subjects
Module 2: Data Protection Strategy and Design (MQF Level 6, 2 ECTS)
ECTS credits: 2
Trainer: James Grech, Dr. Karl Sammut
At the end of the module/unit the learner will have been exposed to the following:
- GDPR Accountability Life Cycle
- Building a Culture of Data Protection, performance management and sustainability
- Data Protection Risk Management and Controls
- Event triage and Incident response, breach management and reporting response
- Data protection impact assessment (DPIA)
- Data audits
- Performance Metrics
Module 3: Information Technology for GDPR (MQF Level 6, 1 ECTS)
ECTS credits: 1
Trainer: Jonathan
At the end of the module/unit the learner will have been exposed to the following:
- Technologies that enable subjects to exercise their rights to access, rectify, erase personal data held by controllers
- Responsibilities of IT Department (Article 32 of GDPR)
- Overall IT Security
- Pseudonymisation and Data Encryption
- Data Loss Protection (DLP) capabilities
- Securing Workstations
- Endpoint Security and Mobile Device Management
- Perimeter Security
- Identity and Access Management
- Data Management Technological Tools
- Cloud Storage and Sharing Services
- Application Security Testing
- Automated GDPR Dashboards
Trainers
James Grech

James Grech graduated with a Bachelor of Business and Commerce Degree in 2001 and later on obtained the Accountancy (Honours) degree from the University of Malta in 2003. James is Certified Public Accountant and holds a Practising Certificate in Auditing issued by the Ministry of Finance in Malta. He is also qualified as Certified Information Systems Auditor (CISA) and member of ISACA. James is also a member of the Institute of Internal Auditing (US), and is a Certified Internal Auditor (CIA). The CIA is the only internationally accepted certification designation for internal auditors and is the standard by which individuals demonstrate their competence and professionalism in the internal auditing and Management Consultancy field.
James is a renowned Business Consultant and Management/Business trainer and conference speaker in Malta and is also founder and Managing Director of LEAD Training Services, one of Malta’s largest professional training Institute licensed by the Malta Malta Further & Higher Education Authority (MFHEA).
Dr. Karl Sammut

Dr. Karl Sammut is a commercial lawyer specialising in business, technology and intellectual property. He is highly sought after by companies operating in the digital economy due to his ability of integrating IP and IT knowledge with commercial and corporate expertise. Dr. Sammut operates in all areas of intellectual property and technology, advising on matters relating to software, hardware, cybersecurity and cloud as well as data protection and privacy matters. He regularly assists companies in complying with privacy matters, particularly those involved in gaming, fintech and the digital economy.
Testimonials
- I thoroughly enjoyed the course provided by LEAD training. It was highly informative and well executed. I will definitely consider taking further courses with LEAD training in the future.
Melanie Vella (November 2020)
- I highly recommend Lead & Training Services for the professionalism in delivering training even in difficult circumstances surrounding COVID-19. I recently completed the Practitioners Award in GDPR which was relevant to my working needs and delivered by professional and competent people. I would like to take this opportunity to thank all the team for the organisation of such courses.
Jude Samuel Cauchi (October 2020)
- The course is well designed taking a 360 approach to GDPR with lectures (delivered by extremely capable lecturers) covering the legal, technological and practical aspects of GDPR compliance. The schedule is also tailored to the professional lifestyle with lectures conveniently scheduled.
Paul Caruana Turner (October 2019)
- This is the second course I have done with LEAD in a year. The professional course from the technical assignment to the scenario based examination, coupled with the fact that the lecturers are practitioners giving practical examples, makes the whole experience worth to any Data Protection Officer.
Kenneth Gatt (October 2019)
Malta Enterprise Corporation
- Training services & programs are the best and trainers are very professional. Thank you very much!
Janice Alfaro (September 2019)
- A practical, informative and comprehensive take on the General Data Protection Regulation. Definitely recommended for professionals working in the field of compliance and/or data protection in Malta!
Roxanne Meilak Borg (April 2019)
- Course was very comprehensive, well-applied to the real business world, and lecturers were knowledgeable in their areas, and able to answer specific questions in detail. Details on assessment and expectations of course were provided somewhat late in the day, but this could be attributed to the fact that the course was in its first run, and the criteria still had to be specifically established. Would recommend.
Anna Maria Cardona Schranz (April 2019)
Course Funding Options
For Individuals
-
GET QUALIFIED SCHEME
Candidates can benefit from a 70% rebate of the course fee via tax credit. Get Qualified is an initiative that supports the personal development of individuals for the achievement of qualifications and certifications required by industry.
Learn more about this scheme »