Please Note:
The Spring 2020 intake is now open – Register today!
This EU GDPR course provides a comprehensive introduction to the legislation for organisations of any size. It explores the new legislation in depth, including implementation requirements, policies & processes. The course provides crucial information on the Privacy Impact Assessment (PIA), a compulsory requirement which allows organisations to understand what impact new business proposals may have on the privacy of involved parties at an early stage in the planning process.
This course will enable participants to obtain competencies and skills which will help them address the challenges imposed by the recent GDPR regulations with respect to data protection.
Accreditation and MQF level
A CPD Award accredited with 5 ECTS credits (MQF Level 6) by the National Commission for Further and Higher Education (NCFHE) will be presented to delegates who obtain a minimum pass in the final assignment and 2 hours written examination.
Entry requirements
- Minimum of MQF Level 5 of education (Business, Commerce or IT Related)
- Minimum of 3 years’ experience in a supervisory or management role
- Prior Attendance of a Data Protection related course/seminar
- 2 Years’ work experience in the area of data protection
Mature Students
Mature students aged 23 years or older can participate in this course, even if they lack the entry requirements listed above.
Duration
This course is made up of 8 evening sessions (17:30 till 20:45). Course will commence on March till May 2020.
Venue
Tower Training Centre
Lower Ground Floor, Tower Business Centre, Tower Street, Swatar, Malta. (view map)
(Free parking available at level minus 5)
Course Outline & Dates
Module 1: EU GDPR Principles and Compliance
Dates: 17th, 24th and 31st March 2020
Time: 17:30 till 20:45
ECTS credits: 2
Trainer: Dr. Rakele Cini
The General Data Protection Regulation (GDPR) came in force on 25 May 2018, giving HR departments a major challenge to get their house in order as the way organisations collect and process data about employees and job candidates will be changing.
Topics covered
- The six data protection principles
- Data Accountability and Governance
- The EU GDPR, its various provisions and relevant terminologies, and the differences between the
- Data Protection Act and the EU GDPR
- Data Portability and Inventory
- Data Protection by Design and Default
- Expanded Territorial Scope
- Processors
- Right to be forgotten
- Security
- Sanctions and Fines
- One Stop Shop Regulation – The Powers of Supervisory Authorities
- Approved Certification Mechanism
- Local Deviations
- Special categories of personal data
- Data subjects, their rights and the ability to deal with subject access requests.
- Privacy by design.
- Privacy Impact Assessments
- The role of the data protection officer (DPO)
- Incident response and breach reporting.
- International data transfers.
- EU regulations and Local laws.
- Conditions for processing data
- Written records of processing
- Consent which must be obtained (and maintained)
- Fair processing notices
- Notifications of data breaches
- Privacy and other rights of data subjects
Module 2: Data Protection Strategy and Design
Dates: 7th, 14th and 21st April 2020
Time: 17:30 till 20:45
ECTS credits: 2
Trainer: James Grech, Dr. Rakele Cini
Topics covered:
- GDPR Accountability Life Cycle
- Building a Culture of Data Protection, performance management and sustainability
- Data Protection Risk Management and Controls
- Event triage and Incident response, breach management and reporting response
- Data protection impact assessment (DPIA)
- Data audits
- Performance Metrics
Module 3: Information Technology for GDPR
Dates: 28th April and 5th May 2020
Time: 17:30 till 20:45
ECTS credits: 1
Trainer: Attila Hetey & Dr. Claire Cassar
Topics covered:
- Technologies that enable subjects to exercise their rights to access, rectify, erase personal data held by controllers
- Responsibilities of IT Department (Article 32 of GDPR)
- Overall IT Security
- Pseudonymisation and Data Encryption
- Data Loss Protection (DLP) capabilities
- Securing Workstations
- Endpoint Security and Mobile Device Management
- Perimeter Security
- Identity and Access Management
- Data Management Technological Tools
- Cloud Storage and Sharing Services
- Application Security Testing
- Automated GDPR Dashboards
Trainers
James Grech

James Grech graduated with a Bachelor of Business and Commerce Degree in 2001 and later on obtained the Accountancy (Honours) degree from the University of Malta in 2003. James is Certified Public Accountant and holds a Practising Certificate in Auditing issued by the Ministry of Finance in Malta. He is also qualified as Certified Information Systems Auditor (CISA) and member of ISACA. James is also a member of the Institute of Internal Auditing (US), and is a Certified Internal Auditor (CIA). The CIA is the only internationally accepted certification designation for internal auditors and is the standard by which individuals demonstrate their competence and professionalism in the internal auditing and Management Consultancy field.
James is a renowned Business Consultant and Management/Business trainer and conference speaker in Malta and is also founder and Managing Director of LEAD Training Services, one of Malta’s largest professional training Institute licensed by the Malta National Commission for Further and Higher Education (NCFHE).
Attila Hetey

Attila is a CISA and CISM certified professional in the field of information security. He has worked in various roles across various industries and has multi-national experience in information security.
At D4n6 he heads the technical arm of the company and focuses on the technical deliverables and analysis required by clients to ensure that we always deliver to the highest standard.
Dr. Claire Cassar

Claire is a lawyer by profession who has provided legal services in the sphere of ICT for over 17 years. She is an entrepreneur who has set up a number of companies in partnership across various sectors.
Since joining D4n6 a year ago, Claire has taken over the management of the company and has worked on various client projects in terms of delivering training and consultancy services in the field of cybercrime, GDPR and related areas.
Dr. Rakele Cini

Dr. Rakele Cini graduated Doctor of Laws from the University of Malta in 2010 and was admitted to the Maltese Bar in the subsequent year.
Rakele joined BDO Malta in August 2016 and currently heads the Risk and Compliance Department which is responsible for the areas of risk management, prevention of money laundering & financing of terrorism and conflict checks, amongst others. She has acquired years of experience within these fields as lawyer to the practice protection group of one of the local big four accounting firms.
Testimonials
- The course is well designed taking a 360 approach to GDPR with lectures (delivered by extremely capable lecturers) covering the legal, technological and practical aspects of GDPR compliance. The schedule is also tailored to the professional lifestyle with lectures conveniently scheduled.
Paul Caruana Turner (October 2019)
- This is the second course I have done with LEAD in a year. The professional course from the technical assignment to the scenario based examination, coupled with the fact that the lecturers are practitioners giving practical examples, makes the whole experience worth to any Data Protection Officer.
Kenneth Gatt (October 2019)
Malta Enterprise Corporation
- Training services & programs are the best and trainers are very professional. Thank you very much!
Janice Alfaro (September 2019)
- A practical, informative and comprehensive take on the General Data Protection Regulation. Definitely recommended for professionals working in the field of compliance and/or data protection in Malta!
Roxanne Meilak Borg (April 2019)
- Course was very comprehensive, well-applied to the real business world, and lecturers were knowledgeable in their areas, and able to answer specific questions in detail. Details on assessment and expectations of course were provided somewhat late in the day, but this could be attributed to the fact that the course was in its first run, and the criteria still had to be specifically established. Would recommend.
Anna Maria Cardona Schranz (April 2019)
Course Funding Options
For Individuals
-
GET QUALIFIED SCHEME
Candidates can benefit from a 70% rebate of the course fee via tax credit. Get Qualified is an initiative that supports the personal development of individuals for the achievement of qualifications and certifications required by industry.
Learn more about this scheme »