Build EU GDPR
Data Protection Compliance
from Scratch (CIPT)
Make your organization GDPR complaint!
START YOUR 14-DAY FREE TRIAL
Build EU GDPR data protection compliance from scratch (CIPT)
Every business requires a strong implementation of privacy principle adhering to international privacy laws and a requirement for data protection. Organizations that administer strict enforcement of privacy laws, as a result, have reduced number of data breaches.

This Course Will Help You To
![]() |
Learn how to improve consumer confidence. |
![]() |
Learn to protect your ecosystem with better data security. |
![]() |
Learn to align your organization with evolving technologies. |
Who is it for?
Anyone interested in GDPR compliance.
Any security enthusiast willing to learn about GDPR.
Anyone interested in how to start a GDPR program.
Anyone interested in technologies that can help achieving GDPR compliance.
Approach
You will be able to analyze a company’s GDPR compliance program and to think properly through step by step examples.
We have included new topics related to GDPR for HR, GDPR for Cloud Service Providers, and the DPO role in an organization + how to initiate it.
The course is a complete A to Z GDPR training, so we will cover everything that you need to know.
About the Course
Build EU GDPR data protection compliance from scratch (CIPT)
The course provides a basic understanding about GDPR foundations, explains concepts of data privacy and GDPR compliance and its documentation process that can be reused and adopted for your own organization. From this course you will be able to identify vulnerabilities and take measures to maintain privacy. It includes implementation of GDPR design via assessment tools. It provides insights about online privacy issues through social media and other technologies. The understanding about how GDPR can be used for HR, Cloud Service Providers acts like a leverage. The course also explains the role of Data Privacy Officer and its importance. By developing basic knowledge of the GDPR and understanding how it affects you, you will learn about the first steps for making your organization compliant.
Introduction:
Why start learning GDPR Data Privacy with me?
Course Outline
Section 1: Introduction
Video 1.1: Why start learning GDPR Data Privacy with me?
Video 1.2: What is included in this course?
Section 2: Understanding the need for privacy in IT environment
Video 2.1: Evolving compliance requirements
Video 2.2: Major Risks to a Company’s IT Framework
Video 2.3: Application Related Risks
Video 2.4: Network Related Risks
Video 2.5: Storage Related Risks
Video 2.6: Stakeholder’s expectations for privacy
Video 2.7: Privacy vs Security
Video 2.8: IT Governance vs Data Governance
Video 2.9: The role of the IT professional & other stakeholders in preserving
Section 3: Core Privacy Concepts
Video 3.1: Privacy Foundational elements – Organizational Privacy Notice
Video 3.2: Privacy Foundational elements – Organizational Privacy Policy
Video 3.3: Privacy Foundational elements – Organizational Security Policies
Video 3.4: Incident Response – Security and Privacy Perspectives
Video 3.5: System Development Lifecycle and Enterprise Architecture
Video 3.6: Privacy Impact Assessments (PIA)
Video 3.7: Common Privacy Principles
Section 4: Privacy Consideration & Techniques
Video 4.1: The Collection Process – Notice
Video 4.2: The Collection Process – Choice, Control & Consent
Video 4.3: Other topics related to collection
Video 4.4: Use
Video 4.5: Security Practices and Limitations on Use
Video 4.6: Disclosure
Video 4.7: Retention – Records, Limitations, Access
Video 4.8: Retention – Security Considerations
Video 4.9: Destruction
Section 5: Privacy in Systems and Applications
Video 5.1: Identity and Access Management (IAM)
Video 5.2: Limitations of Access Mgmt & Least Privilege principle
Video 5.3: User Based Access Control & Role Based Access Control
Video 5.4: Context of Authority
Video 5.5: Cross Site Authentication & Authorization Models
Video 5.6: Credit card information & Processing
Video 5.7: PCI-DSS & PA-DSS
Video 5.8: Remote Access & BYOD – Privacy & Security Considerations
Video 5.9: Remote Access & BYOD – Access to Computers & Architecture controls
Video 5.10: Data Encryption – Design Considerations
Video 5.11: Application, Record and Field Encryption
Video 5.12: File & Disk Encryption
Video 5.13: Encryption Regulation & Crypto Standards
Video 5.14: Other Privacy enhancing Technologies
Video 5.15: Software Notifications and Agreements
Section 6: GDPR Implementation: Short Intro
Video 6.1: GDPR short overview
Video 6.2: Format and Definitions
Video 6.3: Principles
Video 6.4: Lawfulness
Video 6.5: Gap Assessment Tool
Video 6.6: Management Commitment
Video 6.7: Preparation of a Project Plan
Video 6.8: GDPR Roles
Video 6.9: How to Capture Personal Data in a Form
Video 6.10: GDPR Privacy Data Protection Policy
Video 6.11: Data Subject Request Procedure
Video 6.12: Data Protection Impact Assessment (DPIA)
Video 6.13: How to treat international transfers
Video 6.14: Data Breach and IRP
Video 6.15: ISO and GDPR
Video 6.16: Privacy by Design
Section 7: Online Privacy Issues
Video 7.1: Organizational Privacy Strategy for Social Media
Video 7.2: Consumer Expectations
Video 7.3: Children’s Online Privacy
Video 7.4: Social Media: personal information collected
Video 7.5: Social media – personal information shared and ownership
Video 7.6: E-commerce personalization
Video 7.7: Online Advertising
Video 7.8: Key considerations when posting ADs on your website
Video 7.9: Understanding cookies, beacons and other tracking technologies
Video 7.10: Cookies – Deep Dive
Video 7.11: Web Browser Privacy and Security Features
Section 8: Technologies with Privacy Considerations
Video 8.1: Wireless Technology – RFID
Video 8.2: Wireless Technology – NFC, Bluetooth & WiFi
Video 8.3: Location Based Services (LBS) – generalities
Video 8.4: Location Based Services (LBS) – GPS
Video 8.5: Location Based Services (LBS) – GIS
Video 8.6: Surveillance of Individuals
Video 8.7: Data surveillance & Biometric recognition
Section 9: Direct Marketing Challenges
Video 9.1: Data Protection & Direct Marketing
Video 9.2: The concept of Direct marketing
Video 9.3: The right to opt-out
Video 9.4: Marketing Requirements under e-Privacy Directive
Video 9.5: Postal Marketing
Video 9.6: Telephone Marketing
Video 9.7: Electronic Marketing
Video 9.8: Location Based Marketing
Video 9.9: Online Behavioral Advertising (OBA) and GDPR
Section 10: Lawful Processing of HR Data, Contracts and Recruiting
Video 10.1: Where do privacy and HR meet?
Video 10.2: More difficult to rely on Consent
Video 10.3: Data Protection Principles from HR perspective
Video 10.4: Consent_no_longer_an_option_for_HR
Video 10.5: Legitimate interests
Video 10.6: Pseudonymisation
Video 10.7: Cross Border HR Data Transfers under GDPR
Video 10.8: Changes to employee data management under GDPR
Video 10.9: DPOs and DPIAs from HR perspective
Video 10.10: Data Breaches & what to take away from that
Video 10.11: Action Steps from HR perspective
Video 10.12: HR related policies and procedures
Video 10.13: Contracts of Employment – what to look for
Video 10.14: Data Protection Policy
Video 10.15: GDPR terms and how they relate to recruiting?
Video 10.16: Map your recruiting data
Video 10.17: Create a privacy policy for recruiting
Video 10.18: Source candidates online with care
Video 10.19: Ensure you job application process complies with GDPR
Video 10.20: Ensure your software vendors are compliant
Section 11: GDPR for Cloud Service Providers (CSPs)
Video 11.1: Cloud and GDPR Concerns
Video 11.2: Looking at GDPR the right way
Video 11.3: Controllers and Processors
Video 11.4: CSP as a processor and GDPR
Video 11.5: Technical and Organizational measures
Video 11.6: Subcontracting
Video 11.7: Clauses between a processor and a sub-processor
Video 11.8: Changes to employee data management under GDPR
Video 11.9: Codes of conduct, certifications and compliance
Video 11.10: Important steps to compliance
Video 11.11: Choosing a hosting provider
Video 11.12: What businesses need to do
Video 11.13: Software and CSPs to consider – part 1
Video 11.14: Software and CSPs to consider – part 2
Video 11.15: Software and CSPs to consider – part 3
Video 11.16: Software and CSPs to consider – part 4
Video 11.17: Advices for CSPs and Software providers
Video 11.18: GDPR and IoT approach
Video 11.19: There is far more in this space
Video 11.20: GDPR requirements in an IoT context
Video 11.21: Robots, AI, IoT and BigData
Section 12: GDPR and Payment Services Directive (PSD2)
Video 12.1: What is PSD 2 and main objectives
Video 12.2: Benefits for consumers
Video 12.3: Scope of PSD2 directive
Video 12.4: New rules on authorization and supervision
Video 12.5: Security of Payments
Video 12.6: New types of service providers – TPPs
Video 12.7: Impact of PSD2 to financial services industry
Video 12.8: New risks associated with the TPPs
Video 12.9: Banks are caught between GDPR and PSD2
Video 12.10: Other challenges – GDPR and PSD2
Video 12.11: What is Open Banking Consent Model
Video 12.12: Consent Step
Video 12.13: Authentication Step
Video 12.14: Authorization Step
Video 12.15: Redirection
Video 12.16: Data Minimization & Permissions
Section 13: How Technology can Help in Achieving GDPR compliance
Video 13.1: What you will be learning in this section
Video 13.2: Identity Protection demo (AAD IP)
Video 13.3: Privileged Identity Management demo (PIM)
Video 13.4: Mobile Productivity policies demo (Intune)
Video 13.5: Classification, Labelling and Protection of Information demo (AIP)
Video 13.6: Cloud application visibility and security demo (Cloud App Sec)
Video 13.7: Security in cloud infrastructure environment demo
Video 13.8: Defending and remediating endpoints from cloud demo
Roland Costea
Know Your Author
Roland Costea is a Cybersecurity, Privacy and Cloud Leader, and Strategist with practical experience in running cybersecurity and cloud business units, practices, and divisions from zero to maturity with year over year quality growth and quota over-achievement (projects of >50 million euro/year).
Certifications:
CISSP, CIPM, CIPT, CIPP/E, CRISC, CISM, CCSK v4, CCSP, LPT, CEH, ISO 27001LA, and TOGAF
Customers Who Loved Our Courses
Build EU GDPR Data Protection Compliance from scratch (CIPT)
anju12111998
Concepts covered very nicely.
andranglin
The course covered a wide area and various topics relative to my job role.
penguinsoho
Excellent coverage and detail related to implementing EU GDPR.
mikaelkanto3
The extent to which GDPR provisions were explained.