Data Protection by Design from IT perspective


Data Protection by Design from IT perspective

Information Security Software Engineering

What problem does this training solve?

Data protection by design and data protection by default are relatively new principles that have been incorporated into European data protection legislation. Data protection by design is also noticed by non-European legal systems and international standards in the field of information security and personal data protection.

The aim of this training is to carry out a simulation related to building a product that will take full advantage of data protection rules during the design phase. Trainees will gain skills in the area of problem solving and designing information systems or processes that take into account data protection compliance processes before a product or service is made available to the public. Trainees should acquire skills that will help reduce the long-term costs associated with initiating, delivering and maintaining data protection compliance projects and good information security practices.

The training is conducted in the form of interactive workshops and is primarily recommended for managers, IT employees (e.g. programmers, software architects, security teams) and employees who are directly responsible for product development (e.g. UX designers and business analysts). Participants will be guided to the subject of data protection in the design phase (theoretical part), and then in the case they will have to take action for specific product requirements to ensure compliance, propose procedures and security measures so as to create a product that complies with legal requirements and at the same time is user-friendly.


  • Introduction to Privacy by Design and Privacy by Default principles (45 minutes)
  • Collect and evaluate business requirements (45 minutes)
  • System requirements design (45 minutes)
  • Building privacy notices to the data subjects (45 minutes)
  • Data protection impact assessment and consultation of the data protection authority (45 minutes)
  • Processing agreements and international transfers of personal data (45 minutes)
  • Reporting data breaches (45 minutes)
  • Product presentation with Q&A session (45 minutes)


Available as on-line course
This training is available as live on-line course
Available as Video on Demand
30 lipca 2019 22:36
Target groups

Relevant services

Relevant training sessions