2-Day GDPR Bootcamp

John M WalshBlog

2 Day GDPR Bootcamp on 21-22 October, 2018

Join us and many other companies on this deep-dive session into GDPR. During the two days, we will go into the details of GDPR and how is can be implemented in practical manner to meet the compliance requirements set out in GDPR.

The training shall be provided by Christoph Balduck of Data Trust Associates, a boutique company focused on Data Privacy and Information Management.
Christoph is an EU certified Data Protection Officer (EIPA) and has a wide range of experience in the role of enterprise architect and Data Manager. He continues to advise, coach and execute Data Privacy and Information Governance programs across the different industries both here in Belgium and internationally.

By bringing the data privacy and data governance worlds together, Christoph sees the great business value that can be obtained by accelerating GDPR compliant solutions for operational business analytics challenges.


Participation fee: 900 € excluding VAT

Once you have registered for this Bootcamp via the form below, Data Trust Associates will send you an invoice. Your registration will be effective as soon as we have received the payment.

Any cancellation must be notified by email at least 7 working days before the date of the event. In the event of absence or cancellation beyond this period, the full participation fee will be due.

More information:
Christoph Balduck
Mobile: 0472 712960
Email: christoph.balduck@datatrustassociates.com



Day 1: Thursday September 21 – GDPR Deep-dive
From 9:00 until 18:00

  • History
  • Hype cycle of GDPR
  • Additional legislations (NIS, e-privacy, anti-competition, anti-discrimination,…)
  • Scope of personal data
  • “Special categories” data, children data & location data
  • Data Categorization
  • Data retention & archiving
  • Data Register (article 30)
  • Legal ground & consent incl. consent mgt.
  • Purpose limitation
  • Transparency
  • Proportionality
  • Data accuracy
  • Data & information security incl. ISO27001/2
  • Data anonymization & pseudonimization
  • International data transfers
  • Profiling
  • DPIA & residual risk
  • DPO & DPO office
  • Breach notification
  • Target Operating model & link with Info & Data Gov.
  • Data minimization
  • Data controller vs. Processor
  • Privacy by default and by design
  • Proof of  compliance & accountability
  • Contracts
  • Data portability
  • Right to access, rectify, block, deletion/forgotten
  • Fines
  • Class actions
  • DPA & One stop shop

Evening dinner near venue 
In order to continue the GDPR and broader discussions, you are also invited to Dinner at a nearby location (18:30 – 21:00)

Day 2: Friday September 22 – GDPR Practicalities & use cases
​From 9:00 until 16:00

  • Link between GDPR, ISO27001/2, Information & Data Mgt.
  • Privacy strategy, guidelines, framework, implementation & monitoring/KPI’s
  • Data trust framework and determining opportunities for GDPR (bus. case)
  • Reference architecture
  • Planning
  • GDPR in projects
  • Data breach notification planning
  • models in depth
  • Tooling and accelerators: overview of major tooling and accelerators on the market & how to apply them.
  • Cases & practical use:
  • Setup of a privacy strategy
  • Scope determination & data categorization use case
  • Applying a risk based approach
  • Documenting & approach to a data register (from Level 0 processes to data flows)
  • Practically using Pbd & Pbd
  • Determining controller & processor in a complex relation
  • Applying a DPIA
  • Calculating the severity of a data breach (Enisa)
  • Determination of the right legal ground & consent
  • Determination of the solution architecture for a case
  • Data breach notification & how to prepare (contract, incident response plan)
  • Profiling & pseudonimyzation case

Book your place