Training Module
Data Protection Principles
Privacy roles, obligations and controls in organisations, aligned with common national and international data protection requirements
Overview
Privacy and data protection are often approached either as detailed legal analysis or as isolated operational tasks. What is frequently missing is a clear, shared understanding of the domain as a whole: the roles organisations play, the lifecycle of personal data, the obligations that recur across laws, and the instruments used to manage them.
This module provides that overview. Participants learn how personal data is handled in organisations, how responsibilities are typically structured, what most data protection regimes expect in principle, and why mechanisms such as impact assessments, processing records, and contractual arrangements exist.
The module is intentionally non-technical and non-prescriptive. It explains what the main elements of the data protection domain are and how they relate, without teaching how to perform specific assessments, create documents, or implement controls.
Applicable environments
This module applies to organisations for which data protection and privacy management is relevant. It supports professionals who need a solid understanding of privacy-related concepts, terminology, and context.
Target audience
Professionals entering or working in data protection–related roles (managers, coordinators, advisors)
Employees who handle or influence personal data in HR, IT, operations, products, or customer services
Consultants supporting organisations with basic or evolving data protection practices
Internal auditors or assurance professionals seeking understanding of the data protection domain (without audit technique)
Decision support
Is this module for you?
Agenda
What privacy and data protection are really about
Personal data in organisations: lifecycle perspective
Organisational roles in data protection
Common obligations across data protection regimes
Key instruments and mechanisms
Data subject rights: intent and organisational impact
Case-based workshop
Show detailed agenda...
Learning outcomes
Key outcomes
Explain what personal data is and how identifiability arises in organisational contexts
Recognise recurring obligations found across most data protection laws and frameworks
Understand why different organisational roles exist in data protection and what they imply
Additional capabilities
Describe the personal data lifecycle and recognise common points of loss of control
Understand how roles, obligations and instruments relate without performing or designing them
Explain what instruments such as DPIA, processing records and processing agreements are and why organisations use them
Materials
Learning materials
Slide deck
Participant workbook
Templates & tools
Practical, reusable artefacts to apply the module directly to your organisation.
Personal data lifecycle mapping canvas
Roles and responsibility overview map
Overview sheet: key data protection instruments and their purpose
Confirmation
Certificate of completion
Module ID
HAM-DP-DF-01
Discipline
Domains
Public delivery
Live virtual
Duration
7 h
List price
CHF 550
Excl. VAT. VAT may apply depending on customer location and status.
Delivery
Live virtual delivery
This module is delivered live online and combines conceptual framing, discussion, case work and direct interaction with the instructor.
A public cohort is currently not scheduled. If you register your interest, we will notify you when a new public cohort is scheduled or suitable delivery options become available.
Custom delivery options
For organisations with specific constraints or learning objectives, the module can be adapted in format or scope, including in-house delivery and contextualised case material.
For an optimal learning experience
Prerequisites & preparation
This module is designed as part of a modular training approach. Topics are deliberately distributed across modules and are not repeated in full, in order to avoid unnecessary redundancy. Each module is self-contained and can be taken on its own. Where prior knowledge or experience is helpful, this is indicated below so you can decide whether any preparation is useful for you.
Assumed background
None. Participants should be familiar with basic organisational contexts such as processes, roles, and information use.
