Training Module
Data Protection Fundamentals
A helicopter view of privacy roles, obligations, and mechanisms in organisations
Training Module
Data Protection Fundamentals
A helicopter view of privacy roles, obligations, and mechanisms in organisations
Training Module
Data Protection Fundamentals
A helicopter view of privacy roles, obligations, and mechanisms in organisations
Do you need to understand data protection concepts?
This training module provides a holistic view of privacy roles, obligations and mechanisms so you understand the landscape before diving into specifics.
Do you need to understand data protection concepts?
This training module provides a holistic view of privacy roles, obligations and mechanisms so you understand the landscape before diving into specifics.
Do you need to understand data protection concepts?
This training module provides a holistic view of privacy roles, obligations and mechanisms so you understand the landscape before diving into specifics.
Training module overview
Training module overview
Training module overview
Privacy and data protection are often approached either as detailed legal analysis or as isolated operational tasks. What is frequently missing is a clear, shared understanding of the domain as a whole: the roles organisations play, the lifecycle of personal data, the obligations that recur across laws, and the instruments used to manage them.
This module provides that overview. Participants learn how personal data is handled in organisations, how responsibilities are typically structured, what most data protection regimes expect in principle, and why mechanisms such as impact assessments, processing records, and contractual arrangements exist.
The module is intentionally non-technical and non-prescriptive. It explains what the main elements of the data protection domain are and how they relate, without teaching how to perform specific assessments, create documents, or implement controls.
Privacy and data protection are often approached either as detailed legal analysis or as isolated operational tasks. What is frequently missing is a clear, shared understanding of the domain as a whole: the roles organisations play, the lifecycle of personal data, the obligations that recur across laws, and the instruments used to manage them.
This module provides that overview. Participants learn how personal data is handled in organisations, how responsibilities are typically structured, what most data protection regimes expect in principle, and why mechanisms such as impact assessments, processing records, and contractual arrangements exist.
The module is intentionally non-technical and non-prescriptive. It explains what the main elements of the data protection domain are and how they relate, without teaching how to perform specific assessments, create documents, or implement controls.
Applicable environments
This module applies to organisations for which data protection and privacy management is relevant. It supports professionals who need a solid understanding of privacy-related concepts, terminology, and context.
Target audience
Target audience
Target audience
Professionals entering or working in data protection–related roles (managers, coordinators, advisors)
Employees who handle or influence personal data in HR, IT, operations, products, or customer services
Consultants supporting organisations with basic or evolving data protection practices
Internal auditors or assurance professionals seeking understanding of the data protection domain (without audit technique)
Professionals entering or working in data protection–related roles (managers, coordinators, advisors)
Employees who handle or influence personal data in HR, IT, operations, products, or customer services
Consultants supporting organisations with basic or evolving data protection practices
Internal auditors or assurance professionals seeking understanding of the data protection domain (without audit technique)
Decision support
Is this module for you?
It is a good fit if you…
want a clear mental model of data protection as a management domain.
need to understand roles, obligations, and lifecycle concepts.
work with personal data and need context beyond legal text.
support or review privacy practices without specialist depth.
want a law-agnostic overview of common privacy concepts.
want a clear mental model of data protection as a management domain.
need to understand roles, obligations, and lifecycle concepts.
work with personal data and need context beyond legal text.
support or review privacy practices without specialist depth.
want a law-agnostic overview of common privacy concepts.
If most of the points above apply, this module is likely a good fit.
It may not be the best fit if you…
are looking for clause-by-clause analysis of specific privacy laws.
need step-by-step guidance for executing DPIAs or maintaining records.
expect prescriptive templates, procedures, or tooling.
are seeking advanced specialist or legal deep-dive training.
are looking for clause-by-clause analysis of specific privacy laws.
need step-by-step guidance for executing DPIAs or maintaining records.
expect prescriptive templates, procedures, or tooling.
are seeking advanced specialist or legal deep-dive training.
Agenda
Agenda
Agenda
What privacy and data protection are really about
Personal data in organisations: lifecycle perspective
Organisational roles in data protection
Common obligations across data protection regimes
Key instruments and mechanisms
Data subject rights: intent and organisational impact
Case-based workshop
Show detailed agenda...
What privacy and data protection are really about
Personal data in organisations: lifecycle perspective
Organisational roles in data protection
Common obligations across data protection regimes
Key instruments and mechanisms
Data subject rights: intent and organisational impact
Case-based workshop
Show detailed agenda...
What privacy and data protection are really about
Personal data in organisations: lifecycle perspective
Organisational roles in data protection
Common obligations across data protection regimes
Key instruments and mechanisms
Data subject rights: intent and organisational impact
Case-based workshop
Show detailed agenda...
Learning outcomes
Learning outcomes
Learning outcomes
Key outcomes
Explain what personal data is and how identifiability arises in organisational contexts
Recognise recurring obligations found across most data protection laws and frameworks
Understand why different organisational roles exist in data protection and what they imply
Explain what personal data is and how identifiability arises in organisational contexts
Recognise recurring obligations found across most data protection laws and frameworks
Understand why different organisational roles exist in data protection and what they imply
Additional capabilities
Describe the personal data lifecycle and recognise common points of loss of control
Understand how roles, obligations and instruments relate without performing or designing them
Explain what instruments such as DPIA, processing records and processing agreements are and why organisations use them
Describe the personal data lifecycle and recognise common points of loss of control
Understand how roles, obligations and instruments relate without performing or designing them
Explain what instruments such as DPIA, processing records and processing agreements are and why organisations use them
Additional benefits
Additional benefits
Additional benefits
Learning materials
Slide deck
Participant workbook
Templates & tools
Practical, reusable artefacts to apply the module directly to your organisation.
Personal data lifecycle mapping canvas
Roles and responsibility overview map
Overview sheet: key data protection instruments and their purpose
Personal data lifecycle mapping canvas
Roles and responsibility overview map
Overview sheet: key data protection instruments and their purpose
Confirmation
Certificate of completion
Module ID
HAM-DP-DF-01
Domain
Audience
Manager
Auditor
Language
English
Delivery
Live virtual
Duration
7 h
List price
CHF 550
Excl. VAT. VAT may apply depending on customer location and status.
Delivery & learning format
Delivery & learning format
Delivery & learning format
Virtual live teaching
This module is delivered live, with a strong focus on discussion, practical application, and direct interaction with the instructor.
Sessions work through realistic examples, clarify concepts in context, and apply methods directly to participants’ organisational realities.
Custom delivery options
For organisations with specific constraints or learning objectives, the module can be adapted in format or scope, including in-house delivery and contextualised case material.
Not sure if this module is right for you?
Not sure if this module is right for you?
Not sure if this module is right for you?
For an optimal learning experience
Preparation guidance
This module is designed as part of a modular training approach. Topics are deliberately distributed across modules and are not repeated in full, in order to avoid unnecessary redundancy. Each module is self-contained and can be taken on its own. Where prior knowledge or experience is helpful, this is indicated below so you can decide whether any preparation is useful for you.
For an optimal learning experience
Preparation guidance
This module is designed as part of a modular training approach. Topics are deliberately distributed across modules and are not repeated in full, in order to avoid unnecessary redundancy. Each module is self-contained and can be taken on its own. Where prior knowledge or experience is helpful, this is indicated below so you can decide whether any preparation is useful for you.
For an optimal learning experience
Preparation guidance
This module is designed as part of a modular training approach. Topics are deliberately distributed across modules and are not repeated in full, in order to avoid unnecessary redundancy. Each module is self-contained and can be taken on its own. Where prior knowledge or experience is helpful, this is indicated below so you can decide whether any preparation is useful for you.
Assumed background
None. Participants should be familiar with basic organisational contexts such as processes, roles, and information use.
None. Participants should be familiar with basic organisational contexts such as processes, roles, and information use.
Continuous learning
Follow-up modules
Continuous learning
Follow-up modules
Continuous learning
Follow-up modules
After completion of this module, the following modules are ideal to further deepen your competence. If you are looking for a structured learning path, modules can also be taken as part of a professional track.
Privacy Risk & Impact Assessment (DPIA)
Understand privacy risk assessment, impact reasoning, and DPIA documentation within an ISO/IEC 27701-aligned PIMS
Duration
7 h
List price
CHF 550
View module
Privacy Risk & Impact Assessment (DPIA)
Understand privacy risk assessment, impact reasoning, and DPIA documentation within an ISO/IEC 27701-aligned PIMS
Duration
7 h
List price
CHF 550
View module
Privacy Risk & Impact Assessment (DPIA)
Understand privacy risk assessment, impact reasoning, and DPIA documentation within an ISO/IEC 27701-aligned PIMS
Duration
7 h
List price
CHF 550
View module
PII Processing Context, Roles & Scope
Understand PII processing context, controller/processor roles, and practical PIMS scope boundaries under ISO/IEC 27701
Duration
7 h
List price
CHF 550
View module
PII Processing Context, Roles & Scope
Understand PII processing context, controller/processor roles, and practical PIMS scope boundaries under ISO/IEC 27701
Duration
7 h
List price
CHF 550
View module
PII Processing Context, Roles & Scope
Understand PII processing context, controller/processor roles, and practical PIMS scope boundaries under ISO/IEC 27701
Duration
7 h
List price
CHF 550
View module
Operational Privacy Controls
Understand role-based operational privacy controls and data subject rights handling within an ISO/IEC 27701-aligned PIMS
Duration
7 h
List price
CHF 550
View module
Operational Privacy Controls
Understand role-based operational privacy controls and data subject rights handling within an ISO/IEC 27701-aligned PIMS
Duration
7 h
List price
CHF 550
View module
Operational Privacy Controls
Understand role-based operational privacy controls and data subject rights handling within an ISO/IEC 27701-aligned PIMS
Duration
7 h
List price
CHF 550
View module
Information Security Fundamentals I
Understand the core concepts behind preventive controls, including access management, cryptography, secure configuration, and protective design
Duration
7 h
List price
CHF 750
View module
Information Security Fundamentals I
Understand the core concepts behind preventive controls, including access management, cryptography, secure configuration, and protective design
Duration
7 h
List price
CHF 750
View module
Information Security Fundamentals I
Understand the core concepts behind preventive controls, including access management, cryptography, secure configuration, and protective design
Duration
7 h
List price
CHF 750
View module
Ready to improve your management systems?
We support continuous improvement by embedding ISO requirements into everyday practice and daily operations.
Ready to improve your management systems?
We support continuous improvement by embedding ISO requirements into everyday practice and daily operations.
Ready to improve your management systems?
We support continuous improvement by embedding ISO requirements into everyday practice and daily operations.