Law - Data Protection Practice

Law Society of Ireland

Law - Data Protection Practice

Programme structure and approach to learning
The General Data Protection Regulation (Regulation 2016/679) came into force in May 2018 and, as a result, the data protection landscape has changed significantly. This certificate will offer an in-depth analysis of the new data protection framework, the data protection legislation, and how to comply with the GDPR in practice.

Data is a valuable commodity. Modern technologies allow for huge volumes of data to be collected by companies on a daily basis. There are many legal responsibilities associated with collecting, retaining, and processing such data. Data protection laws act to balance an individual’s right to privacy with a company’s ability to use that data. It is essential that the use of data is regulated to prevent against abuses, while at the same time ensuring that companies can use data efficiently and effectively.

In this popular certificate course, participants will be brought through the application of the law by experienced data protection practitioners and privacy consultants from private practice, the public sector, and from large multinationals. There is a strong focus on the GDPR and how to apply it in practice. This course will ensure that participants are equipped to deal with the compliance issues that arise in practice.

Online and interactivity
Course materials, including webcasts of lectures, will be released each week online. In addition, online participation will be required. There will be three interactive online workshops to enable participants to connect with expert contributors and to consolidate their knowledge. Participants are also afforded the opportunity to interact with the expert contributors online each week. Participants are invited to have an open-minded approach to learning and are encouraged to interact and share knowledge with colleagues, as engaging online is a central element of online courses.

Subjects taught

The programme is based on the following module scheme and covers key themes as listed below:

Module 1: Introduction to data protection law
Origins of data protection law,
Data protection concepts and principles,
Overview of data protection landscape.

Module 2: Data processing and sharing
Legitimate processing,
Data retention,
Data access requests,
Government data, public sector,
Data protection v freedom of Information,
Litigation – legal professional privilege/discovery.

Module 3: Data processing and personal rights
Removal, amendments, rectification,
The right to be forgotten,
Direct marketing,
Automated decision making,
State surveillance.

Module 4: General Data Protection Regulation (GDPR)
Overview of key changes,
Impact of changes on processing, consent, outsourcing,
Compliance and enforcement,
Requirement to have a data protection officer (DPO),
Changes referenced in each module throughout the certificate.

Module 5: Data governance
Role of the data protection officer,
Data breaches,
Powers of Data Protection Commission,
Privacy impact assessments.

Module 6: International data transfers
Data transfer risks,
Transfers outside EEA,
Effect of Brexit data transfers,
Supervision, enforcement, offences.

Module 7: Data protection compliance
Direct marketing,
Cookies, the Cloud,
Drones, biometrics, wearable technology.

Module 8: Data governance framework
Best practice models,
Information Asset Life Cycle,
Aligning data protection and data governance,
Standard frameworks and ISOs,
Measuring date protection compliance.

Module 9: Change management
Context and rationale,
Principles of change management,
Data protection training.

Module 10: Data security and technology
Physical security of data,
Virtual security of data,
Technical considerations.

Module 11: Ethics in data protection
Ethical first principles,
A framework for ethics in information management,
Practical application.

Module 12: Data protection update
Global view and EU v US approach,
Overview of recent data protection issues.

Workshops are interactive sessions that focus on group problem-solving and are designed to revise all modules covered to date and to consolidate the student’s knowledge.

Workshop Title Date Time
1 Subject Access Requests Saturday 9 March 2024 10am-12pm
2 Data Breaches Saturday 13 April 2024 10am-12pm
3 Data Privacy Impact Assessments Saturday 27 April 2023 10am-3pm

Entry requirements

This course is suitable for:

Solicitors, barristers, and trainees who currently advise or aspire to advise on data protection issues,

Data protection officers,

Compliance Officers,

IT professionals,

Professionals who are data controllers/processors and need to understand their legal obligations/duties,

All professionals advising on/working in the area of data protection who need to update their knowledge on the GDPR,

Suitably qualified professionals wishing to move into the area of data protection, and
Individuals who have an interest in protecting their personal data.

We welcome applications from others who are suitably qualified. Please note, for non-members this course is subject to a supplemental fee of €175 bringing the total course fee to €1,900. No fees are required prior to approval.

Application dates

The closing date for applications for this course is 24 January 2024.


Delivery Method
Online lectures on Wednesdays, with online workshops on Saturdays. Also available to view on-demand.

Enrolment dates

Start Date Wednesday 7 February 2024 at 6:00 PM

More details
  • Qualifications


  • Attendance type

    Blended,Evening,Part time,Weekend

  • Apply to

    Course provider