Member Services

01 23 777 88

or complete our Contact Form


01 23 777 23

or complete our Contact Form


European Certified Data Protection Officer Programme: FAQs

We've received a lot of interest regarding our recently launched European Certified Data Protection Officer (ECDPO) programme. To help, we've come up with the list below of FAQs, please help us to keep this list as accurate as possible so please send us your questions and suggestions to

1. Who is a Data Protection Officer?

Under the European General Data Protection Regulation (GDPR), a Data Protection Officer (DPO) can be described as the individual or entity “responsible for all things data protection in an organisation”. He/she will be the first point of contact on data protection issues in the workplace. The DPO role is a key advisory role, providing the needed guidance on the identification of and management of risks privacy risks.

2. How important is the role of the Data Protection Officer?

GDPR imposes specific obligations on certain sectors (public authorities or bodies) and organisations who process large amounts of data or are engaged systematic monitoring (e.g. monitoring of individuals includes online behavioural marketing for commercial purposes etc.). Since May 2018, a lot of focus is placed on the role of the Data Protection Officer under GDPR, given its relevance in the workplace in maintaining and sustaining regulatory compliance.

3. What is the European Certified Data Protection Officer Certification?

The European Certified Data Protection Officer Certification seeks to validate the role of the Data Protection Officer in the workplace.

4. Why is the European Certified Data Protection Officer Certification necessary?

The requirements of GDPR central to the role of the DPO are very much of a hands-on nature, which means that a pragmatic understanding of the role and application are vital in meeting regulatory needs.

5. What purpose will the ECDPO Certification serve?

ECDPO will serve to ratify and verify the role of the data protection officer in the workplace.

6. Who is qualified to be an ECDPO?

  • Existing Data Protection Practitioners who have completed the Certified Data Protection Practioner course are automatically eligible to participate in the ECDPO programme.
  • An individual with similar data protection qualification or other legal qualification (law graduates) will be considered as long as verifiable documentary evidence (certificate) is provided.
  • Anyone with data protection responsibilities in their daily role can participate in the ECDPO programme.

7. What is the minimum requirement for the ECDPO Certification

The minimum requirements will be addressed on the basis of the various target audiences;

  • Existing DP Practitioners: no additional certification requirements need to be met but candidates are required to take the “Preparing for GDPR” module plus five other modules. This module provides existing certificate holders with an overview of the regulatory changes outlined in the regulation. It will be used as a baseline for other modules to be taken.
  • Non-DP Practitioners but similarly qualified: A copy of qualification should be provided for verification as part of the applications process. On approval, delegates will be required to take the “Preparing for the GDPR” module plus five other modules.
  • Non-DP Practitioners but similarly qualified: Candidates are required to take the Certified Data Protection Practitioner module to qualify for the ECDPO. Preparing for GDPR module has been subsumed into the new GDPR practitioner course and will be covered during the 3 days.

8. How will the ECDPO process work?

This is a five stage process which starts with the baseline module completion requirements described above. Existing DP Practitioners will be required to complete five additional modules on completion of the Preparing for the GDPR module which is compulsory. New Practitioners will be required to complete the 3 day DPP module after which an additional 6 modules will need to be completed.

On the successful completion of the modules, an online assessment will be completed, which accounts for 70 percent of the overall score. A project or case study will be completed which will account for 30% of the remainder of the overall score.

The format for project or case study for each candidate will be determined on the successful completion of the modular courses. Candidates will be given two topics which will be delivered either by way of a project or a case study or both, to be presented and delivered to a panel of industry experts.

9. Why do I have to take so many modules?

The requirements of GDPR for DPO's are hands-on in nature (e.g. subject access, risk impact assessment, data breach management etc.). All organisations must be able to demonstrate their accountability to regulatory compliance and their willingness to comply with the requirements of GDPR.

Each module will demonstrate your in-depth knowledge of a key subject area and your organisation's commitment to their GDPR accountabilities.

10. How much will it cost?

Please see website for details:

11. How many CPD points will I need to accrue to qualify for recertification?

You will be required to accrue a total of 63 CPD points over a 3 year period.

12. How long will the ECDPO certification be valid for?

The ECDPO certificate will be valid for 3 years after which it will be renewed as long as DPOs have accrued 63 CPD points within the stated time frame.

13. I am not a member of the Association of Data Protection Officers. Will I get automatic membership of ADPO when I register for ECDPO Programme?

Yes, you will be registered for ADPO membership.

14. I have not taken the DP Practitioner exam as I have a degree in law or similar. I have signed up for the Advanced Data Protection Training Programme will there be a fee for the exam?


15. The exam leading to European Certified DP Officer, what modules will the assessment questions be based on. For example, if I undertake Modules 1,2,3,5,6,7 will the question only be based on these modules?

The scope of the assessment will be based only on the modules taken.

16. I completed the advanced modules 1, 2, and 3 in 2016, is the content still the same or has it changed?


17. If I want to complete all 8 modules do I have to pay extra?

Yes, you will pay extra to complete all 8 modules.

18. What modules would you recommend me to undertake and in what sequence?

There is no particular order or sequence that can be recommended as long as the minimum requirements are met.

19. Do I have to complete the programme within a given time frame?

It is highly recommended that the time to complete the programme should not exceed 12 - 18 months.

20. How do I register my interest in the European Certified Data Protection Officer Programme?

To register, just go to ECDPO Training page to find out when the next course date starts, complete your registration and we will be in touch to discuss your eligibility.

Share this article!