Why does GDPR compliance still challenge so many organisations — and what can professionals actually do about it?
Despite years of implementation, the gap between regulatory knowledge and day-to-day practice remains very real. Understanding the framework is one thing. Translating it into effective action — inside complex, resource-constrained organisations — is another.
That is precisely why we created DPO Fundamentals: Mastering the Basics of GDPR Compliance. Already well-established in French, the programme is now available in English for the very first time this September.
Eric Bedell, trainer at the House of Training since 2024 who will be leading this new English session, shares insights into what makes this programme truly different.
5 Questions to the Trainer on the Programme
1. What prompted you to develop the DPO Fundamentals programme — and why now?
What really prompted me was the gap I kept seeing between GDPR theory and the reality of the DPO role. On paper, the regulatory framework is well known. In practice, many DPOs — especially newly appointed ones — struggle with how to operate, how to influence, and how to make data protection work in environments that are complex, resource constrained, and sometimes not fully mature.
Why now?
Because the market demand for DPOs has never been higher, yet many professionals are being pushed into the role with limited preparation beyond legal knowledge. Organisations expect DPOs to be advisors, communicators, mediators, and change agents — but very few programmes actually train people for that reality.
DPO Fundamentals responds to this real need by focusing not only on compliance, but on how to carry the role effectively inside an organisation, whatever its size or level of maturity.
2. Who is this programme truly designed for?
This programme is deliberately inclusive. Of course, it is designed for newly appointed DPOs, who often feel pressure and isolation in the first months of their mandate.
But it is equally relevant for:
Professionals who are preparing to become DPOs
Compliance, legal, HR, IT or risk professionals who support data protection
People who may not yet hold the title, but are already playing a de facto DPO role in their organisation
You do not need to be a lawyer or a GDPR expert to benefit. The programme is built for people who want to understand the posture, responsibilities and practical realities of the DPO function, and who want to grow into the role with confidence.
3. What will participants concretely be able to do after completing the programme?
After the programme, participants should feel that they can actually perform the role — not just describe it.
Concretely, they will be able to:
Structure and prioritise DPO activities in a realistic way
Communicate effectively with management, business teams and IT
Handle difficult conversations, pushback, and resistance
Translate GDPR requirements into operable, proportionate actions
Apply methodical approaches adapted to the size, risk profile and budget of their organisation
The key takeaway is not “knowing more GDPR articles”, but knowing how to act as a DPO — with clarity, pragmatism and credibility.
4. What sets this programme apart from a standard GDPR training?
Most GDPR trainings focus on what the law says. This programme focuses on what the job requires.
What makes it different is:
A strong emphasis on soft skills: communication, positioning, influence, decision making
A realistic framing of the DPO role as a functional and organisational role, not only a legal one
Practical case studies rooted in real life constraints, not ideal scenarios
A programmatic and method driven approach that works for large organisations and small structures with limited resources
The goal is not perfection, but effective, defensible and sustainable data protection practices.
5. What is the one message you want participants to leave with?
The key message I want participants to carry with them is this:
You don’t need to know everything to be a good DPO — but you do need the right posture, methods and confidence.
Beyond technical knowledge, I hope they leave with:
The conviction that the DPO role is about enabling, not blocking
The confidence to adapt GDPR principles pragmatically
A mindset focused on dialogue, proportionality and continuous improvement
If participants walk away feeling less alone, more structured, and more legitimate in their role, then the programme has achieved its purpose.
More information & registration
