Master Class: Privacy Management and Data Governance under the GDPR and EU AI Act

The programme places particular emphasis on the accountability principle, extending it to AI-enabled processing and AI systems. It addresses AI-specific data governance obligations, including governance of training, validation and testing data, human oversight, documentation, traceability, and organisational responsibility across the AI lifecycle. AI literacy is addressed as an organisational governance requirement, ensuring that relevant staff and decision-makers are able to understand, oversee, and responsibly use AI systems in line with the EU AI Act.

Participants will work with senior practitioners and academics with extensive experience to develop integrated privacy and AI data governance models that are legally compliant, operationally effective, and board-ready.

This programme is part of the Professional University Diploma track on Privacy Management. 

What you will learn

This specialised, hands-on training enables participants to:

• Design and implement a privacy management and data governance framework aligned with GDPR and EU AI Act requirements
• Operationalise the accountability principle across organisational structures and processes
• Embed privacy-by-design and AI-by-design into governance and operational workflows
• Define and allocate roles, responsibilities, and reporting lines for privacy and AI governance
• Manage ICT, data protection, and AI-related contractual relationships
• Integrate privacy, information security, and AI risk management approaches
• Monitor, audit, and report on compliance and governance effectiveness to senior management and boards

This course is complemented with best-practice examples combined with a high degree of interactivity and a large range of other materials to provide participants the perfect expert practical knowledge, practical solutions and guidelines that can help in designing and managing the privacy programme and data governance model.

Who should attend

This course is designed for individuals who have already obtained the Maastricht University ECPC-B European Professional DPO Certificate, or an equivalent professional DPO certification (40 hours training). It is tailored for professionals with a background in data protection, privacy, law, or information security who wish to deepen their expertise in implementing a Privacy Management and Personal Data Governance Programme within an organisation.
The training is ideal for Data Protection Officers (DPOs), security officers, compliance officers, as well as HR, IT, and marketing professionals who oversee privacy programmes and manage  data governances model.