PROJECT PROPOSAL
Design of a Learning Course for GDPR Pivots at Meo
4. KNOWN LIMITATIONS AND CONSIDERATIONS
1. CONTEXT
5. INITIAL IDEAS / DIRECTION
2. RATIONALE AND NEED
3. PROJECT SCOPE AND OUTCOMES
Click the icons to overviews each item
Ana Pato | 1st December'26 Cohort
FULL CONTEXT DESCRIPTION
Organisation / Company: Meo – Serviços de Comunicações e Multimédia, S.A. Sector / Industry: Telecommunications. Target Learners: GDPR Pivots appointed within the organisation’s departments, with 0–8 years of experience in providing guidance, advisory support and monitoring GDPR compliance across the organisation. Learners are appointed as GDPR Pivots based on their departmental role and networking capability. They are geographically dispersed across the country, operating from multiple organisational sites. Their ages range between 30 and 60 years. They are familiar with digital technologies and have access to company computers, digital applications and corporate mobile devices, as well as to an internally developed Learning Management System (LMS). Due to their primary professional responsibilities and demanding schedules, their availability for in person training is limited, making asynchronous learning the preferred modality. Nevertheless, face-to-face training experiences are also highly valued. Delivery Modality: Blended learning – asynchronous and synchronous modalities. Existing Learning Offerings: Currently, learning provision consists of informal meetings with the Data Protection Officer and the Compliance and Data Privacy Department (DPO–DCD), aimed at communicating key role related guidelines. Operational Context of the Target Learners: Meo operates within a strongly data driven ecosystem, in which strategic decisions, daily operations and technological innovation depend on the continuous processing of personal data. Given the transversal relevance of data across the organisation, data protection responsibilities cannot be concentrated exclusively within a central function (Compliance and Data Privacy Department – DCD). Consequently, a distributed governance model was adopted, allowing data protection to be monitored directly within the operational environments where personal data are effectively processed. As a result, each department appointed a GDPR Pivot. The primary responsibility of the Pivot is to anticipate risks and ensure that data protection is considered from the early stages of departmental projects. Being closer to operational realities, GDPR Pivots act as a bridge between everyday departmental dynamics and regulatory compliance requirements, serving as key interlocutors between operational teams and the DPO. In short, GDPR Pivots are: • A collaborative link between each Department and the DCD; • Operational facilitators; • Data Protection ambassadors within their respective departments.
FULL RATIONALE AND NEED DESCRIPTION
Challenge, Gap or Opportunity Addressed
Currently, all Meo employees complete a transversal GDPR awareness programme covering fundamental principles, ensuring basic organisational compliance. However, there is no structured training programme specifically designed for GDPR Pivots. Due to employee turnover and organisational restructuring, role rotation among GDPR Pivots is frequent, making continuity and consistency difficult. As a result, rapid and effective knowledge transfer is required for onboarding new Pivots. A structured training programme is therefore essential to provide up to date information and ensure effective role performance from the outset. In parallel, a new central application for the registration and management of Data Processing Activities — the myPrivacy Portal — is being introduced organisation wide, creating an additional training need directly relevant to the Pivot role.
Evidence Supporting the Need
The DCD (Compliance and Data Privacy Department) confirms that current knowledge transmission through informal meetings lacks structure and consistency, limiting the rapid and effective enablement of GDPR Pivots. Current Pivots demonstrate uncertainty regarding the scope and responsibilities of their role, particularly in identifying risky processing activities, recognising warning signs and reporting incidents or data breaches in a timely manner. This hinders the DCD’s ability to conduct prompt and effective risk assessments. Strategic Alignment
The DCD identifies the need to strengthen the link between the organisation’s data protection strategy and its operational execution. Investment in the training of GDPR Pivots — the primary operational link between these dimensions — is considered essential.
Enhancing their competencies reinforces the organisation’s GDPR posture by bringing the DCD closer to everyday operations, while enabling operational teams to detect and report potential incidents earlier, thereby reducing and mitigating risk more effectively.
FULL PROJECT SCOPE AND OUTCOMES DESCRIPTION
Course Type: Development of a brand new course focused on the GDPR Pivot role. Learning Goals:
- To understand the role and responsibilities of the GDPR Pivot within Meo;
- To develop skills for identifying data processing activities and risk indicators;
- To enable effective and autonomous use of the myPrivacy Portal.
Learning Outcomes: By the end of the course, learners will be able to:
- Perform the GDPR Pivot role with a clear understanding of its purpose, scope and boundaries;
- Act as a data protection contact point, ensuring effective operational coordination with the DCD/DPO;
- Serve as an internal facilitator, promoting compliant practices and advising colleagues on data protection matters;
- Apply acquired knowledge in new contexts, such as identifying departmental projects involving personal data processing;
- Determine when to register processing activities, initiate a DPIA (Data Protection Impact Assessment) and involve the DCD;
- Detect risk indicators and report anomalies appropriately;
- Register Processing Activities accurately and follow approval workflows;
- Use the myPrivacy Portal autonomously.
From Bloom’s Taxonomy perspective, learners currently operate at Level 1 (Knowledge). The course aims to progress them to Level 3 (Application).
Course Length and Format: This course builds upon the organisation’s baseline GDPR programme and focuses exclusively on the GDPR Pivot role. It follows an 8 week blended programme, structured sequentially as: 1. Digital, self paced learning | 2. Classroom session with Technology Enhanced Learning | 3. Live virtual assessment sessions. Anticipated Number of Learners: Approximately 60–70 GDPR Pivots.
FULL KNOWN LIMITATIONS AND CONSIDERATIONS DESCRIPTION
Timeframe: Development - completion by 20 May 2026; Launch - beginning of June 2026. Budget: Limited to internal resources, existing authoring tools and free digital resources (Articulate 360, MS Teams, Clipchamp, Lumi, etc.). Technical Constraints: The internal LMS (Formare) does not currently integrate with the myPrivacy Portal Design Team: In-house learning designer/developer and subject matter experts (SMEs). Delivery Team: Internal SMEs only; no dedicated learner support team. Risks: Learner availability for classroom sessions may vary. This risk is mitigated through inclusion of full myPrivacy portal training within e-learning phase. SME availability for live virtual assessment sessions may be impacted by competing DCD priorities.
FULL INITIAL IDEAS / DIRECTION DESCRIPTION
1. Outline of the Training Structure
- Phase 1 – Asynchronous e-learning (“Digital Core”)
A self paced e-learning module of approximately 30 minutes, delivered via the LMS and completed within a 30 day window. The content will remain available for future consultation whenever required.
In parallel, a dedicated MS Teams space will be created to bring together all learners, enabling continuous support, clarification and interaction throughout the duration of the course.
- Phase 2 – Synchronous classroom with Technology Enhanced Learning
A live session facilitated by a DPO/DCD subject matter expert, aimed at demonstrating and consolidating the use of the myPrivacy Portal through practical, hands on exercises. The session will have an approximate duration of 2 hours and will take place within a 10 day period.
- Phase 3 – Synchronous live virtual assessment sessions
Interactive, moderated group sessions designed to assess knowledge acquisition through simulated situations, covering different hypothetical contexts and scenarios. Each session will last approximately 1 hour and will be scheduled over a 15 day period.
Total duration: approximately 3 hours and 30 minutes
Overall timeframe: delivered across an estimated 8 week period.
FULL INITIAL IDEAS / DIRECTION DESCRIPTION
2. Phase 1 – E-learning: Content Mapping and Learning Outcomes Modules
1. The role of GDPR Pivots within the organisation
2. Practical responsibilities of GDPR Pivots
3. Operational tools: myPrivacy
Module 1 – “The Role of GDPR Pivots within the Organisation”
Learning Outcomes: • Perform the GDPR Pivot role with a clear understanding of its purpose, scope and limits.
• Act as a data protection point of contact, ensuring effective operational coordination with the DCD and the DPO.
• Act as an internal facilitator, promoting compliant practices and supporting colleagues on data protection matters.
Proposed Formats: Authoring tools (Storyline/Rise), complemented by videos, images and/or graphics. Proposed Learning Activities: Learning outcomes will be achieved through the integration of content with interactive, practice oriented activities, such as exercises and dynamics simulating GDPR related scenarios, including cases with intentionally incomplete or unclear project information involving data processing, and scenarios related to data breaches caused by human error and their subsequent management.
FULL INITIAL IDEAS / DIRECTION DESCRIPTION
Module 2 – "Practical Responsibilities of GDPR Pivots" Learning Outcomes: • Apply acquired knowledge in new situations and contexts, such as identifying departmental activities or projects involving personal data processing.
• Determine when to register processing activities, signal the need for a Data Protection Impact Assessment (DPIA), and involve the DCD/DPO.
• Identify risk indicators and report anomalous situations appropriately.
Proposed Formats: Authoring tools (Storyline/Rise), complemented by videos, images and/or graphics. Proposed Learning Activities: Learning outcomes will be supported through interactive and applied activities, including: • Exercises focused on correctly identifying processing activities and the appropriate internal procedures to apply;
• Scenario based activities presenting different occurrences, requiring learners to assess eligibility for registration, the need for a DPIA and the involvement of the DCD/DPO;
• Simulated incidents designed to assess risk detection and compliant reporting behaviour.
Module 3 – "Operational Tools: myPrivacy" Learning Outcomes: • Understand the functionalities of the myPrivacy Portal and use it autonomously.
• Accurately register Processing Activities, ensuring completeness, accuracy and correct submission within the approval workflow.
• Create and monitor initiatives that may require a DPIA, interpreting status information, understanding each phase of the analysis workflow and clarifying the GDPR Pivot’s role throughout the process.
Proposed Formats: Screencasts or demonstration videos. Proposed Learning Activities: Learning outcomes will be achieved through hands-on exercises conducted after each screencast, enabling learners to practise and demonstrate comprehension of the demonstrated procedures.
4. KNOWN LIMITATIONS AND CONSIDERATIONS
Timeframe: Development - completion by 20 May 2026; Launch - beginning of June 2026 Budget: Limited to internal resources, existing authoring tools and free digital resources (Articulate 360, MS Teams, Clipchamp, Lumi, etc.) Technical Constraints: The internal LMS (Formare) does not currently integrate with the myPrivacy Portal Design Team: In-house learning designer/developer and subject matter experts (SMEs) Delivery Team: Internal SMEs only; no dedicated learner support team Risks: Learner availability for classroom sessions may vary. This risk is mitigated through inclusion of full myPrivacy portal training within e-learning phase. SME availability for live virtual assessment sessions may be impacted by competing DCD priorities.
1. CONTEXT OVERVIEW
Organisation: Meo – Serviços de Comunicações e Multimédia, S.A. Sector: Telecommunications Target Learners: GDPR Pivots appointed within organisational departments, with 0–8 years of experience in GDPR guidance, advisory and compliance monitoring. Learners are geographically dispersed, digitally proficient and have limited availability for face-to-face training Delivery Modality: Blended learning (asynchronous and synchronous) Existing Learning Offerings: Informal alignment meetings with the Data Protection Officer and the Compliance and Data Privacy Department (DPO–DCD)
See full Context
2. RATIONALE AND NEED OVERVIEW
The organisation currently provides a transversal GDPR awareness course for all employees; however, no structured training exists specifically for the GDPR Pivot role.
High role rotation, organisational restructuring and informal knowledge transfer have resulted in role ambiguity, gaps in risk identification and delays in incident reporting.
The introduction of a new central data protection management platform — myPrivacy — further reinforces the need for a structured, role specific training programme to enable effective Pivot onboarding and consistent operational performance.
See full Rationale and Need
5. INITIAL IDEIAS / DIRECTION OVERVIEW
Learning Structure: 3 phases • Phase 1 – Asynchronous e-learning (“Digital Core”)
Self paced module (~30 minutes) hosted on the LMS, complemented by a dedicated MS Teams space for ongoing support
• Phase 2 – Classroom with Technology Enhanced Learning
Live session facilitated by a DPO SME, focused on hands-on practice using the myPrivacy Portal (~2 hours)
• Phase 3 – Live Virtual Assessment Sessions
Moderated group sessions using simulated scenarios to assess applied knowledge (~1 hour) Total Learning Time: Approx. 3 hours and 30 minutes delivered over an 8 week period Phase 1 – E-learning: Content Mapping/Modules 1. The role of GDPR Pivots within the organisation
2. Practical responsibilities of GDPR Pivots
3. Operational tools: myPrivacy
See full Initial Ideas and Direction
3. PROJECT SCOPE AND OUTCOMES OVERVIEW
Type: Development of a new, specific course for GDPR Pivots Learning Goals:
- Clarify the GDPR Pivot’s role, responsibilities and boundaries
- Build capabilities to identify data processing activities and risk indicators
- Enable autonomous and correct use of the myPrivacy Portal
Learning Outcomes: By the end of the course, learners will be able to:
- Act as departmental data protection contact points
- Identify when to register processing activities and initiate DPIAs
- Detect risks and report incidents appropriately
- Apply learning to new operational scenarios (Bloom’s Taxonomy: Level 3 — Application)
Format: 8 week blended programme combining self-paced digital learning, classroom sessions with Technology Enhanced Learning, and live virtual assessment sessions Learner Numbers: Approximately 60–70 GDPR Pivots
See full Project Scope and Outcomes
PROJECT PROPOSAL
Ducky
Created on April 8, 2026
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Smart Presentation
View
Practical Presentation
View
Essential Presentation
View
Akihabara Presentation
View
Flow Presentation
View
Terrazzo Presentation
View
Dynamic Visual Presentation
Explore all templates
Transcript
PROJECT PROPOSAL
Design of a Learning Course for GDPR Pivots at Meo
4. KNOWN LIMITATIONS AND CONSIDERATIONS
1. CONTEXT
5. INITIAL IDEAS / DIRECTION
2. RATIONALE AND NEED
3. PROJECT SCOPE AND OUTCOMES
Click the icons to overviews each item
Ana Pato | 1st December'26 Cohort
FULL CONTEXT DESCRIPTION
Organisation / Company: Meo – Serviços de Comunicações e Multimédia, S.A. Sector / Industry: Telecommunications. Target Learners: GDPR Pivots appointed within the organisation’s departments, with 0–8 years of experience in providing guidance, advisory support and monitoring GDPR compliance across the organisation. Learners are appointed as GDPR Pivots based on their departmental role and networking capability. They are geographically dispersed across the country, operating from multiple organisational sites. Their ages range between 30 and 60 years. They are familiar with digital technologies and have access to company computers, digital applications and corporate mobile devices, as well as to an internally developed Learning Management System (LMS). Due to their primary professional responsibilities and demanding schedules, their availability for in person training is limited, making asynchronous learning the preferred modality. Nevertheless, face-to-face training experiences are also highly valued. Delivery Modality: Blended learning – asynchronous and synchronous modalities. Existing Learning Offerings: Currently, learning provision consists of informal meetings with the Data Protection Officer and the Compliance and Data Privacy Department (DPO–DCD), aimed at communicating key role related guidelines. Operational Context of the Target Learners: Meo operates within a strongly data driven ecosystem, in which strategic decisions, daily operations and technological innovation depend on the continuous processing of personal data. Given the transversal relevance of data across the organisation, data protection responsibilities cannot be concentrated exclusively within a central function (Compliance and Data Privacy Department – DCD). Consequently, a distributed governance model was adopted, allowing data protection to be monitored directly within the operational environments where personal data are effectively processed. As a result, each department appointed a GDPR Pivot. The primary responsibility of the Pivot is to anticipate risks and ensure that data protection is considered from the early stages of departmental projects. Being closer to operational realities, GDPR Pivots act as a bridge between everyday departmental dynamics and regulatory compliance requirements, serving as key interlocutors between operational teams and the DPO. In short, GDPR Pivots are: • A collaborative link between each Department and the DCD; • Operational facilitators; • Data Protection ambassadors within their respective departments.
FULL RATIONALE AND NEED DESCRIPTION
Challenge, Gap or Opportunity Addressed Currently, all Meo employees complete a transversal GDPR awareness programme covering fundamental principles, ensuring basic organisational compliance. However, there is no structured training programme specifically designed for GDPR Pivots. Due to employee turnover and organisational restructuring, role rotation among GDPR Pivots is frequent, making continuity and consistency difficult. As a result, rapid and effective knowledge transfer is required for onboarding new Pivots. A structured training programme is therefore essential to provide up to date information and ensure effective role performance from the outset. In parallel, a new central application for the registration and management of Data Processing Activities — the myPrivacy Portal — is being introduced organisation wide, creating an additional training need directly relevant to the Pivot role. Evidence Supporting the Need The DCD (Compliance and Data Privacy Department) confirms that current knowledge transmission through informal meetings lacks structure and consistency, limiting the rapid and effective enablement of GDPR Pivots. Current Pivots demonstrate uncertainty regarding the scope and responsibilities of their role, particularly in identifying risky processing activities, recognising warning signs and reporting incidents or data breaches in a timely manner. This hinders the DCD’s ability to conduct prompt and effective risk assessments. Strategic Alignment The DCD identifies the need to strengthen the link between the organisation’s data protection strategy and its operational execution. Investment in the training of GDPR Pivots — the primary operational link between these dimensions — is considered essential. Enhancing their competencies reinforces the organisation’s GDPR posture by bringing the DCD closer to everyday operations, while enabling operational teams to detect and report potential incidents earlier, thereby reducing and mitigating risk more effectively.
FULL PROJECT SCOPE AND OUTCOMES DESCRIPTION
Course Type: Development of a brand new course focused on the GDPR Pivot role. Learning Goals:
- To understand the role and responsibilities of the GDPR Pivot within Meo;
- To develop skills for identifying data processing activities and risk indicators;
- To enable effective and autonomous use of the myPrivacy Portal.
Learning Outcomes: By the end of the course, learners will be able to:- Perform the GDPR Pivot role with a clear understanding of its purpose, scope and boundaries;
- Act as a data protection contact point, ensuring effective operational coordination with the DCD/DPO;
- Serve as an internal facilitator, promoting compliant practices and advising colleagues on data protection matters;
- Apply acquired knowledge in new contexts, such as identifying departmental projects involving personal data processing;
- Determine when to register processing activities, initiate a DPIA (Data Protection Impact Assessment) and involve the DCD;
- Detect risk indicators and report anomalies appropriately;
- Register Processing Activities accurately and follow approval workflows;
- Use the myPrivacy Portal autonomously.
From Bloom’s Taxonomy perspective, learners currently operate at Level 1 (Knowledge). The course aims to progress them to Level 3 (Application). Course Length and Format: This course builds upon the organisation’s baseline GDPR programme and focuses exclusively on the GDPR Pivot role. It follows an 8 week blended programme, structured sequentially as: 1. Digital, self paced learning | 2. Classroom session with Technology Enhanced Learning | 3. Live virtual assessment sessions. Anticipated Number of Learners: Approximately 60–70 GDPR Pivots.FULL KNOWN LIMITATIONS AND CONSIDERATIONS DESCRIPTION
Timeframe: Development - completion by 20 May 2026; Launch - beginning of June 2026. Budget: Limited to internal resources, existing authoring tools and free digital resources (Articulate 360, MS Teams, Clipchamp, Lumi, etc.). Technical Constraints: The internal LMS (Formare) does not currently integrate with the myPrivacy Portal Design Team: In-house learning designer/developer and subject matter experts (SMEs). Delivery Team: Internal SMEs only; no dedicated learner support team. Risks: Learner availability for classroom sessions may vary. This risk is mitigated through inclusion of full myPrivacy portal training within e-learning phase. SME availability for live virtual assessment sessions may be impacted by competing DCD priorities.
FULL INITIAL IDEAS / DIRECTION DESCRIPTION
1. Outline of the Training Structure
- Phase 1 – Asynchronous e-learning (“Digital Core”)
A self paced e-learning module of approximately 30 minutes, delivered via the LMS and completed within a 30 day window. The content will remain available for future consultation whenever required. In parallel, a dedicated MS Teams space will be created to bring together all learners, enabling continuous support, clarification and interaction throughout the duration of the course.- Phase 2 – Synchronous classroom with Technology Enhanced Learning
A live session facilitated by a DPO/DCD subject matter expert, aimed at demonstrating and consolidating the use of the myPrivacy Portal through practical, hands on exercises. The session will have an approximate duration of 2 hours and will take place within a 10 day period.- Phase 3 – Synchronous live virtual assessment sessions
Interactive, moderated group sessions designed to assess knowledge acquisition through simulated situations, covering different hypothetical contexts and scenarios. Each session will last approximately 1 hour and will be scheduled over a 15 day period. Total duration: approximately 3 hours and 30 minutes Overall timeframe: delivered across an estimated 8 week period.FULL INITIAL IDEAS / DIRECTION DESCRIPTION
2. Phase 1 – E-learning: Content Mapping and Learning Outcomes Modules 1. The role of GDPR Pivots within the organisation 2. Practical responsibilities of GDPR Pivots 3. Operational tools: myPrivacy Module 1 – “The Role of GDPR Pivots within the Organisation” Learning Outcomes: • Perform the GDPR Pivot role with a clear understanding of its purpose, scope and limits. • Act as a data protection point of contact, ensuring effective operational coordination with the DCD and the DPO. • Act as an internal facilitator, promoting compliant practices and supporting colleagues on data protection matters. Proposed Formats: Authoring tools (Storyline/Rise), complemented by videos, images and/or graphics. Proposed Learning Activities: Learning outcomes will be achieved through the integration of content with interactive, practice oriented activities, such as exercises and dynamics simulating GDPR related scenarios, including cases with intentionally incomplete or unclear project information involving data processing, and scenarios related to data breaches caused by human error and their subsequent management.
FULL INITIAL IDEAS / DIRECTION DESCRIPTION
Module 2 – "Practical Responsibilities of GDPR Pivots" Learning Outcomes: • Apply acquired knowledge in new situations and contexts, such as identifying departmental activities or projects involving personal data processing. • Determine when to register processing activities, signal the need for a Data Protection Impact Assessment (DPIA), and involve the DCD/DPO. • Identify risk indicators and report anomalous situations appropriately. Proposed Formats: Authoring tools (Storyline/Rise), complemented by videos, images and/or graphics. Proposed Learning Activities: Learning outcomes will be supported through interactive and applied activities, including: • Exercises focused on correctly identifying processing activities and the appropriate internal procedures to apply; • Scenario based activities presenting different occurrences, requiring learners to assess eligibility for registration, the need for a DPIA and the involvement of the DCD/DPO; • Simulated incidents designed to assess risk detection and compliant reporting behaviour. Module 3 – "Operational Tools: myPrivacy" Learning Outcomes: • Understand the functionalities of the myPrivacy Portal and use it autonomously. • Accurately register Processing Activities, ensuring completeness, accuracy and correct submission within the approval workflow. • Create and monitor initiatives that may require a DPIA, interpreting status information, understanding each phase of the analysis workflow and clarifying the GDPR Pivot’s role throughout the process. Proposed Formats: Screencasts or demonstration videos. Proposed Learning Activities: Learning outcomes will be achieved through hands-on exercises conducted after each screencast, enabling learners to practise and demonstrate comprehension of the demonstrated procedures.
4. KNOWN LIMITATIONS AND CONSIDERATIONS
Timeframe: Development - completion by 20 May 2026; Launch - beginning of June 2026 Budget: Limited to internal resources, existing authoring tools and free digital resources (Articulate 360, MS Teams, Clipchamp, Lumi, etc.) Technical Constraints: The internal LMS (Formare) does not currently integrate with the myPrivacy Portal Design Team: In-house learning designer/developer and subject matter experts (SMEs) Delivery Team: Internal SMEs only; no dedicated learner support team Risks: Learner availability for classroom sessions may vary. This risk is mitigated through inclusion of full myPrivacy portal training within e-learning phase. SME availability for live virtual assessment sessions may be impacted by competing DCD priorities.
1. CONTEXT OVERVIEW
Organisation: Meo – Serviços de Comunicações e Multimédia, S.A. Sector: Telecommunications Target Learners: GDPR Pivots appointed within organisational departments, with 0–8 years of experience in GDPR guidance, advisory and compliance monitoring. Learners are geographically dispersed, digitally proficient and have limited availability for face-to-face training Delivery Modality: Blended learning (asynchronous and synchronous) Existing Learning Offerings: Informal alignment meetings with the Data Protection Officer and the Compliance and Data Privacy Department (DPO–DCD)
See full Context
2. RATIONALE AND NEED OVERVIEW
The organisation currently provides a transversal GDPR awareness course for all employees; however, no structured training exists specifically for the GDPR Pivot role. High role rotation, organisational restructuring and informal knowledge transfer have resulted in role ambiguity, gaps in risk identification and delays in incident reporting. The introduction of a new central data protection management platform — myPrivacy — further reinforces the need for a structured, role specific training programme to enable effective Pivot onboarding and consistent operational performance.
See full Rationale and Need
5. INITIAL IDEIAS / DIRECTION OVERVIEW
Learning Structure: 3 phases • Phase 1 – Asynchronous e-learning (“Digital Core”) Self paced module (~30 minutes) hosted on the LMS, complemented by a dedicated MS Teams space for ongoing support • Phase 2 – Classroom with Technology Enhanced Learning Live session facilitated by a DPO SME, focused on hands-on practice using the myPrivacy Portal (~2 hours) • Phase 3 – Live Virtual Assessment Sessions Moderated group sessions using simulated scenarios to assess applied knowledge (~1 hour) Total Learning Time: Approx. 3 hours and 30 minutes delivered over an 8 week period Phase 1 – E-learning: Content Mapping/Modules 1. The role of GDPR Pivots within the organisation 2. Practical responsibilities of GDPR Pivots 3. Operational tools: myPrivacy
See full Initial Ideas and Direction
3. PROJECT SCOPE AND OUTCOMES OVERVIEW
Type: Development of a new, specific course for GDPR Pivots Learning Goals:
- Clarify the GDPR Pivot’s role, responsibilities and boundaries
- Build capabilities to identify data processing activities and risk indicators
- Enable autonomous and correct use of the myPrivacy Portal
Learning Outcomes: By the end of the course, learners will be able to:- Act as departmental data protection contact points
- Identify when to register processing activities and initiate DPIAs
- Detect risks and report incidents appropriately
- Apply learning to new operational scenarios (Bloom’s Taxonomy: Level 3 — Application)
Format: 8 week blended programme combining self-paced digital learning, classroom sessions with Technology Enhanced Learning, and live virtual assessment sessions Learner Numbers: Approximately 60–70 GDPR PivotsSee full Project Scope and Outcomes