Program: Business Intelligence & Data Governance
Semester 3 (36h):
Program Structure
This course is part of an MBA academic program comprising twelve semesters.
This course corresponds to: Semester 3 of 12.
Each semester includes 12 instructional sessions, with each session lasting 3 hours, for a total of 36 hours per semester.
The complete program represents 3 courses with 4 semesters per course , combining lectures, applied workshops, and project-based learning.
Course Overview
This course is designed to delve into the essentials of data governance and compliance, focusing particularly on data privacy. As regulations such as the General Data Protection Regulation (GDPR) become increasingly complex, the course provides the necessary tools for students to understand and navigate these challenges. Throughout the semester, students will explore the objectives, territorial scope, and key principles of the GDPR, and compare it with other regulations like the California Consumer Privacy Act (CCPA) and the Health Insurance Portability and Accountability Act (HIPAA). The aim is to equip students with the skills necessary to apply data privacy standards in various business scenarios, ensuring compliance and effective data management.
EXPECTED LEARNING OUTCOMES:
Upon completion of this course, students should be able to:
- Demonstrate an in-depth understanding of GDPR and intellectual property rights
- Analyze the territorial and material scope, transparency, accountability, and subjects’ rights
- Critically evaluate data processing under GDPR and legal obligations
- Implement a data processing register, technical and organizational security measures
- Apply GDPR principles to websites, social media platforms, and cookie management
ASSESSMENT:
The final grade will be determined as follows:
– Group work involvement and ensuring deliverable
– Oral presentations on subject matter relating to course content
– Hybrid MCQ on class specialty lexicon
Extra Credit Opportunities: Written deliverables relating to presentations in the even the student should wish to improve their oral presentation score.
COURSE SCHEDULE:
| Dates |
Reading / Homework |
Weekly Session Content |
| Session 1 |
|
Introduction to GDPR
– Objectives of GDPR
– Territorial and material scope of the GDPR
– Key principles of the GDPR
– GDPR vs CCPA vs HIPPA |
| Session 2
|
|
Functioning of the GDPR
– Data processing: basics and legal obligations
– Data collection: principles and best practices
– Data processing register
– Data storage and security: technical and organizational measures
Hands-on exercise with examples of data processing registers |
| Session 3
|
|
Information Notices
– Defining information notices under the GDPR
– Content and structure of information notices
– Specific information to be included
Hands-on exercise: student will evaluate a specific information notices |
| Session 4
|
|
GDPR and Digital Tools
– GDPR and website
– GDPR and social media
– Data subjects’ rights: access, erasure, portability, restriction, etc.
– Cookie management and informed consent
Hands-on exercise: student will evaluate some digital tools |
| Session 5
|
|
Cookie
– Defining cookies and other tracking technologies
– Different types of cookies and their purposes
– Cookie Compliance Best Practices |
| Session 6
|
|
Data Transfer under GDPR
– Intro to Personal Data Transfer under GDPR
– The different mechanisms for transferring data
– Enforcement and sanctions |
| Session 7
|
|
Protection Impact Assessment (DPIA)
– Understand the concept of DPIA and its role in the GDPR
– Identify when a DPIA is required
– Conduct a DPIA using a step-by-step approach
Hands-on exercise: students will create a report of the results of a DPIA (PIA tool CNIL) |
| Session 8
|
|
Intellectual Property (IP)
– Introduction to Intellectual Property
– Copyright Law
– Trademark Law
– Patent Law
– Trade Secret Law |
| Session 9
|
|
Data Pseudonymization
– Introduction to Data Pseudonymization
– Pseudonymization Techniques
– Pseudonymization vs Anonymization |
| Session 10
|
|
Anonymization of Personal Data
– Anonymization in GDPR vs Anonymization in HIPPA
– Techniques for anonymization
– Metrics for evaluating the risk of re-identification of anonymized data
Hands-on practice: Students will apply an anonymization process to personal data (ARX tool) |
| Session 11
|
|
Regulation IA Act
– Introduction to the IA act
– Risk levels of AI systems
Hands-on exercise: Use case of a specific AI system
– Obligations of the IA act |
| Session 12
|
|
Final Project Presentation
– Students present their final projects incorporating concepts learned throughout the course |
Target Audience
-
Digital Business & Product Students
-
Future Managers & Consultants
-
BI & Information Systems Specialists
-
Entrepreneurs & Founders
- International MBA Students
Class reference: AGG/PR
Form Updated on: 22/01/2026 (Version 1)
Last Modified on: 22/01/2026
Program Information:
This program is continuously updated to reflect the latest regulatory frameworks.
