In this course you will gain foundational knowledge on both broad and global concepts of privacy and data protection laws and practice. You will learn common principles and approaches to privacy as well as understand the major privacy models employed around the globe. An introduction to information security concepts and information security management and governance will be covered including frameworks, controls, and identity and access management. You will also learn about online privacy as it relates to using personal information on websites and other internet-related technologies.
This course delves into the context of European data protection law: origins, institutions and legislative framework; data protection concepts, principles and application, including processing criteria, obligations, data subject rights, confidentiality and security, notification requirements, international data transfers, and supervision and enforcement; and European data protection practices related to employment, surveillance, direct marketing and outsourcing.
You will learn how to create a privacy programme at an organizational level, develop and implement a framework, and establish metrics to measure programme effectiveness. In an interactive format applying practices to a real-world scenario, you will review privacy programme practices through the privacy life cycle: assess, protect, sustain and respond.
The CIPP/E and CIPM designations are accredited under the internationally recognized ANSI/ISO standard 17024:2012, an acknowledgement of the quality and integrity of the programme.
This three-day programme covering the principals of information privacy and privacy management in the U.S. private-sector includes:
- Official IAPP CIPP/E and CIPM Participant Guides
- Official IAPP CIPP/E and CIPM Textbooks
- Official IAPP CIPP/E and CIPM Practice Tests
- IAPP CIPP/E and CIPM Certification Exam Vouchers
- One-Year IAPP Membership
- Your contact information must be provided to the IAPP for membership services fulfilment
Module 1: Fundamentals of Information Privacy
Unit 1: Common Principles and Approaches to Privacy
This unit includes a brief discussion about the modern history of privacy, an introduction to types of information, an overview of information risk management and a summary of modern privacy principles.
Unit 2: Jurisdiction and Industries
This unit introduces the major privacy models employed around the globe and provides an overview of privacy and data protection regulation by jurisdictions and by industry sectors.
Unit 3: Information Security: Safeguarding Personal Information
This unit presents introductions to information security, including definitions, elements, standards, and threats/vulnerabilities, as well as introductions to information security management and governance, including frameworks, controls, cryptography and identity and access management (IAM).
Unit 4: Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies
This unit discusses the web as a platform, as well as privacy considerations for sensitive online information, including policies and notices, access, security, authentication identification and data collection. Additional topics include children’s online privacy, email, searches, online marketing and advertising, social media, online assurance, cloud computing, and mobile devices.
Module 2: European Privacy
Unit 1: Introduction to European Data Protection
This unit introduces the origins and historical context for privacy in Europe, the European regulatory institutions and the legislative framework for current EU data protection law at both the EU and state level.
Unit 2: European Data Protection Law and Regulation
This unit takes an in-depth look at data protection concepts, application of the law, data protection principles, legitimate processing criteria, information provision obligations, data subject rights, confidentiality and security, notification requirements, international data transfers, and supervision and enforcement.
Unit 3: Compliance with European Data Protection Law and Regulation
This unit examines the employment relationship, surveillance activities, marketing activities, internet technology and communications, and outsourcing.
Module 3: Privacy Management
This Programme is broken into two segments. The first segment describes important practices in managing privacy. The second segment is an interactive format in which participants apply these practices to a real-world scenario.
Unit 1: Privacy Programme Governance
This unit describes how to create a privacy Programme at an organisational level, develop and implement a framework, and establish metrics to measure Programme effectiveness. Topics include: creating a company vision for its privacy Programme; establishing a privacy Programme that aligns to the business; structuring the privacy team; developing organisational privacy policies, standards and guidelines; defining privacy Programme activities; and defining Programme metrics.
Unit 2: Privacy Operational Life Cycle
This substantial unit reviews privacy Programme practices through the privacy life cycle: assess, protect, sustain and respond. Topics include: documenting the privacy baseline of the organisation; data processors and third-party vendor assessments; physical assessments; mergers, acquisitions and divestitures; privacy threshold analysis; privacy impact assessments; information security practices; Privacy by Design; integrating privacy requirements across the organization, auditing your privacy Programme; creating awareness of the organisation’s privacy Programme; compliance monitoring; handling information requests; and handling privacy incidents.
Individuals who need a foundational understanding of information privacy and data protection and privacy management. Those individuals interested in pursuing CIPP/E and CIPM certifications.
Certified Information Privacy Professional – Europe (CIPP/E)
Certified Information Privacy Management (CIPM)