IAPP Certified Information Privacy Professional and Technologist prep course + Exam

- Data Protection Officers

- IT Managers and Administrators

- Records Managers

- System Developers

- IT Security specialist

- Anyone who builds and develops IT systems

• Define key concepts of European data protection.
• Describe EU data protection laws and regulatory bodies.
• Explain the application of the GDPR and other compliance obligations to European and international entities.
• Identify the risks to privacy that are inherent throughout the data life cycle and explain how software security helps to mitigate privacy threats.  
• Outline how technical measures and privacy-enhancing technologies may be used to enhance privacy throughout all steps of the data life cycle.
• Explain the role of privacy engineering in an organization.
• Describe the process and methodology of the privacy-by-design model.
• Examine the unique challenges that come from online privacy issues.

Days 1 & 2

Module 1: Data Protection Laws
Introduces key European data protection laws and regulatory bodies, describing the evolution toward a harmonized legislative framework.

Module 2: Personal Data
Defines and differentiates between types of data as defined by the EU General Data Protection Regulation, including personal, anonymous, pseudonymous and special categories.

Module 3: Controllers and Processors
Describes the roles and relationships of controllers and processors as defined by the GDPR.

Module 4: Processing Personal Data
Defines data processing and GDPR-processing principles, explains the application of the GDPR, and outlines the legal grounds for processing personal data.

Module 5: Data Subject Rights
Describes data subject rights, applications of rights, and controller and processor obligations as set out in the GDPR.

Module 6: Information Provision Obligations
Explains controller obligations for providing information about data-processing activities to data subjects and supervisory authorities as set out in the GDPR.

Module 7: International Data Transfers
Outlines options and obligations under the GDPR for transferring data outside the European Economic Area, including adequacy decisions and appropriate safeguards and derogations.

Module 8: Compliance Considerations
Discusses the applications of European data protection laws, legal bases and compliance requirements for processing personal data in practice, including employers processing employee data, surveillance, direct marketing, and internet technology and communications.

Module 9: Security of Processing
Discusses considerations and duties of controllers and processors for ensuring personal data security and GDPR specifications for providing notification of data breaches.

Module 10: Accountability
Investigates accountability requirements, including data protection management systems, data protection impact assessments, data protection policies and the role of the data protection officer.

Module 11: Supervision and Enforcement
Describes the role, powers and procedures of supervisory authorities; composition and tasks of the European Data Protection Board; role of the European Data Protection Supervisor; and remedies, liabilities and penalties for noncompliance outlined in the GDPR.

Days 3 & 4

Module 1: Foundational Principles of Privacy in Technology
Summarizes the foundational elements for embedding privacy in technology through privacy by design and value-sensitive design. Reviews the data life cycle and common privacy risk models and frameworks.

Module 2: Role of the Technology Professional in Privacy
Reviews the fundamentals of privacy as they relate to the privacy technologist. Describes the privacy technologist’s role in ensuring compliance with privacy requirements and meeting stakeholder privacy expectations. Explores the relationship between privacy and security.

Module 3: Privacy Threats and Violations
Identifies inherent risks throughout the data life cycle stages and explores how software security helps mitigate privacy threats. Examines the impacts that behavioral advertising, cyberbullying and social engineering have on privacy within the technological environment.

Module 4: Technical Measures and Privacy-Enhancing Technologies
Outlines the strategies and techniques for enhancing privacy throughout the data life cycle, including identity and access management; authentication, encryption and aggregation; and personal information collection and use.

Module 5: Privacy-by-Design Methodology
Illustrates the process and methodology of the PbD model. Explores practices to ensure ongoing vigilance when implementing PbD.

Module 6: Privacy Engineering
Explores the role of privacy engineering within an organization, including the objectives of privacy engineering, privacy-design patterns and software-privacy risks.

Module 7: Technology Challenges for Privacy
Examines the unique challenges that come from online privacy issues, including automated decision-making, tracking and surveillance technologies, anthropomorphism, ubiquitous computing and mobile social computing.

While there are no prerequisites, However, participants are recommended to have:

• Familiarity with legal or regulatory environments related to privacy
• A basic understanding of IT, cybersecurity, or software development concepts
• Familiarity with data protection and privacy principles

Certified Information Privacy Professional – Europe (CIPP/E):

Achieving a CIPP/E credential shows you have the comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe—and to take advantage of the career opportunity this sweeping legislation represents.

Certified Information Privacy Technologist (CIPT):

Achieving the CIPT credential shows you’ve got the knowledge to build your organisation’s data protection structures from the ground up. With regulators worldwide calling for tech professionals to factor data protection into their products and services, the job market for privacy-trained IT pros has never been stronger.