IAPP Certified Information Privacy Professional Europe (CIPP/EU) + Exam

• Define key concepts of European data protection.
• Describe EU data protection laws and regulatory bodies.
• Explain the application of the GDPR and other compliance obligations to European and international entities.

Module 1: Data Protection Laws
Introduces key European data protection laws and regulatory bodies, describing the evolution toward a harmonized legislative framework.

Module 2: Personal Data
Defines and differentiates between types of data as defined by the EU General Data Protection Regulation, including personal, anonymous, pseudonymous and special categories.

Module 3: Controllers and Processors
Describes the roles and relationships of controllers and processors as defined by the GDPR.

Module 4: Processing Personal Data
Defines data processing and GDPR processing principles, explains the application of the GDPR, and outlines the legal grounds for processing personal data.

Module 5: Data Subject Rights
Describes data subject rights, applications of rights, and controller and processor obligations as set out in the GDPR.

Module 6: Information Provision Obligations
Explains controller obligations for providing information about data-processing activities to data subjects and supervisory authorities as set out in the GDPR.

Module 7: International Data Transfers
Outlines options and obligations under the GDPR for transferring data outside the European Economic Area, including adequacy decisions and appropriate safeguards and derogations.

Module 8: Compliance Considerations
Discusses the applications of European data protection laws, legal bases and compliance requirements for processing personal data in practice, including employers processing employee data, surveillance, direct marketing, and internet technology and communications.

Module 9: Security of Processing
Discusses considerations and duties of controllers and processors for ensuring personal data security and GDPR specifications for providing notification of data breaches.

Module 10: Accountability
Investigates accountability requirements, including data protection management systems, data protection impact assessments, data protection policies and the role of the data protection officer.

Module 11: Supervision and Enforcement
Describes the role, powers and procedures of supervisory authorities; composition and tasks of the European Data Protection Board; role of the European Data Protection Supervisor; and remedies, liabilities and penalties for noncompliance outlined in the GDPR.

While there are no prerequisites, However, participants are recommended to have:

• Basic understanding of data protection principles, information security concepts, or familiarity with legal or regulatory environments related to privacy

The examination blueprint indicates the minimum and maximum number of items that are included on the CIPP/E examination from the major areas of the Body of Knowledge. Questions may be asked from any of the listed topics under each area. You can use this blueprint to guide your preparation for the CIPP/E examination. For example, about 60% of the questions on the CIPP/E examination come from domain II.

• CIPM
• CIPT

• CIPM - IAPP Certified Information Privacy Manager + Exam