Meet your privacy challenges head on with our training classes:

Data Is One Of Your Most Valuable Assets

Every day it is being accessed, shared, managed and transferred by people in your organization—in all departments and at all levels. Unless your employees have a solid understanding of the considerations and challenges involved in managing data, you risk a data breach, diminished customer trust and possible enforcement action.

Our training can provide your staff with the knowledge they need to help you meet your privacy program goals of reduced risk, improved compliance, enhanced brand loyalty and more. Our training offers privacy and data protection training programs specifically designed to extend that knowledge to those on your team requiring a solid understanding of privacy principles and practices.

In order to help you drive privacy knowledge across your organization, our comprehensive and flexible programs can be suited to your specific needs and availability.

 

 

Certified Information Privacy Manager (CIPM)

 

The CIPM is the world’s first and only certification in privacy program management. When you earn a CIPM, it shows that you know how to make a privacy program work for your organization. In other words, you’re the go-to person for day-to-day operations when it comes to data protection.

 

The CIPM program was developed by the International Association of Privacy Professionals (IAPP), which is the world’s largest comprehensive global information privacy community and resource. The CIPM certification also holds accreditation under ISO 17024: 2012.

 

What will you learn?

The course is broken into ten modules:

Module 1: Introduction to privacy program management

Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management.

 

Module 2: Privacy governance
Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks.

 

Module 3: Applicable laws and regulations
Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy.

 

Module 4: Data assessments
Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments.

 

Module 5: Policies
Describes common types of privacy-related policies, outlines components and offers strategies for implementation.

 

Module 6: Data subject rights
Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten.

 

Module 7: Training and awareness
Outlines strategies for developing and implementing privacy training and awareness programs.

 

Module 8: Protecting personal information
Examines a holistic approach to protecting personal information through privacy by design.

 

Module 9: Data breach incident plans

Provides guidance on planning for and responding to a data security incident or breach.

 

Module 10: Measuring, monitoring and auditing program performance
Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance.

 

Who should attend?

Data Protection Officers

Data Protection Managers

Auditors

Legal Compliance Officers

Security Manager

Information Managers

Anyone involved with data protection processes and programs

 

Are you GDPR Ready?

The General Data Protection Regulation (GDPR) takes effect in 2018, are you ready for it?

 

There’s a lot to know, there’s a lot at stake and there’s a lot of opportunity for data protection professionals with the right training and education.

 

Achieving a CIPM credential shows that you have a practical and comprehensive knowledge of how data protection programs should work across an organization.

 

The Certified Information Privacy Professional/Europe (CIPP/E) credential focuses on the regulations that govern data protection programs.

 

Adding the CIPP/E to your CIPM puts you at the forefront of ensuring you are ready for the GDPR. 

 

 

Certified Information Privacy Professional/U.S. Government (CIPP/G)

 

The Certified Information Privacy Professional/U.S. Government (CIPP/G) program was the first publicly available privacy certification for government employees. The CIPP/G credential demonstrates that you have a deep knowledge of U.S. government privacy laws, regulations and policies specific to government practice. It also shows you have a broad understanding of the laws and policies applicable to public and private sectors in the U.S., all of which gives you an edge over your competition. 

The CIPP/G program was developed by the International Association of Privacy Professionals (IAPP), which is the world’s largest comprehensive global information privacy community and resource. 

 

The CIPP/G program was developed by the International Association of Privacy Professionals (IAPP), which is the world’s largest comprehensive global information privacy community and resource.

he Certi Information Privacy Professional/U.S. Government (CIPP/G) program was the fir 

What will you learn?

The course covers ten modules:

 

Module 1: Privacy Definitions and Principles

Introduces definitions of privacy and PII, explains the importance of privacy as a core value in U.S. society, reviews the FIPPs, and compares and contrasts information privacy and information security.

 

Module 2: OMB Circular A-130 Core Concepts

Explains the purpose of the Federal Privacy Council, describes the duties of the SAOP, reviews general requirements of agency privacy programs, summarizes the concepts and practice of continuous monitoring and describes agency responsibilities for employee and contractor training and accountability.

 

Module 3: The Privacy Act of 1974

Reviews the major purpose and policy objectives of the Privacy Act of 1974, to whom it applies and whom it protects, as well as which agencies are exempt from specific provisions of the Act; describes the intention of systems of records and systems of records notices; summarizes the benefits of computer matching programs and the privacy protections built into them; reviews the civil remedies and criminal penalties for Privacy Act violations.

 

Module 4: The E-Government Act of 2002

Reviews the purpose and policy objectives of the E-Government Act of 2002; provides the definition of a PIA, describes when to conduct one and, at a high level, what information needs to be included; describes website privacy policy requirements and content for agency-facing public websites; outlines appropriate agency uses for, and how to communicate privacy protections when working with, third-party websites and applications (TPWA).

 

Module 5: Other U.S. Government Privacy Laws

Explains the implications of the Federal Information Security Management Act (FISMA) for federal agencies; describes key responsibilities of federal agencies as a result of several U.S. government privacy laws, including: the Paperwork Reduction Act, Data Quality Act, Federal Agency Data Mining Reporting Act, Federal Records Act, Controlled Unclassified Information (CUI) Office Notice, and Cybersecurity Information Sharing Act (CISA); describes the objective of federal open meetings laws.

 

Module 6: Risk Management and Incident Response

Reviews the various NIST publications and OMB memoranda that govern risk management of privacy and security in government systems, as well as the Fair Information Practice Principles (FIPPs) underlying these standards; describes agency requirements for tracking and documenting breach response activities, according to OMB M-17- 12; explains the difference between incidents and breaches; introduces the three privacy engineering objectives outlined in NISTIR 8062, “An Introduction to Privacy Engineering and Risk Management in Federal Systems.”

 

Module 7: Other U.S. Government Privacy Practices

Describes the rights granted by the Freedom of Information Act (FOIA) of 1966, as well as several exceptions to the act and the purpose of institutional review boards (IRBs); reviews the privacy-related requirements set forth by OMB M-17-06, “Policies for Federal Agency Public Websites and Digital Services.”; explains privacy safeguards that agencies should put into place when working with contractors and third parties.

 

Module 8: Laws Affecting Both the Public and Private Sectors

Identifies the privacy-related components of laws related to protected health information (PHI); describes the major points of laws relating to intelligence and homeland security; explains the significant differences, from a privacy perspective, between the USA PATRIOT Act and the USA FREEDOM Act, reviews federal government aspects of privacy-related laws in the financial and communications sectors.

 

Module 9: U.S. Constitutional Issues

Describes the Fourth Amendment and the related questions used to evaluate whether an individual’s rights under this amendment have been violated; reviews the concept of third-party doctrine; reviews the Stored Communications Act.

 

Module 10: Guidance and Reporting Summary

Summarizes the primary privacy reporting obligations of federal agencies; refers to a full list of memoranda, law, directives, executive orders and other guidance covered in the training

 

Who should attend?

U.S. government employees

Vendors serving government clients

Suppliers serving government clients

Consultants serving government clients

 

What can the CIPP do for you?

It will show the world that you know privacy laws and regulations and how to apply them, and that you know how to secure your place in the information economy. When you earn a CIPP credential, it means you’ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more.

 

Certified Information Privacy Professional/United States (CIPP/US)

 

The Certified Information Privacy Professional/United States (CIPP/US) program was the first professional certification ever to be offered in information privacy. The CIPP/US credential demonstrates a strong foundation in U.S. privacy laws and regulations and understanding of the legal requirements for the responsible transfer of sensitive personal data to/from the U.S., the EU and other jurisdictions.

 

The CIPP/US program was developed by the International Association of Privacy Professionals (IAPP), which is the world’s largest comprehensive global information privacy community and resource. The CIPP/US certification also holds accreditation under ISO 17024: 2012.

 

What will you learn?

The course covers seventeen modules:

 

Module 1: Introduction to privacy

Discusses the modern history of privacy, an introduction to personal information, an overview of data protection roles and a summary of modern privacy frameworks

 

Module 2: Structure of U.S. law

Reviews the structure and sources of U.S. law and relevant terms, and introduces governmental bodies that have privacy and information security authority

 

Module 3: General Data Protection Regulation overview

Presents a high-level overview of the GDPR, discuss the significance of the GDPR to U.S. organizations, and summarizes the roles and responsibilities outlined in the law

 

Module 4: Enforcement of U.S. privacy and security laws

Distinguishes between criminal and civil liability, presents theories of legal liability and describes the enforcement powers and responsibilities of government bodies, such as the FTC and state attorneys general

 

Module 5: Information management from a U.S. perspective

Explores the development of a privacy program and the role of privacy professionals, discusses vendor management and examines data collection, classification and retention

 

Module 6: Federal versus state authority

Compares federal and state authority and discusses preemption

 

Module 7: Healthcare

Describes privacy laws in healthcare, including the major components of HIPAA and the development of HITECH, and outlines privacy protections mandated by other significant healthcare laws

Module 8: Financial privacy

Outlines the goals of financial privacy laws, highlights key concepts of FCRA, FACTA and GLBA, and discusses the Red Flags Rule, Dodd-Frank and consumer protection laws

 

Module 9: Education

Outlines the privacy rights and protections under FERPA, as well as recent amendments provided by PPRA and NCLBA

 

Module 10: Telecommunications and marketing Explores rules and regulations of telecommunications entities, reviews laws that govern marketing, and briefly discusses how privacy is addressed in the digital advertising realm

 

Module 11: Law enforcement and privacy

Summarizes privacy laws on intercepting communication, including how the telecommunications industry must cooperate with law enforcement, and outlines laws that assure rights to financial privacy

 

Module 12: National security and privacy

Further explores rules and regulations on intercepting communication, including how the laws have evolved and how government agencies and private companies work collaboratively to improve cybersecurity

 

Module 13: Civil litigation and privacy

Discusses privacy issues related to litigation including electronic discovery, redaction and protective orders, and briefly compares U.S. discovery rules to foreign laws

 

Module 14: Legal overview of workplace privacy

Describes federal and state laws that regulate and protect employee privacy, as well as federal laws that prohibit discrimination

 

Module 15: Privacy before, during and after employment

Examines the lifecycle of employee privacy including background screening, employee monitoring, investigating misconduct and termination; outlines antidiscrimination laws; and discusses “bring your own device” policies

 

Module 16: State data security laws

Identifies state laws that impact data security, reviews Social Security number use regulation and discusses laws governing data destruction

 

Module 17: Data breach notification laws

Summarizes the scope of state data breach notification law, highlights the nine elements of state data breach notification laws and notes major differences in state laws

 

 

Who should attend?

Data Protection Officers

Data Protection Managers

Auditors

Legal Compliance Officers

Security Manager

Information Managers

Anyone involved with data protection processes and programs

 

Certified Information Privacy Technologist (CIPT)

 

The CIPT is the first and only certification of its kind worldwide. It was launched by the IAPP in 2014 to meet the growing need that only tech pros can fill—securing data privacy at all stages of IT product and service lifecycles.

 

The CIPT credential shows you’ve got the knowledge to build your organisation’s data protection structures from the ground up. With regulators worldwide calling for tech professionals to factor data protection into their products and services, the job market for privacy-trained IT pros has never been stronger.

 

Whether you work in the public or private sector, data privacy skills are quickly becoming a must-have—and that’s a great opportunity for you.

 

The CIPT certification also holds accreditation under ISO 17024: 2012.

 

What will you learn?

• Critical data protection concepts and practices that impact IT
• Consumer data protection expectations and responsibility
• How to bake privacy into early stages of IT products and services for cost control, accuracy and speed-to-market
• How to establish data protection practices for data collection and transfer
• How to preempt data protection issues in the Internet of Things
• How to factor data protection into data classification and emerging tech such as cloud computing, facial recognition and surveillance
• How to communicate data protection issues with partners such as management, development, marketing and legal.

 

This course has two programmatic modules, the first four areas focus on the fundamentals of data protection. The second module takes the fundamentals and puts it into practice.

 

MODULE 1: Fundamentals of Information Privacy

Unit 1: Common Principles and Approaches to Privacy

This unit includes a brief discussion of the modern history of privacy, an introduction to types of information, an overview of information risk management and a summary of modern privacy principles.

 

Unit 2: Jurisdiction and Industries

This unit introduces the major privacy models employed around the globe and provides an overview of privacy and data protection regulation by jurisdictions and industry sectors.

 

Unit 3: Information Security: Safeguarding Personal Information

This unit presents introductions to information security, including definitions, elements, standards and threats/vulnerabilities, as well as introductions to information security management and governance, including frameworks, controls, cryptography and identity and access management (IAM).

 

Unit 4: Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies

This unit examines the web as a platform, as well as privacy considerations for sensitive online information, including policies and notices, access, security, authentication and data collection. Additional topics include children’s online privacy, email, searches, online marketing and advertising, social media, online assurance, cloud computing and mobile devices.

 

MODULE 2: Privacy in Technology

Unit 1: Understanding the Need for Privacy in the IT Environment

This unit highlights the impact that regulatory activities, security threats, advances in technology and the increasing proliferation of social networks have on IT departments.

 

Unit 2: Core Privacy Concepts

This unit reveals how privacy compliance becomes more attainable through developing information lifecycle plans, data identification and classification systems and data flow diagrams.

 

Unit 3: Regulations and Standards Impacting Privacy in IT

This unit introduces privacy laws, regulations and standards that can help IT professionals design better privacy programmes and systems to handle personal information throughout the data lifecycle.

 

Unit 4: Privacy in Systems and Applications

This unit develops an understanding of the risks inherent in the IT environment and how to address them.

 

Unit 5: Online Privacy Issues

This unit presents information about online threats, threat prevention and the role of IT professionals in ensuring proper handling of user data.

 

Unit 6: De-identifying and Anonymizing Personally Identifiable Information

This unit reveals the importance of personally identifiable information and methods for ensuring its protection.

 

Unit 7: Cloud Computing

This unit evaluates privacy and security concerns associated with cloud services, and standards that exist to advise on their use.

 

Who should attend?

Data Protection Officers

IT Managers and Administrators

Records Managers

System Developers

IT Security specialist

Anyone who builds and develops IT systems