CIPP/E Certification Training:

CIPP/E Certification Training or Certified Information Privacy Professional (Online, Onsite, and Classroom Live!)

Our Certified Information Privacy Professional/Europe (CIPP/E) boot camp provides data protection officers (DPOs) and other professionals in privacy and data protection roles with comprehensive knowledge and understanding of the European Union General Data Protection Regulation (GDPR), European legislative framework, and other important topics, such as the EU-US Privacy Shield.

You will learn about the legal requirements for the responsible transfer of sensitive personal data to and from the U.S., the EU, and other jurisdictions. The course also covers European data protection practices and relevant internet technology and communications.

Exam Information

• Exam Format: Multiple Choice and Scenario-based
• No. of Questions: 90 questions out of which 75 questions are scored
• Exam Duration: 150 minutes
• Passing Score: 300 out of 500
• Exam Language: English, French, and German

What’s Included?

• Two days of live, expert CIPP/E Certification Training instruction
• Official IAPP CIPP/E participant guide
• Official IAPP CIPP/E textbook
• Official IAPP CIPP/E practice test
• IAPP CIPP/E certification exam voucher
• IAPP membership for one year

Note: Your contact information must be provided to the IAPP for membership services fulfillment.

Resources:

Related Courses

Audience / Target Group:

The target audience for this CIPP/E Certification Training course:

• Auditors
• Data Protection Officers
• Data Protection Managers
• Suppliers serving government clients
• Consultants serving government clients
• Individuals who need a foundational understanding of information privacy and data protection
• Anyone interested in pursuing CIPP/C certification
• Officers and employees at regulatory agencies who handle privacy as part of their day-to-day roles
• Individuals who advise senior government officers on information management policies and practices, particularly as they relate to personal information, such as records management or record retention
• Existing Certified Information Privacy Professionals (CIPPs) who wish to add a government privacy specialization to their core credential

Objectives

The CIPP/E Certification Training course enables you to understand the basic concepts of data privacy and data protection. It helps you learn all about the General Data Protection Regulation (GDPR) covering all its 99 articles. This training will also help you understand the responsibility of data protection offered in data handling, processing, and controlling.

Learning objectives:

• Introduction to European Data Protection
• European Regulatory Institutions
• Legislative Framework
• Compliance with European Data Protection Law and Regulation
• International Data Transfers

Course Syllabus

Introduction to European Data Protection

Origins and Historical Context of Data Protection Law

• The rationale for data protection
• Human rights laws
• Early laws and regulations
• The need for a harmonized European approach
• The Treaty of Lisbon
• A modernized framework

European Union Institutions

• European Court of Human Rights
• European Parliament
• European Commission
• European Council
• Court of Justice of the European Union

Legislative Framework

• The Council of Europe Convention for the Protection of Individuals with Regard to the Automatic Processing of Personal Data of 1981 (The CoE Convention)
• The EU Data Protection Directive (95/46/EC)
• The EU Directive on Privacy and Electronic Communications (2002/58/EC) (ePrivacy Directive) – as amended
• The EU Directive on Electronic Commerce (2000/31/EC)
• European data retention regimes
• The General Data Protection Regulation (GDPR) (EU) 2016/679 and related legislation

European Data Protection Law and Regulation

Data Protection Concepts

• Personal data
• Sensitive personal data
• Pseudonymous and anonymous data
• Processing
• Controller
• Processor
• Data subject

Territorial and Material Scope of the General Data Protection Regulation

• Establishment in the EU
• Non-establishment in the EU

Data Processing Principles

• Fairness and lawfulness
• Purpose limitation
• Proportionality
• Accuracy
• Storage limitation (retention)
• Integrity and confidentiality

Lawful Processing Criteria

• Consent
• Contractual necessity
• Legal obligation, vital interests, and public interest
• Legitimate interests
• Special categories of processing

Information Provision Obligations

• Transparency principle
• Privacy notices
• Layered notices

Data Subjects’ Rights

• Access
• Rectification
• Erasure and the right to be forgotten (RTBF)
• Restriction and objection
• Consent, including the right of withdrawal
• Automated decision-making, including profiling
• Data portability
• Restrictions

Security of Personal Data

• Appropriate technical and organizational measures
• Breach notification
• Vendor Management
• Data Sharing

Accountability Requirements

• Responsibility of controllers and processors
• Data protection by design and by default
• Documentation and cooperation with regulators
• Data protection impact assessment (DPIA)
• Mandatory data protection officers
• Auditing of privacy programs

International Data Transfers

• Rationale for prohibition
• Adequate jurisdictions
• Safe Harbor and Privacy Shield
• Standard Contractual Clauses
• Binding Corporate Rules (BCRs)
• Codes of Conduct and Certifications
• Derogations a. Guidelines 2/2018 on derogations of Article 49 under Regulation 2016/679
• Transfer impact assessments (TIAs)

Supervision and enforcement

• Supervisory authorities and their powers
• The European Data Protection Board
• Role of the European Data Protection Supervisor (EDPS)

Consequences for GDPR violations

• Process and procedures
• Infringements and fines
• Class actions
• Data subject compensation

Compliance with European Data Protection Law and Regulation

Employment Relationship

• Legal basis for the processing of employee data
• Storage of personnel records
• Workplace monitoring and data loss prevention
• EU Works councils
• Whistleblowing systems
• ‘Bring your own device’ (BYOD) programs

Surveillance Activities

• Surveillance by public authorities
• Interception of communications
• Closed-circuit television (CCTV)
• Geolocation
• Biometrics / facial recognition

Direct Marketing

• Telemarketing
• Direct marketing
• Online behavioral targeting

Internet Technology and Communications

• Cloud computing
• Web cookies
• Search engine marketing (SEM)
• Social networking services
• Artificial Intelligence (AI)

CIPP/E Certification Renewal

CIPP/E is valid for two years. To maintain your credential, you must meet two minimum requirements over the term of your certification:

• Pay an annual certification maintenance fee (included in IAPP’s membership fee).
• Fulfill 20 hours of continuing privacy education (CPE).

Learn more about the certification process, and download the IAPP Privacy Certification Candidate Handbook at IAPP

Whether you are looking for general information or have a specific question about CIPP/US Certification, we want to help!

Request More Information