IAPP Certified Information Privacy Technologist (CIPT)

The Certified Information Privacy Technologist (CIPT) is an operational level qualification for IT professionals who require comprehensive knowledge about how to incorporate appropriate privacy controls into information and communications technology. Developed by the International Association of Privacy Professionals (IAPP) in 2014 and refreshed in 2020, the CIPT is the leading privacy-focused IT certification. In obtaining the CIPT, award holders demonstrate a greater understanding of the techniques necessary to ensure privacy measures in technology systems are aligned with compliance regulations such as the GDPR. By enhancing the privacy skills of your IT professionals, your organisation will be equipped with competent privacy technologists who are able to build and implement solutions that mitigate risk and increase productivity.

The IAPP is the largest international community for privacy professionals with over 68,000 members worldwide. Founded in 2000, the IAPP is a not-for-profit organisation that helps define, support, and improve the privacy profession throughout the world. It brings people together, providing them with the tools and information management practices required to thrive in today's rapidly evolving data economy.

• How to Choose the Right GDPR Certification - disabled> download

Course Overview

The inherent advantages of the technology we use every day are often in direct conflict with the right to privacy. While on the one hand, consumers actively entrust organisations with information about themselves, their demands for greater privacy, coupled with strong data protection laws such as the GDPR, mean that privacy is becoming an increasingly dominant issue for IT professionals.

As technology advances, so too does the need to collect, process, and transfer higher volumes of personal information. Unfortunately, weak systems with poor privacy controls inevitably lead to data assets being at risk of a breach, which leaves organisations vulnerable to significant fines and damage to their reputation.

Most IT certifications include only minimal information about privacy technology policies and implementation. The IAPP developed the Certified Information Privacy Technologist (CIPT) programme to provide in-depth knowledge about emerging tools and technologies for this expanding field. The CIPT examines critical privacy concepts and practices in detail and includes a certification that grants technologists access to IAPP's vast global network, including hundreds of tools and resources to maintain and enhance their skill set. As a result, award holders will attain the necessary skills and knowledge to ensure their organisation's personal data assets are protected at every stage of the data lifecycle using the latest privacy-enhancing technology and techniques.

Due to the COVID-19 pandemic, this accredited course, which is traditionally taught in a classroom setting over 2-days, is now provided safely across a secure WebEx platform with all the support and interactivity found in the classroom. Delegates can gain a recognised practitioner level workplace qualification at home or from their desk by attending four x 3.5 hour live online sessions across one week. This accredited IAPP course prepares participants for the 150-minute multiple-choice IAPP Exam.

Learning outcomes

Organisations that employ IT professionals who hold the CIPT are more able to implement the strategies, policies, processes, and techniques required to manage cybersecurity risks while enabling reasonable personal data use for business purposes.

IAPP Certified Information Privacy Technologists will learn:

• Privacy concepts, strategies and techniques relating to IT
• About consumer privacy expectations
• How to build privacy-by-design into every stage of the IT products and services lifecycle
• How to setup privacy-preserving data collection and transfer processes
• How to establish privacy-related IT security practices, such as data minimisation, access controls and encryption
• How to evaluate emerging technologies and how to use them while maintaining data privacy
• How to audit IT infrastructure
• How to communicate technical privacy issues to colleagues, partners, and customers outside of IT and collaborate with them to produce solutions

IAPP CIPT Course Contents

This IAPP accredited CIPT course, which is traditionally taught in a classroom setting over 2-days, is now available online. Due to the COVID-19 pandemic, delegates can gain a recognised workplace qualification whether they're working at their desk or from home by attending four x 3.5 hour live online sessions across four consecutive days.

This online is broken into seven modules includes:

Module 1: Foundational Principles in Technology

A summary of the foundational elements for embedding privacy in technology:

• Privacy Risk Models and Frameworks
• Privacy by Design Foundational Principles
• Value Sensitive Design
• The Data Life Cycle

Module 2: The role of the technology professional in privacy

A review of the fundamentals of privacy as they relate to the privacy technologist. In particular, the privacy technologist's role in ensuring compliance with data protection requirements, meeting stakeholder expectations and exploring the relationship between privacy and security.

• Fundamentals of privacy-related IT
• Information Security
• Privacy responsibilities of the IT professionals

Module 3: Privacy threats and violations

Identifies inherent risks throughout the stages of the data life cycle and explores how software security helps mitigate privacy threats. The module also considers the impacts behavioural advertising, cyberbullying, and social engineering have on privacy within the technological environment.

• During Data Collection
• During Use
• During Dissemination
• Intrusion, Decisional Interference and Self Representation
• Software Security

Module 4: Technical measures and privacy-enhancing technologies

A detailed examination of the strategies and techniques used for enhancing privacy throughout the data lifecycle. Includes; identity and access management, authentication, de-identification, encryption, aggregation, along with collection and use of personal information.

• Data Oriented Strategies
• Techniques
• Process Oriented Strategies

Module 5: Privacy engineering

An exploration of the role that privacy engineering plays within an organisation:

• Role of Privacy Engineering in the organisation
• Privacy Engineering Objectives
• Privacy Design Patterns
• Privacy Risks in Software

Module 6: Privacy-by-design methodology

This module focuses on the privacy-by-design methodology and explores practices to ensure ongoing diligence following implementation.

• Privacy by Design Process
• Ongoing Vigilance

Module 7: Technology challenges for privacy

The final module examines the unique challenges that come from online privacy issues, including:

• Automated decision making
• Tracking and surveillance technologies
• Anthropomorphism
• Ubiquitous computing
• Mobile social computing

The certified information privacy technologist programme was developed by the International Association of Privacy Professionals (IAPP), which is the world’s largest comprehensive global information privacy community and resource.

Who should attend?

• Data Protection Officers
• Privacy Engineers, Developers
• CIO, CTO & CISO
• Director of Information Systems, Technology
• IT Managers
• Data Scientists, Analysts, Architects
• Systems Administrators, Developers, Engineers
• Software Engineers, Designers
• Programmers
• Test Managers & QA Engineers
• Information Security Managers, Professionals
• IT & Infosec Auditors
• Ethical Hackers & Forensics Investigators
• Business Continuity Managers
• Risk Managers
• Website Developers & UX/UI Designers
• Digital SEO & SEM Managers
• Game Developers
• Project Managers
• Product Managers
• Service Support Desk Technicians
• Records Managers
• Anyone who works in technology acquisition, risk management and compliance

The IAPP CIPT is an intermediate to advanced level professional IT certification. While there are no prerequisites, it is recommended candidates have some experience in IT systems or software engineering, privacy management or related subject areas.

Certified Information Privacy Professional (CIPP/E)

Certified Information Privacy Manager (CIPM)

BCS Foundation Certificate in Information Management Principles (CISMP)

BCS Foundation Certificate in Data Protection