- School of Continuing Studies - http://continue.yorku.ca -

Certificate in Information Privacy

Posted By Crisdelis Rodriguez On November 28, 2019 @ 4:16 pm

Get smart on the essentials of personal data protection

Information privacy is one of the most important public policy issues of our digital age and an issue of vital importance to Canadians and Canadian organizations. It also is a fast-emerging profession that encompasses how an entity collects, stores, shares and uses personal data. Data-driven organizations need to consider how factors like customer expectations, domestic and global regulations and emerging technologies can impact their operations, management and marketing practices.

Now, more than ever, institutions and individuals need to ensure that  their personal data are used appropriately and according to ethical & legal best practices. Employers are searching for proactive and knowledgeable information privacy professionals to help recommend, implement, manage and scale solutions on an organization’s privacy needs.

Over a five-year period, GTA job postings in information privacy have increased by 142%. For professionals looking to upgrade their skill set or embark on a new career in information privacy, there’s never been a better time to begin.

Program Description

In the Certificate in Information Privacy, you will gain fundamental knowledge in information principles, legal concepts, operational methods and emerging technologies that define privacy practice today. You will improve your privacy awareness as well as contribute to better the privacy practices within the organizations you serve or work within. Created in collaboration with Canadian privacy leaders and subject matter experts, this part-time, three-course program is offered in a completely online format to accommodate the schedules and commitments of working professionals.

In only six months of study, you will:

  • Acquire a holistic understanding of the organizational value of privacy and data protection
  • Learn basic tools and methods for safeguarding personal information
  • Comprehend global legal and regulatory requirements for information privacy
  • Interpret the privacy ramifications of new technologies, applications, products and services
  • Learn to identify potential risks, vulnerabilities, harms or misuses of data
  • Identify and coordinate privacy breaches/risk assessments
  • Contribute to the development of an organization’s privacy program

You will learn practical, privacy-enabling tools and methods such as a Privacy Impact Assessment (PIA), which assists organizations in identifying and managing the privacy risks arising from new initiatives. You will also learn about Privacy by Design (PbD), a process for embedding privacy-aware features and interfaces in an organization’s product and service development efforts.

And, since privacy protection is a collaborative effort that involves multiple stakeholders, you will gain cross-functional professional skills such as communication, team building and critical thinking. Near the end of the program, you will apply what you have learned towards examining and analyzing real-world privacy breaches.

Our program’s comprehensive curriculum in a condensed format allows you to graduate faster with the skills employers want. By the time you finish, you will have the essential knowledge to stay smart on privacy best practices in today’s rapidly evolving business, technological and consumer environments.


Program Format

We know you’ve got a busy schedule. That’s why this program is offered entirely online. Log in, study, participate in discussions in your online course forum, submit your work, talk to your instructor and log off when you need to. As long as you stay on track with your course work, and finish within 6 months, you’re free to make the program work around your commitments.

  • Format: Part-Time
  • Delivery:  online coursework
  • Program Length: 6 months
  • Term Starts: September, January


Who should take this program?

The Certificate in Information Privacy is for any individual who seeks a potential career path toward information privacy as a discipline. Additionally, it serves individuals who simply want to better understand privacy as a public policy issue.

This program can also enhance the careers of people with an educational background or work experience in:

Information Management

Information Technology

Human Resources


… and related fields


Certificate in Information Privacy: Interview with Advisory Council Member Peter Kosmala

Learning Outcomes [2]

By the end of the certificate, successful graduates will be able to:

  1. Explain the importance of information privacy
  2. Consider the risks and benefits of information privacy from organizational and consumer perspectives
  3. Comprehend major Canadian and global privacy laws, regulations and standards
  4. Grasp the privacy implications of new technologies and services
  5. Understand information security tools, methods, and principles used to safeguard information privacy
  6. Conduct and write a Privacy Impact Assessment
  7. Recognize privacy incidents and breaches and understand how to address them
  8. Identify the essentials of stakeholder management (members, employees and other third parties)
  9. Support the development and the enhancement of an organization’s privacy program

Admission Requirements [3]

The Certificate in Information Privacy is a direct registration program.

Courses [4]

Fundamentals of Information Privacy

Establish a foundation in basic information privacy terminology, concepts and approaches. You will understand the privacy principles frameworks, the role that privacy serves in data governance and risk management generally. You will also learn what defines the Canadian regulatory model and how this contrasts with other data protection regimes around the world.

Privacy in Technology

Be introduced to the information lifecycle: the types, flows and behaviors of personal data in an organization’s IT system from collection, processing and sharing to storage and erasure. Learn how to maintain data quality and inventory, apply security safeguards and embed privacy into the product/service development process through “privacy by design” (PbD). Lastly, acquire informed privacy perspectives on new and emerging technologies such as IoT, 5G and blockchain.

Privacy in Operations

Leverage the legal and technical knowledge established from prior sections into best practices that can be applied in everyday operational environments: privacy impact assessments (PIAs); vendor, contract and records management; incident mitigation and response; and, customer communications such as consent and access requests, notices and policies. These are the practical tools and methods for operationalizing privacy in any size of organization across Canada today.

Advisory council [5]


Anick Fortin-Cousens, CIPP/C
Vice President of Privacy, Ceridian.

Anick Fortin-Cousens is Vice President of Privacy at Ceridian, where she leads a team responsible for the company’s global privacy policies and programs, and advises the business on a broad range of initiatives and products. Prior to this, she led IBM Corporation’s Privacy Office, and served as Chief Privacy Officer for Canada, Asia Pacific, Latin America and Middle East and Africa.

For 20 years, Anick has worked with public policy makers and other stakeholders across the globe to achieve privacy frameworks that are contemporary, practical and support trusted information flows. She holds law degrees in civil and common law (J.D., LL.L.) from the University of Ottawa (Canada) and an undergraduate degree in journalism. She currently sits on the IAPP Canadian Advisory Board.

Learn more about Anick here [6].


Cristina Onosé, CIPP/C, CIPM
Lead, Privacy Advocacy and Thought Leadership, PwC Canada

Cristina is Lead, Privacy Advocacy and Thought Leadership at PwC Canada. With expertise in privacy, marketing and public policy, she helps organizations optimize their privacy programs and strategies to enhance brand trust and ensure compliance with applicable privacy requirements. She is a frequent speaker and author on privacy-related issues, including government regulation (PIPEDA, GDPR), and emerging technologies (IoT, smart cities, and automated vehicles).

Cristina is an advisor to York University’s Information Privacy Certificate. She is also a board director of the International Association of Privacy Professionals (IAPP) Training Advisory, the Standards Council of Canada Data Governance Standardization Collaborative, the Public Affairs Association of Canada (PAAC), the Digital Advertising Alliance of Canada (DAAC) and the European Union Chamber of Commerce in Canada (EUCCAN).

Prior to joining PwC Canada, Cristina was Director of Government Relations at the Canadian Marketing Association (CMA). She has also served roles in the Government of Ontario and the EU Parliament in Belgium, and taught European politics at the University of Toronto.


BA International Relations (Glendon College, York University)
MA European Affairs and Economics (Munk School of Global Affairs, University of Toronto)
Digital Marketing Certificate (Canadian Marketing Association)
Cybersecurity Policy Executive Certificate (Harvard Kennedy School of Government)

Designations / Certifications / Awards / Achievements:

IAPP Privacy Certification (CIPP/C, CIPM)


Deborah Evans, CIPP/C
Chief Privacy Officer, Rogers Communications

Deborah Evans is the Chief Privacy Officer at Rogers Communications, where she is responsible for privacy across all lines of business, including management of CASL and telemarketing rules. She is also responsible for Rogers’ relationship with the Office of the Privacy Commissioner and the CRTC Enforcement Branch.

Deborah joined Rogers in 2007 and has progressed through various positions within the organization’s Regulatory team, including representing Rogers at numerous proceedings and government hearings, and implementation of the CRTC’s Wireless Code. As well, she managed Rogers Office of the Ombudsperson for 18 months. Deborah has managed Rogers’ privacy office since 2014.

She is the Chair of both the CWTA Privacy and Security Committee and the Canadian Marketing Association’s Privacy Committee, former Chair of the CWTA’s Recycling Committee, and former member of the CWTA Accessibility Committee.

Deborah holds a Bachelor of Arts (Honours) in Politics from Brock University; and a Master’s of Public Affairs, with a specialization in European Integration, from Carleton University. She also holds a CIPP/c privacy certification from the International Association of Privacy Professionals (IAPP), and currently sits on the IAPP Canadian Advisory Board.


Hassan Jaferi
Chief Executive Officer – Bitnobi

Hassan Jaferi is the Chief Executive Officer of Bitnobi, Inc. His work experience includes Toronto Innovation Acceleration Partners (TIAP, formerly MaRS Innovation) and PARTEQ Innovations at Queen’s University. Hassan has been involved in the creation of multiple university startups and executed an IP acquisition/acqui-hire deal for York University. Moreover, a five-year term as a patent examiner at the Canadian Intellectual Property Office enables Hassan to provide strong patent advice.

While working at Bitnobi, Hassan is also the Co-director of UTEST which is an early stage incubator jointly run by TIAP and The University of Toronto. At Bitnobi, Hassan manages all day-to-day business affairs for the company in order to help commercialize their privacy protected data-sharing platform.


Masters, Space Management, International Space University, 2006. BASc., Computer Engineering, University of Ottawa, 2003.


Karl Larson, CISA, CISM, CCSK
Chief Information Security Officer, TELUS

Karl Larson has worked in a number of industries, including Publishing, Health Care, Hospitality, Higher Education, Telecom and Technology. Since starting his career in Information Security, he has worked in IT Audit and managed and directed teams in PCI, Compliance, Vulnerability Assessments & Management, Vendor and Supply Chain Assessments, Security Operations Centre, and Architecture. He has also served as the primary security interface for clients and business partners, including managing audits and negotiating contracts. He holds a Masters of Business Administration from Virginia Tech University and a Bachelor of Arts, English from St. Olaf.


Laura Stevenson, CIPP/C
Director, Compliance & Ethics, Omers

Laura currently works with OMERS in the role of Director, Compliance & Ethics and has over 20 years of experience in financial services. Her current responsibilities include privacy, policy governance, compliance-based training and process transformation. Leveraging technology to streamline and deliver for both business and legislative requirements has been core to her success. Laura actively listens to stakeholders to understand key objectives and offers practical recommendations that concurrently support a culture of compliance.


BA, Political Science, York University

“Ask questions until you feel there is no more information to be had. From there, the source of an issue can be understood, opening a path to relevant solutions.”


Maria Koslunova, CIPP/US, CIPP/C, CIPM, FIP
Manager, Cyber Security and Privacy Practice, PwC Canada

Maria is a Manager in the Cybersecurity and Privacy Practice in PwC Canada. She uses her privacy expertise to deliver value to clients by providing strategic privacy solutions and innovative approaches to data protection.

At PwC, Maria has played an integral role in privacy and cybersecurity consultancy and audit fieldworks for clients in the telecommunications, retail, financial services, information technology, media, health and public sector. Her expertise in legislative policy, regulatory compliance and industry good practice helped her develop multiple global compliance frameworks. This includes, but is not limited to CCPA, GDPR, CASL, HIPAA, PHIPA, PIPEDA, COPPA, PCI, ISO 27001, NIST Cybersecurity and Privacy Frameworks. Maria leads the PwC Privacy Training and Awareness Program in collaboration with the International Association of Privacy Professionals. The training program provides participants with interactive ways to learn critical privacy concepts that are integral to the certification exams and privacy program management as a whole. This includes CIPM and/or CIPP certification exams.

Maria also has experience as a Privacy Legal Researcher at Nymity Inc.. During her tenure, Maria contributed to Nymity’s proprietary research knowledge database, analyzed global privacy and data protection developments and provided clients with daily privacy compliance reports. Maria has been actively involved with the International Association of Privacy Professionals through her contribution to the Publications Advisory Board, Canadian Advisory Board and publications.


York University – Bachelors of Economics

Designations / Certifications / Awards / Achievements:



Peter Kosmala, CIPP/US
Founder and Principal – PRIVĀT, LLC

Peter Kosmala is a recognized thought leader in data privacy and digital media and a frequent speaker at international conferences and forums on these topics. He led the creation of the first professional certification in data privacy, the Certified Information Privacy Professional (CIPP) in 2004 and launched the CIPP-Canada (CIPP/C) in 2006 as Canada’s first data privacy certification. He helped grow the International Association of Privacy Professionals (IAPP) from a professional community to the world’s largest privacy association as its first Vice President.

Peter formed the nucleus of the first digital media team at WIRED magazine and Hotwired, the first ad-supported Website. He also served as the first managing director of the Digital Advertising Alliance (DAA) and led the expansion of the organization’s “Your Ad Choices” consumer privacy preference program.

Peter has held business, marketing and public affairs leadership roles at organizations that include technology company dataxu (now Roku), trade association the 4A’s and ad agencies Wells Rich Greene BDDP and MVBMS Partners/EURO RSCG. He has represented industry in policy working groups and technical standards bodies such as the Trustworthy Accountability Group (TAG) and the World Wide Web Consortium (W3C).

Peter presently serves as Founder and Principal of PRIVĀT (pronounced “pree-vott”), a consultancy that specializes in data privacy as a strategic imperative. He advises clients on data innovation and governance in the evolving global regulatory environment and provides insights to business planning, product development and emerging technologies from a privacy perspective. He holds a BS in electronic media from the University of Cincinnati (Ohio, USA).


Vance Lockton, CIPP/C, CIPM
Manager, Digital Governance, Waterfront Toronto

Vance Lockton is the Manager of Digital Governance for Waterfront Toronto, an organization created by the City of Toronto and the governments of Ontario and Canada and mandated with revitalizing Toronto’s waterfront. Prior to coming to Waterfront Toronto, Vance spent 7 years with the Office of the Privacy Commissioner of Canada (OPC) across a variety of roles, including policy development, investigation of complaints, and stakeholder relations.


M.P.P. (Public Policy) – Simon Fraser University – 2009 M.Sc. (Computer Science) – University of British Columbia – 2005 B.Math (Computer Science) – University of Waterloo – 2003

Designations / Certifications / Awards / Achievements:

Certified Information Privacy Professional/Canada (CIPP/C) – International Association of Privacy Professionals (IAPP) Certified Information Privacy Manager (CIPM) – IAPP Certificate in Information Security and Risk Management – University of Washington

Program Policies [7]

Article printed from School of Continuing Studies: http://continue.yorku.ca

URL to article: http://continue.yorku.ca/certificates/certificate-in-information-privacy/

URLs in this post:

[1] Talk to our team: http://continue.yorku.ca/certificates/ux-design/?tab=1

[2] Learning Outcomes: #squelch-taas-accordion-shortcode-content-0

[3] Admission Requirements: #squelch-taas-accordion-shortcode-content-1

[4] Courses: #squelch-taas-accordion-shortcode-content-2

[5] Advisory council: #squelch-taas-accordion-shortcode-content-3

[6] here: https://iapp.org/about/person/0011a00000DlD7XAAV/

[7] Program Policies: #squelch-taas-accordion-shortcode-content-4

[8] Certificate in Information Privacy – Policies: http://continue.yorku.ca/?p=54773

Copyright © 2014 School of Continuing Studies. All rights reserved.