Two women analyzing documents at office

Certificate in Information Privacy

Get smart on the essentials of personal data protection

Information privacy is one of the most important public policy issues of our digital age and an issue of vital importance to Canadians and Canadian organizations. It also is a fast-emerging profession that encompasses how an entity collects, stores, shares and uses personal data. Data-driven organizations need to consider how factors like customer expectations, domestic and global regulations and emerging technologies can impact their operations, management and marketing practices.

Now, more than ever, institutions and individuals need to ensure that  their personal data are used appropriately and according to ethical & legal best practices. Employers are searching for proactive and knowledgeable information privacy professionals to help recommend, implement, manage and scale solutions on an organization’s privacy needs.

Over a five-year period, GTA job postings in information privacy have increased by 142%. For professionals looking to upgrade their skill set or embark on a new career in information privacy, there’s never been a better time to begin.

142% increased demand for Information Privacy experts
182% growth in job postings requiring skills related to privacy

Program Description

In the Certificate in Information Privacy, you will gain fundamental knowledge in information principles, legal concepts, operational methods and emerging technologies that define privacy practice today. You will improve your privacy awareness as well as contribute to better the privacy practices within the organizations you serve or work within. Created in collaboration with Canadian privacy leaders and subject matter experts, this part-time, three-course program is offered in a completely online format to accommodate the schedules and commitments of working professionals.

In only six months of study, you will:

  • Acquire a holistic understanding of the organizational value of privacy and data protection
  • Learn basic tools and methods for safeguarding personal information
  • Comprehend global legal and regulatory requirements for information privacy
  • Interpret the privacy ramifications of new technologies, applications, products and services
  • Learn to identify potential risks, vulnerabilities, harms or misuses of data
  • Identify and coordinate privacy breaches/risk assessments
  • Contribute to the development of an organization’s privacy program

You will learn practical, privacy-enabling tools and methods such as a Privacy Impact Assessment (PIA), which assists organizations in identifying and managing the privacy risks arising from new initiatives. You will also learn about Privacy by Design (PbD), a process for embedding privacy-aware features and interfaces in an organization’s product and service development efforts.

And, since privacy protection is a collaborative effort that involves multiple stakeholders, you will gain cross-functional professional skills such as communication, team building and critical thinking. Near the end of the program, you will apply what you have learned towards examining and analyzing real-world privacy breaches.

Our program’s comprehensive curriculum in a condensed format allows you to graduate faster with the skills employers want. By the time you finish, you will have the essential knowledge to stay smart on privacy best practices in today’s rapidly evolving business, technological and consumer environments.

 

Program Format

As of March 16, 2020, all our Continuing Education programs will be delivered 100% online for the foreseeable future. Please see details in the online delivery section.

The Certificate in Information Privacy is delivered in two different formats depending on your term of study.

In the Fall Term (September start), the program is offered in a 100% asynchronous online format. Log in, study, participate in discussions in your online course forum, submit your work, talk to your instructor and log off when you need to. As long as you stay on track with your scheduled course work, you’re free to make the program work around your commitments.

In the Winter Term (January), the program is offered via blended learning, which combines online coursework with one required weekend online session per course (3 weekends over 6 months). In total, there are six (6) live, online sessions that take place over weekends (Saturday and Sunday). The live online sessions are facilitated by expert instructors and allow you to interact with your instructor and peers.

Winter (Jan) – Blended
(Online Coursework +
6 Live Online Sessions)

Fall (Sep) – Online Asynchronous
(No required
live online sessions)

  • Format: Part-Time, Blended
  • Delivery:  Online coursework + 3 weekends of live online class (Sat & Sun)
  • Program Length: 6 months
  • Format: Part-Time, 100% asynchronous online (no required live sessions)
  • Delivery: online coursework that follows a set schedule (no required live online sessions)
  • Program Length: 6 Months

Our flexible online formats are designed to meet the needs of a wide range of students. You will be able to complete the full, 3-course program entirely online over the course of 6 months, and choose the best format that helps you balance your full-time work, family, or other commitments.

Who should take this program?

The Certificate in Information Privacy is for any individual who seeks a potential career path toward information privacy as a discipline. Additionally, it serves individuals who simply want to better understand privacy as a public policy issue.

This program can also enhance the careers of people with an educational background or work experience in:

Information ManagementInformation Management

Information TechnologyInformation Technology

Human ResourcesHuman Resources

MarketingMarketing

… and related fields

 

Certificate in Information Privacy: Interview with Advisory Council Member Peter Kosmala


Learning Outcomes

By the end of the certificate, successful graduates will be able to:

  1. Explain the importance of information privacy
  2. Consider the risks and benefits of information privacy from organizational and consumer perspectives
  3. Comprehend major Canadian and global privacy laws, regulations and standards
  4. Grasp the privacy implications of new technologies and services
  5. Understand information security tools, methods, and principles used to safeguard information privacy
  6. Conduct and write a Privacy Impact Assessment
  7. Recognize privacy incidents and breaches and understand how to address them
  8. Identify the essentials of stakeholder management (members, employees and other third parties)
  9. Support the development and the enhancement of an organization’s privacy program

Admission Requirements

The Certificate in Information Privacy is a direct registration program.

Courses

Fundamentals of Information Privacy

Establish a foundation in basic information privacy terminology, concepts and approaches. You will understand the privacy principles frameworks, the role that privacy serves in data governance and risk management generally. You will also learn what defines the Canadian regulatory model and how this contrasts with other data protection regimes around the world.

Privacy in Technology

Be introduced to the information lifecycle: the types, flows and behaviors of personal data in an organization’s IT system from collection, processing and sharing to storage and erasure. Learn how to maintain data quality and inventory, apply security safeguards and embed privacy into the product/service development process through “privacy by design” (PbD). Lastly, acquire informed privacy perspectives on new and emerging technologies such as IoT, 5G and blockchain.

Privacy Operations

Leverage the legal and technical knowledge established from prior sections into best practices that can be applied in everyday operational environments: privacy impact assessments (PIAs); vendor, contract and records management; incident mitigation and response; and, customer communications such as consent and access requests, notices and policies. These are the practical tools and methods for operationalizing privacy in any size of organization across Canada today.

Instructors

Peter KosmalaPeter Kosmala, CIPP/US
Founder and Principal – PRIVĀT, LLC

Peter is a recognized thought leader in information privacy with 20 years of international experience as a former marketer, technologist, lobbyist and association leader and as a current consultant, educator and keynote speaker.

Peter helped grow the International Association of Privacy Professionals (IAPP) from a professional community to the world’s largest privacy association as its first Assistant Director and then as Vice President. He led the creation of the first professional certification in privacy, the IAPP’s Certified Information Privacy Professional (CIPP) in 2004 and launched the CIPP-Canada (CIPP/C) in 2006. Today, over 30,000 professionals globally hold one or more of the CIPP credentials which certify knowledge in privacy laws, standards and practices.

Peter helped to establish the Canadian office of the IAPP and the Canada Privacy Symposium, the flagship annual event held in Toronto since 2006. He has worked closely with practitioners, policy makers and regulators from around the world on privacy matters. Peter’s roots are in digital media at WIRED magazine and Hotwired, one of the very first Web publishing sites. He also served as the first managing director of the Digital Advertising Alliance (DAA) and led the expansion of the “Your Ad Choices” consumer privacy preference program.

Peter has served in leadership roles at technology companies CMGI and dataxu (now Roku), trade associations the 4A’s, DAA and the NAI and ad agencies Wells Rich Greene BDDP and MVBMS Partners/EURO RSCG. He has represented industry in policy working groups and technical standards bodies such as the Trustworthy Accountability Group (TAG) and the World Wide Web Consortium (W3C). Presently, Peter advises clients on the digital media marketplace and the evolving regulatory environment for information privacy.

Cristina OnoséCristina Onosé, Lead, Cyber Threat Intelligence, Privacy Advocacy & Thought Leadership, PwC Canada

Cristina Onosé leads teams at PwC Canada in Privacy Advocacy and Thought Leadership and Cyber Threat Intelligence. She works with organizations to optimize their privacy and security programs, enhance consumer trust, ensure compliance with applicable privacy and security requirements, and intelligently assess cyber threats.

Prior to joining PwC, Cristina was the Director of Government Relations and Privacy at the Canadian Marketing Association (CMA). She has also served in roles in the government of Ontario, an EU Parliament think tank in Belgium, and a foreign diplomatic office.

Cristina is a member of the Certification Training Advisory Board of the International Association of Privacy Professionals (IAPP). She also serves as board director of the Public Affairs Association of Canada (PAAC), the Digital Advertising Alliance of Canada (DAAC) and the European Union Chamber of Commerce in Canada (EUCCAN). She is a frequent speaker and author on privacy and security-related issues, including government regulation (PIPEDA, GDPR), data strategies, and emerging technologies (IoT, smart cities, automated vehicles, etc.).

Cristina is an instructor in York University’s School of Continuing Studies Certificate in Information Privacy (teaching the ‘Privacy in Technology’ course).

Advisory council

 

Anick Fortin-Cousens, CIPP/C
Vice President of Privacy, Ceridian.

Anick Fortin-Cousens is Vice President of Privacy at Ceridian, where she leads a team responsible for the company’s global privacy policies and programs, and advises the business on a broad range of initiatives and products. Prior to this, she led IBM Corporation’s Privacy Office, and served as Chief Privacy Officer for Canada, Asia Pacific, Latin America and Middle East and Africa.

For 20 years, Anick has worked with public policy makers and other stakeholders across the globe to achieve privacy frameworks that are contemporary, practical and support trusted information flows. She holds law degrees in civil and common law (J.D., LL.L.) from the University of Ottawa (Canada) and an undergraduate degree in journalism. She currently sits on the IAPP Canadian Advisory Board.

Learn more about Anick here.

 

Cristina OnoséCristina Onosé, Lead, Cyber Threat Intelligence, Privacy Advocacy & Thought Leadership, PwC Canada

Cristina Onosé leads teams at PwC Canada in Privacy Advocacy and Thought Leadership and Cyber Threat Intelligence. She works with organizations to optimize their privacy and security programs, enhance consumer trust, ensure compliance with applicable privacy and security requirements, and intelligently assess cyber threats.

Prior to joining PwC, Cristina was the Director of Government Relations and Privacy at the Canadian Marketing Association (CMA). She has also served in roles in the government of Ontario, an EU Parliament think tank in Belgium, and a foreign diplomatic office.

Cristina is a member of the Certification Training Advisory Board of the International Association of Privacy Professionals (IAPP). She also serves as board director of the Public Affairs Association of Canada (PAAC), the Digital Advertising Alliance of Canada (DAAC) and the European Union Chamber of Commerce in Canada (EUCCAN). She is a frequent speaker and author on privacy and security-related issues, including government regulation (PIPEDA, GDPR), data strategies, and emerging technologies (IoT, smart cities, automated vehicles, etc.).

Cristina is an instructor in York University’s School of Continuing Studies Certificate in Information Privacy (teaching the ‘Privacy in Technology’ course).

Cristina is holder of a BA International Relations (Glendon College, York University), an MA European Affairs and Economics (Munk School of Global Affairs, University of Toronto), Digital Marketing Certificate (Canadian Marketing Association), Cybersecurity Policy Executive Certificate (Harvard Kennedy School of Government), and the IAPP Privacy Certification (CIPP/C, CIPM).

 

Deborah Evans, CIPP/C
Chief Privacy Officer, Rogers Communications

Deborah Evans is the Chief Privacy Officer at Rogers Communications, where she is responsible for privacy across all lines of business, including management of CASL and telemarketing rules. She is also responsible for Rogers’ relationship with the Office of the Privacy Commissioner and the CRTC Enforcement Branch.

Deborah joined Rogers in 2007 and has progressed through various positions within the organization’s Regulatory team, including representing Rogers at numerous proceedings and government hearings, and implementation of the CRTC’s Wireless Code. As well, she managed Rogers Office of the Ombudsperson for 18 months. Deborah has managed Rogers’ privacy office since 2014.

She is the Chair of both the CWTA Privacy and Security Committee and the Canadian Marketing Association’s Privacy Committee, former Chair of the CWTA’s Recycling Committee, and former member of the CWTA Accessibility Committee.

Deborah holds a Bachelor of Arts (Honours) in Politics from Brock University; and a Master’s of Public Affairs, with a specialization in European Integration, from Carleton University. She also holds a CIPP/c privacy certification from the International Association of Privacy Professionals (IAPP), and currently sits on the IAPP Canadian Advisory Board.

 

Hassan JaferiHassan Jaferi
Chief Executive Officer – Bitnobi

Hassan Jaferi is the Chief Executive Officer of Bitnobi, Inc. His work experience includes Toronto Innovation Acceleration Partners (TIAP, formerly MaRS Innovation) and PARTEQ Innovations at Queen’s University. Hassan has been involved in the creation of multiple university startups and executed an IP acquisition/acqui-hire deal for York University. Moreover, a five-year term as a patent examiner at the Canadian Intellectual Property Office enables Hassan to provide strong patent advice.

While working at Bitnobi, Hassan is also the Co-director of UTEST which is an early stage incubator jointly run by TIAP and The University of Toronto. At Bitnobi, Hassan manages all day-to-day business affairs for the company in order to help commercialize their privacy protected data-sharing platform.

Education

Masters, Space Management, International Space University, 2006. BASc., Computer Engineering, University of Ottawa, 2003.

 

Karl Larson, CISA, CISM, CCSK
Chief Information Security Officer, TELUS

Karl Larson has worked in a number of industries, including Publishing, Health Care, Hospitality, Higher Education, Telecom and Technology. Since starting his career in Information Security, he has worked in IT Audit and managed and directed teams in PCI, Compliance, Vulnerability Assessments & Management, Vendor and Supply Chain Assessments, Security Operations Centre, and Architecture. He has also served as the primary security interface for clients and business partners, including managing audits and negotiating contracts. He holds a Masters of Business Administration from Virginia Tech University and a Bachelor of Arts, English from St. Olaf.

 

Laura Stevenson, CIPP/C
Director, Compliance & Ethics, Omers

Laura currently works with OMERS in the role of Director, Compliance & Ethics and has over 20 years of experience in financial services. Her current responsibilities include privacy, policy governance, compliance-based training and process transformation. Leveraging technology to streamline and deliver for both business and legislative requirements has been core to her success. Laura actively listens to stakeholders to understand key objectives and offers practical recommendations that concurrently support a culture of compliance.

Education:

BA, Political Science, York University

“Ask questions until you feel there is no more information to be had. From there, the source of an issue can be understood, opening a path to relevant solutions.”

 

Maria KoslunovaMaria Koslunova, CIPP/US, CIPP/C, CIPM, FIP
Manager, Cyber Security and Privacy Practice, PwC Canada

Maria is a Manager in the Cybersecurity and Privacy Practice in PwC Canada. She uses her privacy expertise to deliver value to clients by providing strategic privacy solutions and innovative approaches to data protection.

At PwC, Maria has played an integral role in privacy and cybersecurity consultancy and audit fieldworks for clients in the telecommunications, retail, financial services, information technology, media, health and public sector. Her expertise in legislative policy, regulatory compliance and industry good practice helped her develop multiple global compliance frameworks. This includes, but is not limited to CCPA, GDPR, CASL, HIPAA, PHIPA, PIPEDA, COPPA, PCI, ISO 27001, NIST Cybersecurity and Privacy Frameworks. Maria leads the PwC Privacy Training and Awareness Program in collaboration with the International Association of Privacy Professionals. The training program provides participants with interactive ways to learn critical privacy concepts that are integral to the certification exams and privacy program management as a whole. This includes CIPM and/or CIPP certification exams.

Maria also has experience as a Privacy Legal Researcher at Nymity Inc.. During her tenure, Maria contributed to Nymity’s proprietary research knowledge database, analyzed global privacy and data protection developments and provided clients with daily privacy compliance reports. Maria has been actively involved with the International Association of Privacy Professionals through her contribution to the Publications Advisory Board, Canadian Advisory Board and publications.

Education:

York University – Bachelors of Economics

Designations / Certifications / Awards / Achievements:

CIPM, CIPP/C/US, FIP

 

Peter KosmalaPeter Kosmala, CIPP/US
Founder and Principal – PRIVĀT, LLC

Peter is a recognized thought leader in information privacy with 20 years of international experience as a former marketer, technologist, lobbyist and association leader and as a current consultant, educator and keynote speaker.

Peter helped grow the International Association of Privacy Professionals (IAPP) from a professional community to the world’s largest privacy association as its first Assistant Director and then as Vice President. He led the creation of the first professional certification in privacy, the IAPP’s Certified Information Privacy Professional (CIPP) in 2004 and launched the CIPP-Canada (CIPP/C) in 2006. Today, over 30,000 professionals globally hold one or more of the CIPP credentials which certify knowledge in privacy laws, standards and practices.

Peter helped to establish the Canadian office of the IAPP and the Canada Privacy Symposium, the flagship annual event held in Toronto since 2006. He has worked closely with practitioners, policy makers and regulators from around the world on privacy matters. Peter’s roots are in digital media at WIRED magazine and Hotwired, one of the very first Web publishing sites. He also served as the first managing director of the Digital Advertising Alliance (DAA) and led the expansion of the “Your Ad Choices” consumer privacy preference program.

Peter has served in leadership roles at technology companies CMGI and dataxu (now Roku), trade associations the 4A’s, DAA and the NAI and ad agencies Wells Rich Greene BDDP and MVBMS Partners/EURO RSCG. He has represented industry in policy working groups and technical standards bodies such as the Trustworthy Accountability Group (TAG) and the World Wide Web Consortium (W3C). Presently, Peter advises clients on the digital media marketplace and the evolving regulatory environment for information privacy.

 

Vance LocktonVance Lockton, CIPP/C, CIPM
Manager, Digital Governance, Waterfront Toronto

Vance Lockton is the Manager of Digital Governance for Waterfront Toronto, an organization created by the City of Toronto and the governments of Ontario and Canada and mandated with revitalizing Toronto’s waterfront. Prior to coming to Waterfront Toronto, Vance spent 7 years with the Office of the Privacy Commissioner of Canada (OPC) across a variety of roles, including policy development, investigation of complaints, and stakeholder relations.

Education:

M.P.P. (Public Policy) – Simon Fraser University – 2009 M.Sc. (Computer Science) – University of British Columbia – 2005 B.Math (Computer Science) – University of Waterloo – 2003

Designations / Certifications / Awards / Achievements:

Certified Information Privacy Professional/Canada (CIPP/C) – International Association of Privacy Professionals (IAPP) Certified Information Privacy Manager (CIPM) – IAPP Certificate in Information Security and Risk Management – University of Washington

Technology Requirements for Remote/Online Courses

Program Policies

Term Session Price (CAD) Register
Winter 2021 Certificate in Information Privacy (Blended) (January 2021-July 2021) $3,297.00 Register
Register for this Program