A White Color Camera Privacy Cover. Slide Webcam. Cover for an electronic device with a keyboard on a wooden table

Certificate in Information Privacy

Certificate in Information Privacy

Contribute to a world that values privacy protection

Next Enrolment

January 22nd




Improve your privacy awareness, the practices of organizations and gain fundamental knowledge in information principles in the digital age.

What you will learn

In this part-time Certificate in Information Privacy, you will learn how to increase your privacy quotient for more secure, efficient management of your organization’s confidential information. This program will help you:

  • Better understand the information principles, operational methods, and emerging technologies that define privacy practice today.
  • Learn essential tools and methods such as Privacy Impact Assessment (PIA) and Privacy by Design (PbD) for safeguarding personal information
  • Comprehend global legal and regulatory requirements for information privacy
  • Investigate and interpret the privacy ramifications of new technologies, applications, products, and services
  • Learn to identify potential risks, vulnerabilities, harms, or misuses of data
  • Identify and coordinate privacy breaches/risk assessments
  • Contribute to the development of an organization’s privacy program

Program Benefits

  • Graduate in only six months of online study
  • Participate in experiential education opportunities, including analyzing real-world privacy breaches
  • Learn from leaders who are industry experts in the Information Privacy field
  • Advance through three courses with the same peer cohort and build your professional network

Format: Part-Time, blended
Delivery: Online coursework + 6 live online sessions
Live Session Schedule: 3 weekends total (Sat & Sun )
Program Length: 6 months
Term Starts: Fall, Winter


Introducing Live Online Learning

Career Potential

Upgrade your skill set to improve the privacy practices in your organization

Information privacy is one of the most important public policy issues of our digital age and an issue of vital importance to Canadians and Canadian organizations. Over a five-year period, GTA job postings in information privacy have increased by 142%.

Employers are searching for proactive and knowledgeable information privacy professionals to help recommend, implement, manage and scale solutions on an organization’s privacy needs. Now, more than ever, institutions and individuals need to ensure that their personal data are used appropriately and according to ethical and legal best practices.

Get Hired for Jobs Like:
  • Privacy Analyst
  • Compliance Officer
  • Privacy Program Administrator
  • Privacy Coordinator
Gain These Cross-Functional Skills:
  • Analytical & Critical Thinking
  • Decision-Making
  • Relationship & Team Building

Who should take this program?

The Certificate in Information Privacy is ideal for:
  • Individuals seeking a potential career path towards information privacy as a discipline
  • Professionals in information management, information technology, human resources, marketing, and other related fields looking to enhance their careers
  • Those who want a better understanding of privacy as a public policy issue
Enrolment Requirements

The Certificate in Information Privacy is a direct registration program. No application process is required; simply enrol in the session of your choice to get started.

How Can a Certificate in Information Privacy Help Your Career?

Steven Sone – Certificate in Information Privacy Graduate

Delivery Format

Part-Time – Blended

  • Courses combine in-person learning, on campus at York or Live Online via Zoom plus online learning
  • The live components are held at a scheduled day and time, on campus at York or Live Online via Zoom
  • The online delivery is asynchronous, which means that while students have set deadlines to complete their work each week, they do not have any required “live” components
  • Students should expect to dedicate approximately 8-10 hours of effort per course each week for readings, discussions boards, practice opportunities, assignments, and so on


CSIP1010 Fundamentals of Information Privacy

The Fundamentals course establishes a foundation in information privacy terminology, requirements, and approaches. You will understand the role that privacy serves in data governance and risk management for an organization. You will learn how privacy developed as a practice and as a profession. Current Canadian privacy laws are explained as well as the structure and powers of the Canadian information and privacy commissioners. The course contrasts Canada's regulatory model, both culturally and practically, to other data protection regimes around the world and elaborates on how the issue of privacy will evolve globally in the years to come. Domains covered: Definitions and concepts of privacy; Founding principles of privacy; Privacy safeguards; Privacy law essentials; Private sector privacy laws; Public sector privacy laws; The mechanics of privacy; and The future of privacy. Skills developed: Interpreting national and cultural privacy behaviours and expectations; Implementing best practices for personal information protection; Analyzing common marketing and research uses of personal data; Disseminating a privacy policy; Conducting a personal information access request; Interfacing with the information and privacy commissioners of Canada; Complying with Canadian private-sector and public-sector privacy laws; and, Assessing emerging policy approaches to privacy protection.

2 Classes

36 Hours

CSIP1020 Privacy in Technology

Privacy in Technology addresses personal information in today's IT systems from collection, processing, and sharing to storage and erasure. The course explains the purpose and value of engineering privacy features into IT products and services including consumer-facing privacy interfaces and controls. You will learn best practices for managing and protecting your organization's sensitive data assets. You will understand common varieties of information threats and vulnerabilities and how to apply security controls that address these risks. Lastly, you will interpret the privacy impacts of emerging technologies, mobile technologies, online media, and digital health as well as understand the significant influence of data and technology on public life. Domains covered: Privacy in information systems; Information security; Privacy in IT development; Online privacy; Privacy and emerging technologies; Privacy, technology, and civic life; Privacy and digital health; and Mobile privacy. Skills developed: Conducing a personal data inventory; Applying methods of identity and access management such as authentication and authorization; Identifying and mitigating common information threats such as phishing, ransomware and malware; Leveraging outcomes from known data breaches to improve information privacy and security; Coordinating privacy needs with colleagues in IT security, development, and engineering; Advocating for techniques of personal data minimization, de-identification, and anonymization in common IT tasks; Implementing Privacy by Design (PbD) principles to products, services and business processes; and, Negotiating a resolution to a privacy incident.

2 Classes

36 Hours

CSIP1030 Privacy Operations

Privacy Operations is the third and final course of the three-part information privacy certificate program. This course leverages the key legal and technical concepts of the two prior courses and synthesizes these into best practices that can be applied to everyday operational environments. You will learn the utility of privacy impact assessments (PIAs); data subject access requests (DSARs); vendor evaluations and partner relations; incident mitigation; and, stakeholder training, policy communications and privacy awareness. These are the practical tools and methods for operationalizing privacy in any size of organization across Canada and around the world today. Domains covered: Privacy program management; Global privacy compliance; Assessing privacy risk; Incident planning and response; Access and consent management; Vendor and contract management; Onward transfers of data; and Privacy training and communications." Skills developed: Creating a privacy team and operation; Interpreting the basic requirements of global privacy laws and regulations; Writing and conducting a Privacy Impact Assessment (PIA); Handling data subject access requests (DSARs); Responding to information incidents such as breaches and hacks; Evaluating and vetting data vendors; Implementing protections to permit cross-border data flows; and Drafting and presenting a comprehensive privacy training and awareness plan.

2 Classes

36 Hours


Cristina Onose Information Privacy Instructor

Cristina Onosé

Peter Kosmala Information Privacy Instructor

Peter Kosmala


Maria Koslunova

Advisory Council

Anick Fortin-Cousens Information Privacy Advisory Council

Anick Fortin-Cousens

Cristina Onose Information Privacy Instructor

Cristina Onosé

Information Privacy Program Advisory Council - Deborah Evans

Deborah Evans

Hassan Jaferi Information Privacy Advisory Council

Hassan Jaferi


Maria Koslunova

Peter Kosmala Information Privacy Instructor

Peter Kosmala

Karl Larson Information Privacy Advisory Council

Karl Larson

Vance Lockton Information Privacy Advisory Council

Vance Lockton

Laura Stevenson Information Privacy Advisory Council

Laura Stevenson

Events & Webinars

Certificate in Information Privacy

Winter 2024

(Online + Live Online Classes)

Course Details +


Policies & More Information

Technology Requirements for Remote/Online Courses

Please review the technology and software requirements you will need to access our courses remotely.

Contact Us

Ask us anything about this program and we’ll get back to you within 2 business days.