Certificate in Information Privacy

The Fundamentals course establishes a foundation in information privacy terminology, requirements, and approaches. You will understand the role that privacy serves in data governance and risk management for an organization. You will learn how privacy developed as a practice and as a profession. Current Canadian privacy laws are explained as well as the structure and powers of the Canadian information and privacy commissioners. The course contrasts Canada's regulatory model, both culturally and practically, to other data protection regimes around the world and elaborates on how the issue of privacy will evolve globally in the years to come. Domains covered: Definitions and concepts of privacy; Founding principles of privacy; Privacy safeguards; Privacy law essentials; Private sector privacy laws; Public sector privacy laws; The mechanics of privacy; and The future of privacy. Skills developed: Interpreting national and cultural privacy behaviours and expectations; Implementing best practices for personal information protection; Analyzing common marketing and research uses of personal data; Disseminating a privacy policy; Conducting a personal information access request; Interfacing with the information and privacy commissioners of Canada; Complying with Canadian private-sector and public-sector privacy laws; and, Assessing emerging policy approaches to privacy protection.

2 Classes

36 Hours

Schedule

September 23 to November 17, 2024

Classes Sat 9:00 AM-3:00 PM (16 Nov 2024); Sun 9:00 AM-1:00 PM (17 Nov 2024)

Privacy in Technology addresses personal information in today's IT systems from collection, processing, and sharing to storage and erasure. The course explains the purpose and value of engineering privacy features into IT products and services including consumer-facing privacy interfaces and controls. You will learn best practices for managing and protecting your organization's sensitive data assets. You will understand common varieties of information threats and vulnerabilities and how to apply security controls that address these risks. Lastly, you will interpret the privacy impacts of emerging technologies, mobile technologies, online media, and digital health as well as understand the significant influence of data and technology on public life. Domains covered: Privacy in information systems; Information security; Privacy in IT development; Online privacy; Privacy and emerging technologies; Privacy, technology, and civic life; Privacy and digital health; and Mobile privacy. Skills developed: Conducing a personal data inventory; Applying methods of identity and access management such as authentication and authorization; Identifying and mitigating common information threats such as phishing, ransomware and malware; Leveraging outcomes from known data breaches to improve information privacy and security; Coordinating privacy needs with colleagues in IT security, development, and engineering; Advocating for techniques of personal data minimization, de-identification, and anonymization in common IT tasks; Implementing Privacy by Design (PbD) principles to products, services and business processes; and, Negotiating a resolution to a privacy incident.

2 Classes

36 Hours

Schedule

November 25, 2024 to February 02, 2025

Classes Sat 9:00 AM-3:00 PM (01 Feb 2025); Sun 9:00 AM-1:00 PM (02 Feb 2025)

Privacy Operations is the third and final course of the three-part information privacy certificate program. This course leverages the key legal and technical concepts of the two prior courses and synthesizes these into best practices that can be applied to everyday operational environments. You will learn the utility of privacy impact assessments (PIAs); data subject access requests (DSARs); vendor evaluations and partner relations; incident mitigation; and, stakeholder training, policy communications and privacy awareness. These are the practical tools and methods for operationalizing privacy in any size of organization across Canada and around the world today. Domains covered: Privacy program management; Global privacy compliance; Assessing privacy risk; Incident planning and response; Access and consent management; Vendor and contract management; Onward transfers of data; and Privacy training and communications." Skills developed: Creating a privacy team and operation; Interpreting the basic requirements of global privacy laws and regulations; Writing and conducting a Privacy Impact Assessment (PIA); Handling data subject access requests (DSARs); Responding to information incidents such as breaches and hacks; Evaluating and vetting data vendors; Implementing protections to permit cross-border data flows; and Drafting and presenting a comprehensive privacy training and awareness plan.

2 Classes

36 Hours

Schedule

February 10 to April 06, 2025

Classes Sat 09:00 AM-3:00 PM (08 Mar 2025); Sun 9:00 AM-1:00 PM (09 Mar 2025)

The Fundamentals course establishes a foundation in information privacy terminology, requirements, and approaches. You will understand the role that privacy serves in data governance and risk management for an organization. You will learn how privacy developed as a practice and as a profession. Current Canadian privacy laws are explained as well as the structure and powers of the Canadian information and privacy commissioners. The course contrasts Canada's regulatory model, both culturally and practically, to other data protection regimes around the world and elaborates on how the issue of privacy will evolve globally in the years to come. Domains covered: Definitions and concepts of privacy; Founding principles of privacy; Privacy safeguards; Privacy law essentials; Private sector privacy laws; Public sector privacy laws; The mechanics of privacy; and The future of privacy. Skills developed: Interpreting national and cultural privacy behaviours and expectations; Implementing best practices for personal information protection; Analyzing common marketing and research uses of personal data; Disseminating a privacy policy; Conducting a personal information access request; Interfacing with the information and privacy commissioners of Canada; Complying with Canadian private-sector and public-sector privacy laws; and, Assessing emerging policy approaches to privacy protection.

2 Classes

36 Hours

Schedule

January 27 to March 23, 2025

Classes Sat 9:00 AM-3:00 PM (22 Mar 2025); Sun 9:00 AM-1:00 PM (23 Mar 2025)

Privacy in Technology addresses personal information in today's IT systems from collection, processing, and sharing to storage and erasure. The course explains the purpose and value of engineering privacy features into IT products and services including consumer-facing privacy interfaces and controls. You will learn best practices for managing and protecting your organization's sensitive data assets. You will understand common varieties of information threats and vulnerabilities and how to apply security controls that address these risks. Lastly, you will interpret the privacy impacts of emerging technologies, mobile technologies, online media, and digital health as well as understand the significant influence of data and technology on public life. Domains covered: Privacy in information systems; Information security; Privacy in IT development; Online privacy; Privacy and emerging technologies; Privacy, technology, and civic life; Privacy and digital health; and Mobile privacy. Skills developed: Conducing a personal data inventory; Applying methods of identity and access management such as authentication and authorization; Identifying and mitigating common information threats such as phishing, ransomware and malware; Leveraging outcomes from known data breaches to improve information privacy and security; Coordinating privacy needs with colleagues in IT security, development, and engineering; Advocating for techniques of personal data minimization, de-identification, and anonymization in common IT tasks; Implementing Privacy by Design (PbD) principles to products, services and business processes; and, Negotiating a resolution to a privacy incident.

2 Classes

36 Hours

Schedule

March 31 to May 25, 2025

Classes Sat 9:00 AM-3:00 PM (24 May 2025); Sun 9:00 AM-1:00 PM (25 May 2025)

Privacy Operations is the third and final course of the three-part information privacy certificate program. This course leverages the key legal and technical concepts of the two prior courses and synthesizes these into best practices that can be applied to everyday operational environments. You will learn the utility of privacy impact assessments (PIAs); data subject access requests (DSARs); vendor evaluations and partner relations; incident mitigation; and, stakeholder training, policy communications and privacy awareness. These are the practical tools and methods for operationalizing privacy in any size of organization across Canada and around the world today. Domains covered: Privacy program management; Global privacy compliance; Assessing privacy risk; Incident planning and response; Access and consent management; Vendor and contract management; Onward transfers of data; and Privacy training and communications." Skills developed: Creating a privacy team and operation; Interpreting the basic requirements of global privacy laws and regulations; Writing and conducting a Privacy Impact Assessment (PIA); Handling data subject access requests (DSARs); Responding to information incidents such as breaches and hacks; Evaluating and vetting data vendors; Implementing protections to permit cross-border data flows; and Drafting and presenting a comprehensive privacy training and awareness plan.

2 Classes

36 Hours

Schedule

June 02 to July 27, 2025

Classes Sat 09:00 AM-3:00 PM (28 Jun 2025); Sun 9:00 AM-1:00 PM (29 Jun 2025)