CIPP-E INTERMEDIATE COURSE

What you will learn

The training courses offered by 22Academy are organized into modules. Following every four or five modules, a repetition module is incorporated to review the theory previously covered. Each module includes a quiz comprising multiple questions. Upon successful completion of the quiz, you will gain access to the subsequent module.

The training course in this package consists of 18 modules, covering the entire CIPP/E curriculum, with more background information than in the Advanced Course, but in a more concise form than in the Beginners Course.

• Module 1: Course Introduction

Introduction to the course with an explanation of how the courseware works, how you can set your preferred end date, where and how to book your exam and if you should become a member of IAPP. It will include some tips on how to save money as well (don’t buy a textbook just yet). 

• Module 2: History and European Union Institutions 

We will discuss the Rationale for data protection, Human rights laws, OECD Guidelines and the Council of Europe, Convention 108+, a harmonized European approach, The Treaty of Lisbon and Brexit. Then we go into detail about the European Court of Human Rights, the European Parliament, the Commission, the Council and the Court of Justice of the European Union.

• Module 3: Legislative Framework

You will find articles about The CoE Convention, The EU Data Protection Directive, The ePrivacy Directive – as amended, The EU Directive on Electronic Commerce, European data retention regimes, The General Data Protection Regulation (GDPR), the NIS Directive and The EU Artificial Intelligence Act.

• Module 4: GDPR Concepts

This module is an introduction to the GDPR and will tell you about the concepts of data protection, like Personal data, Sensitive personal data, Special categories of personal data, Pseudonymous and anonymous data, Processing, Controller, Processor and what a Data subject exactly is.

• Module 5: Material and Territorial Scope

This module is about the Territorial and Material Scope of the GDPR, handling concepts like an Establishment in the EU and a Non-establishment in the EU.

• Module 6: Repeat and Test

As mentioned, this module is to repeat the previously learned materials.

• Module 7: Principles

The principles include Fairness and lawfulness, Purpose limitation, Proportionality, Accuracy, Storage limitation and Integrity and confidentiality.

• Module 8: Legal Bases and Information Provision

This module will discuss the Lawful Processing Criteria like Consent, Contractual necessity, Legal obligation, vital interests and public interest, Legitimate interests and processing Special categories of data. And we will give you more information about the Transparency principle, Privacy notices, and Layered notices.

• Module 9: Data Subject Rights 

In the first part of this module you will learn about the Right to Access, Rectification, Erasure and the right to be forgotten, Restriction and objection, Consent and the right of withdrawal. The second part goes deeper into the Right to Data portability, Automated decision making, including profiling and the Restrictions and limitations to rights.

• Module 10: Security

In this module we will discuss about topics like Appropriate technical and organizational measures, Encryption, Access controls, Breach notifications, Risk reporting requirements, Vendor Management and Data sharing.

• Module 11: Accountability

Accountability refers to Responsibility of Controllers and Processors. We dive deeper into the concepts of Data protection by design and by default, Documentation and cooperation with regulators, Data protection impact assessments (DPIA), Mandatory data protection officers and Auditing of privacy programs.

• Module 12: Repeat and Test

You will find a summary of the previously mentioned subject in this module, so you can repeat what you have learned so far.

• Module 13: International Data Transfers

This module is about the Rationale for prohibition, Adequate jurisdictions, data transfers between the EU and the US, covering Safe Harbor, Privacy Shield, the Transatlantic Data Privacy Framework and the implications of the ‘Schrems decisions’. Furthermore, we take a look at transfer mechanisms like, Standard Contractual Clauses, Binding Corporate Rules, Codes of Conduct and Certifications, Derogations and Transfer impact assessments (TIAs).

• Module 14: Supervision, Enforcement and Consequences

This module covers Supervisory authorities and their powers, The European Data Protection Board and the role of the European Data Protection Supervisor. We will also discuss the consequences of GDPR violations with the Process and procedures, Infringements and fines, Class actions and data subject compensation.

• Module 15: Employment and Surveillance

In this module we’ll discuss the Legal basis for processing of employee data, Storage of personnel records, Workplace monitoring and data loss prevention, EU Works councils, Whistleblowing systems and ‘Bring your own device' (BYOD) programs. It also dives deeper into Surveillance by public authorities, Interception of communications, Closed-circuit television, Geolocation and Biometrics and facial recognition.

• Module 16: Marketing and New Technologies

The marketing and new technologies module is concerned with Telemarketing, Direct marketing and Online behavioural targeting, and we will discuss Cloud computing, Web cookies, Search engine marketing, Social media platforms and Artificial Intelligence (AI) with machine learning and ethical issues.

• Module 17: Repeating Previous Topics

This is the last module in which previously studied topics will be repeated and tested.

• Module 18: Concluding Your Course

The final module of this course will tell you what to do next and how to get ready for that challenging certification exam. After this, you are ready to take the trial exam and fine-tune your gained knowledge.