Day 1: Fundamentals of Information Privacy
Module 1: Common Principles and Approaches to Privacy
This module includes a brief discussion of the modern history of privacy, an introduction to types of information, an overview of information risk management and a summary of modern privacy principles.
Module 2: Jurisdiction and Industries
This module introduces the major privacy models employed around the globe and provides an overview of privacy and data protection regulation by jurisdictions and industry sectors.
Module 3: Information Security: Safeguarding Personal Information
This module presents introductions to information security, including definitions, elements, standards and threats/ vulnerabilities, as well as introductions to information security management and governance, including frameworks, controls, cryptography and identity and access management (IAM).
Module 4: Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies
This module examines the web as a platform, as well as privacy considerations for sensitive online information, including policies and notices, access, security, authentication and data collection. Additional topics include children’s online privacy, email, searches, online marketing and advertising, social media, online assurance, cloud computing and mobile devices
Day 2: Privacy Management
This program is broken into two segments: the first illustrates important practices in managing privacy, and the second is an interactive format in which participants apply these practices to a real-world scenario.
Module 1: Privacy Program Governance
This module reveals how to create a privacy program at an organizational level, develop and implement a framework and establish metrics to measure program effectiveness. Topics include: creating a company vision for its privacy program; establishing a privacy program that aligns to the business; structuring the privacy team; developing organizational privacy policies, standards and guidelines; defining privacy program activities; and defining program metrics.
Module 2: Privacy Operational Life Cycle
This substantial module reviews privacy program practices employed throughout the privacy life cycle—assess, protect, sustain and respond. Topics include: documenting the privacy baseline of the organization; data processors and third-party vendor assessments; physical assessments; mergers, acquisitions and divestitures; privacy threshold analysis; privacy impact assessments; information security practices; Privacy by Design; integrating privacy requirements across the organization; auditing your privacy program; creating awareness of the organization’s privacy program; compliance monitoring; handling information requests; and handling privacy incidents.