Course content
The course will address, in a global context, the following topics:
- Foundational Principles of Data Protection Law: legal basis of processing, different approaches to consent, fair and transparent processing, data security (basic) and retention.
- Accountability: building a privacy management program to support compliance with privacy laws around the world, including documentation requirements.
- Individual Rights: focus on access, correction, deletion, but with attention for other rights that exist around the world (profiling, do not sell, portability, right to be forgotten, etc.)
- International Data Flows: what constitutes a data transfer, the concept of adequacy around the world, contractual safeguards and other transfer mechanisms (including Onward transfers challenges).
- Contracts: data protection in contracts, processing agreements, consent mechanisms, etc.
- Technical and Organisational measures: data security and breaches, incident response plan in global operations.
This course focuses on global compliance and has been designed bottom-up: The ECPC-G course package takes the standard ECPC - B Professional DPO Certification (for GDPR) as a base and further equips candidates thoroughly in order to apply data protection globally, rather than just relying on the General Data Protection Regulation (GDPR).
The course will include 9 main blocks, with one global module discussing the international framework (Convention 108, OECD Privacy Guidelines, APEC Privacy Framework), and 8 country modules - United States (CCPA - California’s Consumer Privacy Act & CPRA - The California Privacy Rights Act), Brazil (LGPD – Data Protection Law), Kenya (Kenya Data Protection Act), Canada (PIPEDA- Data Protection Law & Upcoming CPPA), India (Upcoming PBDP - Personal Data Protection Bill), Japan (APPI - Act on the Protection of Personal Information) and Australia & New Zealand (Privacy Acts) and China (PIPL).
The ECPC-G Certification offers a global outlook on the data protection laws, helping professionals in the field to be compliant in a global economy and in multiple jurisdictions.
Please note that the precondition to enrol in the ECPC-G certification is to possess the ECPC-B Professional DPO Certification, or another equivalent (valid) certification with at least 40 hours training/preparation/self-study (such as the CIPP/E certificate).
Optional Courses
Participants can expand their global knowledge by registering to one or all of the following optional courses:
- United Kingdom (UK GDPR and the upcoming Data Protection and Digital Information Bill)
- Data security management and international standards (such as the ISO or the NIST standards)
