Certified Information Privacy Professional Europe CIPP/E
Exam passed 1/5/19 Verification :-
Enter registration number:-
349993046
Enter validation number :-
804218299
Certificate is here
I. Introduction to
European Data Protection
A. Origins and
Historical Context of Data Protection Law
1. Rationale for data protection
2. Human rights laws
3. Early laws and regulations
4. The need for a
harmonised European approach
5. The Treaty of Lisbon
6. A modernised framework
B. European Union Institutions
1. Council of Europe
2. European Court of Human Rights
3. European Parliament
4. European Commission
5. European Council
6. European Court of Justice
C. Legislative Framework
1. The Council of Europe
Convention for the Protection of Individuals with Regard to the
Automatic Processing of
Personal Data of 1981 (The CoE Convention)
2. The EU Data Protection
Directive (95/46/EC)
3. The EU Directive on
Privacy and Electronic Communications (2002/58/EC) - as
amended
4. The EU Directive on
Electronic Commerce (2000/31/EC)
5. European data retention regimes
6. The General Data
Protection Regulation (GDPR) and related legislation
II. European Data
Protection Law and Regulation
A. Data Protection Concepts
B. Territorial and
Material Scope of the General Data Protection Regulation
1. Establishment in the EU
2. Non-establishment in the EU
C. Data Processing Principles
1. Fairness and lawfulness
2. Purpose limitation
3. Proportionality
4. Accuracy
5. Storage limitation
6. Integrity and confidentiality
D. Lawful Processing Criteria
1. Consent
2. Contractual necessity
3. Legal obligation, vital interests and public
interest
4. Legitimate interests
5. Special categories of processing
E. Information Provision Obligations
1. Transparency principle
2. Privacy notices
3. Layered notices
F. Data Subjects' Rights
1. Access
2. Rectification
3. Erasure and the right to be forgotten (RTBF)
4. Restriction and objection
5. Automated decision
making, including profiling
6. Data portability
7. Restrictions
G. Security of
Personal Data
1. Appropriate technical
and organisational measures
2. Breach notification
3. Vendor Management
H. Accountability
Reguirements
1. Responsibility of controllers and processors
2. Data protection by design and by default
3. Documentation and cooperation with regulators
4. Data protection impact assessment
5. Mandatory data protection officers
I. International Data Transfers
1. Rationale for prohibition
2. Safe jurisdictions
3. Safe Harbor and Privacy Shield
4. Model contracts
5. Binding Corporate Rules (BCRs)
6. Codes of Conduct and Certifications
7. Derogations
J. Supervision and enforcement
1. Supervisory authorities and their powers
2. The European Data
Protection Board
3. Role of the European Data Protection
Supervisor (EDPS)
K. Consequences for
GDPR violations
1. Process and procedures
2. Infringements and fines
3. Data subject compensation
III.Compliance with
European Data Protection Law and Regulation
A. Employment Relationship
1. Legal basis for processing of employee data
2. Storage of personnel records
3. Workplace monitoring and data loss prevention
4. EU Works councils
5. Whistleblowing systems
6. 'Bring your own device' (BYOD) programs
B. Surveillance Activities
1. Surveillance by public authorities
2. Interception of communications
3. Closed-circuit television (CCTV)
4. Geolocation
C. Direct Marketing
1. Telemarketing
2. Direct marketing
3. Online behavioural targeting
D. Internet Technology
and Communications
1. Cloud computing
2. Web cookies
3. Search engine marketing (SEM)
4. Social networking services
