CIPP/E-valmennus koostuu IAPPin laatimista moduuleista:

Module 1: Data protection laws

Introduces key European data protection laws and regulatory bodies, describing the evolution toward a harmonised legislative framework.

Module 2: Personal data

Defines and differentiates between types of data as defined by the GDPR, including personal, anonymous, pseudonymous and special categories.

Module 3: Controllers and processors

Describes the roles and relationships of controllers and processors as defined by the GDPR.

Module 4: Processing personal data

Defines data processing and GDPR processing principles, explains the application of the GDPR and outlines the legal grounds for processing personal data.

Module 5: Data subject rights

Describes data subject rights, applications of rights, and controller and processor obligations as set out in the GDPR.

Module 6: Information provision obligations

Explains controller obligations for providing information about data processing activities to data subjects and supervisory authorities as set out in the GDPR.

Module 7: International data transfers

Outlines options and obligations under the GDPR for transferring data outside the European Economic Area, including adequacy decisions and appropriate safeguards and derogations.

Module 8: Compliance considerations

Discusses the applications of European data protection laws, legal bases and compliance requirements for processing personal data in practice, including employers processing employee data, surveillance, direct marketing, and internet technology and communications.

Module 9: Security of processing

Discusses considerations and duties of controllers and processors for ensuring security of personal data and GDPR specifications for providing notification of data breaches.

Module 10: Accountability

Investigates accountability requirements, including data protection management systems, data protection impact assessments, data protection policies and the role of the data protection officer.

Module 11: Supervision and enforcement

Describes the role, powers and procedures of supervisory authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for
noncompliance as set out in the GDPR.