Those who want formal privacy qualifications and are bemused by the range of certificates on offer, will shortly be able to choose between two more.
The IAPP has announced a new Certified Information Privacy Technologist (CIPT) certification. The text book will be published in July, while the first accreditation exams will be held in the US in mid-September. If you are an IT professional who needs training on how to embed privacy into a company’s IT programme including establishing privacy practices around data collection and transfer, understanding consumer privacy expectations and responsibility, as well as developing privacy notifications, then this could be of interest to you.
This qualification compliments the IAAP’s other privacy certifications – the Certified Information Privacy Professional (CIPP) which focuses on addressing privacy laws and regulations, and the Certified Information Privacy Manager (CIPM) which focuses on how to operationalize privacy throughout an organisation.
The British Computer Society, on the other hand, has just announced that it will soon launch its Foundation Certificate in Data Protection – which appears to be of a standard equivalent to that of the IAAP’s CIPP qualification. If you apply for the BCS’s Foundation Certificate, you’ll sit an hour long exam, dealing with 40 multiple choice questions. No mini essays to write. Just tick 40 boxes. The pass mark is 65% (26 out of the 40 questions).
Candidates that successfully complete the BCS’s exam will then hold a recognised qualification in data protection, appreciate the way in which the Data Protection Act and the PECR (marketing) regulations work, understand individual and organisational responsibilities under the DPA, and generally be better placed to support organisations in managing and handling customer data properly.
The Foundation Course will also provide a stepping stone for those who decide at a later stage to undergo more rigorous training to obtain the BCS’s Practitioner Certificate in Data Protection. This is the famous ISEB, the gold standard of data protection qualifications. Beware – the ISEB exam does require candidates to write mini and longer essays, as well as complete a set of multiple choice questions.
So what factors might influence a candidate who was faced with a choice of the IAPP’s CIPP qualification or the BCS’s Foundation Certificate?
Cost might be a factor, as I understand that the BCS is keen to ensure that its fees are extremely competitive. The public exam fee is just £145, and accredited trainers (if you decide to seek the support of any accredited training, that is) are likely to charge reasonably low fees, too, as the BCS estimates that candidates only need undergo some 16 hours of study before sitting the exam.
But unlike the IAPP, I understand, there is no requirement to undertake continuing professional education to keep the certification up to date. In other words, Foundation Certificate holders won’t be required to spend a minimum number of hours attending data protection courses – or conferences – throughout the year, or to pay an annual association membership fee. That might well appeal to some cash-strapped employers who are interested in paying for their employee’s professional qualifications, but don’t want to tie themselves or their employees into longer term financial commitments.
As far a as the exam format is concerned, both the IAAP and the BCS will require candidates to visit an exam venue, sit in front of a computer screen, and tick various boxes. There is no need for candidates to display any of their poor handwriting, spelling or punctuation skills.
Whatever certification you go for (or whatever certification you go for first), I do wish you all the best. Let’s hope that employers will find the certificate to be of sufficient value that it suitably enhances the earning potential of certificate holders.
While I’ve referred to the BCS and the IAAP in this blog, privacy certificates are available from other providers. Google will help those who need to understand who’s selling what. I’m not aware of any independent work that has been carried out on the relative value of these certificates.