Which privacy certification should I take first?

Do you recognize pattern?

There are recently a number of questions in the posts about IAPP certification, more specifically which of the CIPP, CIPM and CIPT privacy professional certificate should I do first. In general the answer I will discuss could be applied to any privacy education or training covering three main pillars: legal, compliance and technical.

Shift from legal to compliance to tech

I am in iapp certification process since 2017 and since had run dozen trainings. What I noticed from my trainees is that the leading certification interest actually had changed over time.

Back in 2017 the main interest was in CIPP (particularly CIPP/E in Europe) due to high expectations better to say concern about GDPR. CIPP/E is what I call in black and white picture “legal” part of privacy. We all had lot of questions about what kind of regulation is that and how it will be enforced.

Then we get some experience and realized that what is most important is how do we run our privacy programs and what is the best approach how to prove our accountability. That was main topic for CIPM, or how we would put it “compliance” part of the story: how to setup and keep running privacy program.

Today what we experience is that many privacy professionals are taking look at something I call “how to implement privacy protection?”. There are technical people looking with questions in their eyes into legal and compliance personnel talking to them about transparency, notices, appropriate technical measures and all that weird legal staff. At the same time legal people, process owners and better to say risk owners are trying to understand why technical guys and girls are shaking their heads telling them this is not possible or but we are already doing that or even worse – write down functional and non functional requirements. Then we have latest guidelines from EDPB telling about what SA expect from Data protection by design by default, we have India PDP Bill 2019 that define fiduciary responsibility about Privacy by design and many others. Suddenly, CIPT becomes topic number one. That is what I call “technical” part of the story. Today I have requests from all over the world coming from legal, compliance, tech and others asking about CIPT. Funny to say but my latest CIPT class is filled only with lawyers and attorneys. As well as CIPP/E and CIPM. What does this tell to me? Legal-tech is running at its fastest.

Does this answer question where to start? Yes. You should start where your pain is and where your national and corporate privacy maturity is. Nobody can tell you but your demanding market where you are working on. If you decide to go all of them, then the best practice sequence should be: CIPP/E, CIPM and CIPT.

Do it yourself or join the training dilemma

Next question is: should I do it myself or purchase IAPP program? The answer is also very simple.

If you can afford it, go for IAPP certification program. Not only that you will prepare for certification exam but you will meet other professionals and learn about pain they have and best practice they experience. If your OTP provide additional value then your training program will not last 2 days but 2 month as he/she will provide you with 4 weeks preparation before training, training itself and mentoring before exam – at least. That is value for the money.

If you do not have funds available, then rely on internet search, quiz-lets, exam sample books, common sense and – your experience. However – take into consideration that legal background make CIPP/E difficult to pass exam and strong IT experience make CIPT challenging exam.

Privacy and data protection is multidisciplinary field of work and that as well is IAPP privacy certification programs. If you need further explanation – feel free to ask me. Happy to be of any help to my fellow privacy professionals.

Data Protection Day 2021

Ove godine, nažalost, iz dobro poznatih razloga nismo u mogućnosti obilježiti Dan zaštite podataka u zajedničkom druženju, ali to nas nije spriječilo da ipak organiziramo mini konferenciju ali s maksi učesnicima i temom koja će u ovoj 2021 postati tema #1: integrirana zaštita podataka – kako glasi tajanstveni hrvatski prijevod Članak 25. ili Data protection by design and by default u engleskom originalu.

Stoga smo i nazvali konferenciju “Pbd/d – podcijenjena skraćenica“.

Posebno smo sretni što će nam se uvodno obratiti europski povjerenik za zaštitu podataka, g. Wojciech Wiewiórowski, European Data Protection Supervisor, možemo reći istinski domaćin obilježavanja ovog spomena na Konvenciju 108 i početaka obvezujuće zaštite podataka u svijetu općenito.

U nedavno objavljenoj strategiji EDPB za 2021-2023 jedna od ključnih točaka je upravo Pbd/d. Također nedavno je izdana smjernica EDPB “Guidelines 4/2019 on Article 25” koja na odličan način objašnjava važnost ali i pristupu usklađenju s ovim zahtjevom GDPR. Kolega Neven Dujmović iz aspekta svoje bogate prakse iznijeti će kao uvodno predavanje u panel diskusiju upravo ovu smjernicu.

Panelisti koji će osvijetliti poslovne, informatičke, pravne, auditorske i druge aspekte ovog Članka i same filozofije koja seže do Ann Cavoukian i Privacy by Design principa, dolaze iz redova iskusnih “privacy professionals”, posebno dvije dame: Vlatka Vuković i Natalija Parlov Una.

Konferenciju zajednički organiziraju Hrvatska udruga poslodavaca i lokalni IAPP KnowledgeNet Chapter.

Prijave su preko adrese hup@hup.hr.

Dvije godine primjene GDPR

U razvoju djeteta, dvije godine života imaju veliko značenje. Kažu stručnjaci da dijete u toj dobi počne prepoznavati osnovna svojstva predmeta i da ih počinje aktivno isprobavati, razlikuje dijelove od cjelina. Razlikuje boje ali ih točno ne imenuje. Počinje shvaćanje vremena i prostora. Ima prirođen osjećaj za količinu do broja 3. Poboljšava se pamćenje redoslijeda radnji! U izgovoru ima još pogrešaka.
Nadalje, kažu stručnjaci da bi odrasli trebali nastojati razumjeti što Dijete želi priopćiti. Da u razgovoru s Djetetom treba rabiti jednostavne rečenice, izgovarati ih polagano i razgovjetno. Neprestano i strpljivo govoriti s Djetetom. Davati mu mogućosti da i ono što više priča i odgovara na pitanja, podržati ga i hrabriti na verbalizaciju. Biti tolerantan prema pogreškama u izgovoru, ne opominjati i ispravljati, već mu pružati ispravan govorni model. Listati i gledati slikovnice s Djetetom uz čitanje i poslije čitanja teksta. Poticati Dijete da prema slici samo nadopunjava priču svojim riječima i daje svoja tumačenja.
(izvor Grdelin – ovdje)

Naše Dijete – Opća uredba o zaštiti podataka EU 2016/679 koje od milja zovemo GDPR – navršilo je 25.5.2020. dvije pune godine. Prepoznajemo li osobine djeteta u osobinama primjene ove uredbe. Te osobine nalaze se u svakome od onih koji sudjeluju u toj primjeni. Prvo, to su ispitanici: ja, ti, on – sve fizičke osobe čije osobne podatke netko prikuplja i obrađuje. Razumijevanje prava i pristupa zaštiti tim pravima, po nekim općim naznakama predstavlja vrlo napredno Dijete. Drugo, to su organizacije: voditelji i izvršitelji obrade, svi oni koji određuju koje osobne podatke će prikupljati i u koju svrhu će ih obrađivati. Kao i kod sve djece, tu vlada veliko šarenilo. Neka Djeca, nažalost, još uvijek nisu prohodala i zaostaju u razvoju toliko da to postaje vrlo zabrinjavajuće. Vrlo često, problem su njihovi Roditelji i Skrbnici koji ne shvaćaju da Dijete traži pažnju i skrb kako u jednom trenutku ne bi shvatili da je prekasno. Treće, tu se nalaze i nadzorna tijela pa i država, sabor, predstavnici vlasti. To su Djeca koja traže posebnu skrb i veliko strpljenje te ustrajni napor i rad za poticanje njihovih vještina.
Pažljivo pročitajte što stručnjaci prepoznaju kao osobine i psihološke uvjete razvoja djeteta u dobi od 2 do 3 godine, pa ih tumačite u ovom kontekstu Djece.

Europsko nadzorno tijelo objavilo je svoje izvješće za 2019. godinu, pa ga preporučam za čitanje u cijelosti ovdje.

Povodom dvije godine primjene GDPR iapp je ponudio certifikacijske i trening pakete po značajno nižim cijenama

Trening, osim što kroz rad s trenerom, na radnim materijalima i knjigama postiže određenu kvalifikaciju i vještinu zaštite podataka, ujedno je i priprema za polaganje IAPP certifikacijskog ispita:

Trening i priprema su mogući u slijedećim opcijama:

  • s uključenom ili bez godišnje IAPP članarine
  • s ili bez vaučera za polaganje certifikacijskog ispita
  • u živo s trenerom (live in-person)
  • e-learning materijal za samopripremu (online) koji u organizaciji Bello Consulting uključuje i određeni broj sati mentoringa s IAPP FIP trenerom

Svi treninzi slijede isti Book of Knowledge (BoK) za pojedine certifikate.

Novi oblici treninga i pripreme za polaganje certifikacijskog ispita

Live In-person trening i priprema za CIPM, CIPP/E ili CIPT ispite bez godišnjeg članstva u IAPP i bez vaučera za polaganje ispita.
Cijena: do 30. svibnja 3.950,00kn, do 30. rujna 4.590,00kn i redovna cijena 6.200,00kn

Online e-learning trening i priprema za CIPM, CIPP/E ili CIPT ispite koja uključuje godišnje članstvo u IAPP i vaučer za polaganje ispita.
Cijena: do 30. svibnja 6.950,00kn i redovna cijena 7.950,00kn

Trening, priprema i polaganje certifikacijskog ispita

Trening i priprema za CIPM, CIPP/E ili CIPT ispite koja uključuje godišnje članstvo u IAPP i vaučer za polaganje ispita.
Cijena: do 30. svibnja 7.950,00kn, do 30. rujna 9.950,00kn i redovna cijena 15.000,00kn

Napomena: sve cijene su bez PDV-a

Prijaviti se možete ovdje.

IAPP Certification testing available online (as of mid May)

Online Proctoring Brings Certification Testing to Your Home or Private Workspace.

In our current state of social distancing and working from home, we are finding new ways to help you continue to advance your career. With Pearson Vue’s online option, you can take your exam in a private, secure location with a few technological requirements.

How Will it Work?

This remote testing option utilizes today’s technology and live monitoring to give you a more convenient experience through your chosen location.

First, you will need:

  • Quiet, private location.
  • Reliable computer with a web camera and microphone.
  • Strong internet connection.

How Can I Schedule Online Proctoring?

As of mid-May, you can schedule your exam with this new option. Simply, purchase your training through the Bello Consulting here and go through mentoring and training either in-person/live or online . Then, schedule with OnVUE, Pearson VUE’s online proctoring platform. You will choose “online proctoring” and a date and time with a live proctor available.

Online testing is limited to proctor availability, so be sure to look at the open exam slots as you plan for your testing date. Also understand this form of testing is unavailable in certain countries, so visit Pearson VUE for availability near you. Online testing is available for Croatia.

After scheduling your exam, you will receive instructions to verify your space meets the technical specifications, and how to install the online proctoring application and testing secure browser (“Installer”), so you can access your exam.

Watch the video

Get comfortable, brew a cup of your favorite coffee or tea and learn more today here.

For more details read:

https://bello.hr/iapp/gdprready-training/

Video to IAPP Training Partners from CEO, J. Trevor Hughes

To our trusted Official Training Partners,

I am reaching out with a message of encouragement. We are in unprecedented times. In a matter of days, the way we have always done business was turned upside down and we have had to reinvent ourselves in this new normal. Where you might have had a spring schedule of public trainings, you have now pivoted to live online offerings or reselling our self-paced, online trainings. However we can assist you, your Channel Team is there to support your efforts.

Make no mistake, privacy is not going away. The important and necessary work privacy professionals are doing all over the world continues despite these trying times. To help you relay this message, I have created a short video for you to share with your trainees (and potential trainees) about the importance of prioritizing professional development and working with you to make that happen.

We are in this together and will adapt as needed to make it to the other side. Lean on the IAPP’s Channel Team to help you navigate your way forward. 

Kind regards, 
J. Trevor Hughes 
President & CEO, IAPP

iapp KnowledgeNet Hrvatska i HUP vas pozivaju na Dan zaštite podataka 2020

Poštovani članovi,

Hrvatska udruga poslodavaca i IAPP KnowledgeNet chapter Hrvatska obilježavaju Dan privatnosti podataka 2020. konferencijom koja će se održati u utorak, 28. siječnja 2020. g. u Hrvatskoj udruzi poslodavaca, Radnička cesta 52/I., Zagreb, (Green Gold, ulaz R2).  Svoj dolazak molimo potvrdite na e-mail: hup@hup.hr

Naime, dana 28. siječnja 1981. godine Vijeće Europe prihvatilo je konvenciju broj 108 kao prvi obvezujući međunarodni zakonski instrument na području zaštite podataka, a posebno razmjenu osobnih podataka između država kao važni element međunarodne zaštite osobnih podataka. Članicama Vijeća Europe (njih 47) na potpis je proslijeđen dokument „Konvencija 108“, te se izostavljanjem „europska“ željelo naglasiti važnost zaštite korištenja osobnih podataka na globalnom nivou. Time je omogućeno i zemljama koje nisu članice Vijeća Europe da prihvate konvenciju i olakšaju svojim kompanijama digitalno poslovanje i korištenje osobnih podataka. U Europi se na taj dan obilježava „Data Protection Day“. Kasnije, 2008. godine SAD i Kanada su proširile tu obljetnicu kroz „Data Privacy Day“ te se danas u cijelom svijetu praktički 28. siječnja obilježava kao Dan privatnosti (SAD, Kanada i druge zemlje) ili kao Dan zaštite podataka (EU termin).

Kvaliteta digitalne transformacije i uspješnost 4.0 industrije u direktnoj je korelaciji sa zaštitom podataka. Koliko su poslodavci više svjesni važnosti prihvaćanja zaštite podataka to će manji biti rizik korištenja osobnih podataka. Analiza izrečenih sankcija u EU u proteklih 18 mjeseci od početka primjene Opće uredbe o zaštiti podataka (GDPR) pokazuje da je veliki broj kazni uzrokovan upravo nedostatkom općeg i kvalitetnog obrazovanja na području zaštite podataka svih zainteresiranih osoba koje u djelokrugu svojega poslovanja prikupljaju i obrađuju osobne podatke.

Cilj ove konferencije je stoga pored obilježavanja Dana zaštite podataka i privatnosti dati i vrlo konkretne primjere edukacije i ukazati na moguća područja poboljšanja zaštite podataka.

Suorganizator konferencije je hrvatski ogranak International Association of Privacy Professionals. IAPP je najveća svjetska neprofitna i neovisna organizacija koja se bavi privatnošću i zaštitom podataka te okuplja preko 50.000 profesionalaca iz skoro 100 zemalja svijeta u kojima je prisutna preko svojih KnowledgeNET ogranaka. Pojedincima i organizacijama omogućava stjecanje potrebnih kvalifikacija i znanja na području zaštite podataka uz polaganje traženih CIPP certifikata te dostup do velikog broja potrebnih resursa.

Ljubazno Vas molimo da potvrdite dolazak na hup@hup.hr do 27.siječnja 2020.

PROGRAM

8:30 – 9:00            Registracija

09:00 – 09:10      „Data Protection Day 2020“, pozdravni govor u ime HUP-a

09:10 – 9:20        „Data Privacy Day 2020“, pozdravni govor u ime IAPP KnowledgeNET Hrvatska

09:20 – 9:45        „Digitalna transformacija i kibernetička sigurnost“, Kristina Posavec, Središnji državni ured za razvoj digitalnog društva

09:45 – 10:10      „Rezultati EU projekta T4Data i edukacijski portal“, Marko Trošelj, AZOP

10:10 – 10:35     „Uređivanje odnosa voditelja i izvršitelja obrade“, Maja Šutalo CIPP/E, odvjetnički ured Šutalo

10:35 -11:00       „Osposobljavanje osoba uključenih u zaštitu podataka“, William Bello CIPP/E CIPT FIP, Bello Consulting

11:00 – 11:15      Pauza

11:15 – 11:25      Uvod u temu panel diskusije “Osviještenost tvrtki: temelj usklađenosti GDPR-om”, Patricio Marcos Petrić, PwC Hrvatska

11:25 – 11:55      Panel diskusija

11:55 – 12:00      Zaključak i zatvaranje konferencije

Hrvatska udruga poslodavaca Vaše podatke obrađuje u skladu sa politikom o obradi podataka koju možete naći na sljedećem linku:https://www.hup.hr/obavijest-o-obradi-podataka.aspx

S poštovanjem,

Obuka

Vi osobno ili vaše kolege naslušali ste se o GDPR i pitali se nakon završetka predavanja – pa što je to GDPR? Vjerujem da ste se naslušali svačega. E – pa obuka koju ćete proći s nama je nešto sasvim drugo. Ako ste do sada slušali o tome što ne smijete i kako morate za sve dati ili tražiti privolu, na našim predavanjima ćete saznati pravu istinu: što se smije i koje su stvarne zakonske osnove pojedinih obrada osobnih podataka.

Prvo – obuke su prilagođene vašim potrebama i predznanju. Zato se radi u manjim grupama, predavanje je više nalik radionici u kojoj se stiču praktična znanja. Radi se na stvarnim primjerima iz prakse.

Drugo – formalno obuka može biti informativna ali i vrlo zahtjevna sa završnim ispitom. Neki puta trebate educirati svoje zaposlenike ili članove projektnog tima. Međutim, u nekim situacijama potreban vam je međunoradno priznati certifikat koji će vam jamčiti prepoznatljivost na svjetskom tržištu rada.

Treće – područje koje se obrađuje može biti općeg karaktera ali i usko specijalizirano za pojedinu temu ili industriju. One općeg karaktera prolaze kroz Opću uredbu o zaštiti podataka i daju vam pregled što uredba znači za vas i što se očekuje od vas da poduzmete po tom pitanju. Specijalizirane teme obuhvaćaju postupke i metode uvođenja Privacy by Design / Redesign, rada na analizi rizika, izrade LIA i DPIA i sl.

Četvrto – konkretna metodologija primjene (program privatnosti) zasnovana je na dobroj praksi svjetski prepoznatih organizacija poput IAPP i Nymity ali i besplatnim alatima za pomoć DPO te specijalistima za privatnost. Podio4GDPR je besplatni alat za provođenje programa privatnosti za DPO zasnovan na Nymity frameworku.

Peto – mnoge organizacije su konačno shvatile nužnost usklađivanja s ISO27001 ali i ISO27701. Od pripreme, provođenja gap analize pa do rada na donošenju pojedinih dokumenata koji prate implementaciju standarda, niste prepušteni sami sebi već imate čvrsto vodstvo i ekspertno znanje stečeno na mnogim projektima.

Popis programskih cjelina:

  1. Opća uredba o zaštiti podataka, 1 dan
  2. EU i globalno zakonodavstvo na području privatnosti i zaštite podataka (vidi CIPP/E), 2 dana
  3. Uvođenje i provođenje programa privatnosti (vidi CIPM), 2 dana
  4. Tehnički preduvjeti i značajke privatnosti i zaštite podataka (vidi CIPT), 2 dana
  5. Priprema za polaganje IAPP certifikata CIPP/E, CIPM i CIPT, 2 dana za pojedini certifikat
  6. Priprema za ISO27001 i ISO27701, 2 dana
  7. Privacy by Design, 1 dan
  8. Izrada posebnih dokumenata: LIA, PIA, DPIA – 1 dan
  9. Školovanje za DPO, 4 dana
  10. DevOps i GDPR za razvoj on-line i mobilnih aplikacija
  11. Posebne teme (1 dan / temi): video nadzor, WiFi4EU, iOT, Podio4GDPR i sl.

Termini i cijene pojedinih programskih cjelina dostupne su na upit.

Privacy Training Classes (now in Zagreb)

TWO DAYS TO A CAREER UPGRADE

Why not get away for a little privacy—or a lot? Our two-day privacy training classes, held all over the world, are robust, interactive ways to learn critical privacy concepts that are also integral to the certification exams. You’ll meet great people, gain essential skills and connect with our Professional Privacy Faculty—the best in the business for what they know and how they teach it.

Training is appropriate for professionals who plan to certify, as well for those who want to deepen their privacy knowledge. Note that these are not purely “test prep” courses, nor does taking training guarantee you’ll pass your exam (hey, it’s not that easy).

Take a look at our course outlines below and see how privacy training can help in the work you do—or want to do. And if you decide to aim for a credential, you’ll have a head start!

Take IAPP privacy training classes in Zagreb. Check next available slot: here.

The inaugural class of Privacy Law Specialists is unveiled

For the first time in IAPP history, 27 members were named Privacy Law Specialists Aug. 10. The designation carries with it an acknowledgment that a candidate has successfully demonstrated a knowledge of relevant privacy laws, regulation and technology; a commitment to staying ahead of new developments in the field; and substantial time devoted to practicing law related to safeguarding personal information. Representing privacy professionals looking to distinguish themselves in the field, a few of the inaugural class members spoke with The Privacy Advisor on why the distinction is important to them.

When the first submission window opened April 2 promising to usher in the first wave of Privacy Law Specialists, Cassandra Porter, CIPP/US, CIPM, FIP, PLS, jumped on it. She had known she wanted to achieve the PLS distinction since learning about it in 2016. Porter said, “I told my colleagues, ‘I’m going to apply as soon as applications are open,’ and [I] started studying for the CIPM.”

Porter added the PLS affords lawyers in the privacy space an edge when working with clients or negotiating with other lawyers. She also considers “IAPP certifications to be a litmus test” for how a negotiation with opposing counsel will go. “If I’m negotiating with a fellow IAPP member, I know it will be a fruitful discussion.” She added, “It’s because IAPP members care about the same issue: What is the right thing to do?”

Chris Cwalina, CIPP/US, CIPM, FIP, PLS, global co-head of cyber risk at Norton Rose Fulbright, explained how the PLS designation helps to measurably demonstrate experience. Its existence, he said, establishes privacy as an area of law that requires specialized knowledge and expertise.

“The growth of the privacy profession has been tremendous. What the PLS does is to help distinguish privacy lawyers who have devoted themselves to the field and helps solidify privacy law as an area of expertise that requires a certain level of knowledge, years of experience and credentials. It’s no longer regarded as an area of law that can be practiced superficially, and the PLS helps to reinforce that fact,” Cwalina said.

He went on to explain that the American Bar Association’s recognition of privacy as a specialty helps lawyers highlight their work in a meaningful way. “It’s a formal recognition that privacy is not only an area of law but one that is growing, complicated and worthy of its own distinction,” he said.

Likewise, Denise Farnsworth, CIPP/E, CIPP/US, CIPM, PLS, deputy data protection officer at Facebook, said, “For lawyers, it’s a great opportunity to demonstrate a very specific and deep knowledge about privacy and data security. I think it’s incredibly valuable. As a lawyer, these types of specialty designations are needed to help our clients understand who has a deep understanding of specific areas. I think this is going to help open the door for several of these types of designations. It’s a leap forward in the legal profession.”

Farnsworth added, “If people see the privacy designation attached to names, it’s going to help create a market. I believe the privacy designation will help broaden the privacy and data security knowledge base for lawyers in general.”

The next submission window closes Sept. 30. Find more information here.

Author: Molly Hulefeld

Article link

IAPP certifications now globally recognized under new Multilateral Recognition Arrangement


Since 2015, the IAPP’s CIPM, CIPP/E, CIPP/US and CIPT credentials have been accredited by the American National Standards Institute under the International Organization for Standardization standard 17024: 2012. Originally, the IAPP chose ANSI to distinguish the certifications based on ANSI’s standing as an internationally respected accrediting body and rigorous standards. Now, the signing of a Multilateral Recognition Agreement with the International Accreditation Forum has allowed ANSI’s gold standard to go global, and IAPP certificates, as a result, have become virtual passports.

ANSI became recognized as a signatory to the International Accreditation Forum Multilateral Recognition Arrangement for ISO/IEC 17024: 2012 in an agreement signed Oct. 30, 2018. In a press release, ANSI said, “Being recognized by IAF provides further confidence that ANSI accreditation conforms to global requirements for accreditation bodies (ISO/IEC 17011) and has successfully demonstrated its competence through a rigorous peer-evaluation process. As a signatory to these MLAs, ANSI demonstrates ISO/IEC 17011 compliance attesting to equal reliability worldwide.”

Effectively, the agreement, which applies to IAF accrediting bodies, shows that the organizations they accredit are all meeting the same standard.

“Bottom line,” said IAPP Certification Director Douglas Forman, “accrediting bodies that are IAF members must recognize the certificates issued by one another’s accredited certifying bodies.” Under the mantra, “Certified once-accepted everywhere,” members with credentials recognized by ANSI will find themselves accepted worldwide under the new agreement.

This is great news for IAPP certification holders, Forman said. He added that internationally, most governments in the EU and Asia-Pacific only recognize certifications that are accredited by an IAF MLA signatory. Under the new agreement, CIPM, CIPT, CIPP/US and CIPP/E are accepted globally, giving them an international stamp of approval that so many governments look for.

“This provides incredible value to those with certifications,” Forman said. “As global privacy professionals find they have a certification they can take anywhere and have it recognized as something that’s valuable, that will be huge. Our certifications have truly gone international,” said Forman.

While multilateral agreements are often reserved for products and processes, Forman said, “this is a major milestone because it’s 17024: 2012 specific.” He added, “It underscores why we went with ANSI in the first place. As a signatory to this MLA, ANSI has even more of a prominent international stature that it can now share with IAPP certifications.”

While the IAPP has always been international in focus, this move is the latest to take the IAPP international in practice.

By Molly Hulefeld

article link