FIPA Privacy Management Certificate


Freedom of Information and Privacy Association




This certificate program has been developed by the Freedom of Information and Privacy Association to help organizations learn about privacy laws in Canada to help organizations understand what they need to do to ensure they are complying with the appropriate law. Compliance with Canadian privacy law is important for several reasons:


1. Building Trust: Complying with privacy laws can help build trust with customers, employees, and other stakeholders. It shows that a business is committed to protecting personal information and respecting the privacy rights of individuals.
2. Legal Obligations: Canadian privacy laws, such as the Personal Information Protection and Electronic Documents Act (PIPEDA), require businesses to protect personal information and follow specific rules for collecting, using, and disclosing it. Failure to comply with these laws can result in fines, legal penalties, and damage to a company's reputation.
3. Protecting Personal Information: Canadian privacy laws help to protect the personal information of individuals, such as their name, address, phone number, and financial information, from being used for unauthorized purposes. This helps to prevent identity theft, fraud, and other types of cybercrime.


To bring this learning to life and make it relevant and easy-to-understand, we’ll follow a small non-profit, “Support Capacity Limited”, or SCL on its journey to full compliance with Canadian privacy law. By following this small non-profit, we include a number of additional considerations that non-profits will need to consider.

This course includes over 40 downloadable supporting documents, templates, worksheets, plans and resources and checklists which are essential to your Privacy Management Program.  You will also receive essential links to privacy program guidance and resources.


Law Society of British Columbia
CPA Associations across Canada

THE PERSONAL INFORMATION PROTECTION AND ELECTRONIC DOCUMENTS ACT  (PIPEDA), came into force on January 1, 2001 and applies to private-sector organizations across Canada that collect, use or disclose personal information in the course of commercial activity.

Unless your organization is federally regulated and required to comply with PIPEDA, organizations in Alberta, British Columbia and Quebec comply with provincial laws that govern the private sector for the collection, use or disclosure of personal information that occurs within their respective province.

This course will help you to understand and refresh your understanding about the requirements of privacy law, and the core components you need to know when creating a compliant privacy management program for your organization.

Both For-profit organizations and non-profit organizations follow the same requirements to meet compliance. Non-profits are quite often surprised to find that they collect more personal information – and in many cases more sensitive personal information – than for-profit organizations. This is because they have more “data subjects” – or categories of people – that they collect information from.


Chapter 1 (modules 1-3)
•   The importance of a PMP
•   To understand the role of a Privacy Officer
•   How to get organizational support for your PMP
•   Understand the essential components of a PMP (Program Controls)

Chapter 2 (modules 4-7)
•   Respond to access requests
•   Respond to requests to make changes to personal information
•   Address privacy questions, concerns and complaints

Chapter 3 (modules 8-11)
•   Create the Personal Information Inventory
•   Establish sound privacy policies
•   Establish sound risk assessment tools

Chapter 4 (modules 12-16)
•   Set up and maintain an effective privacy training program
•   Contain and manage a privacy breach
•   Engage external service providers in your privacy program
•   Communicate your privacy management program externally
•   Create an ongoing oversight and review plan for your PMP

This audio course and all associated content, templates and handouts, is the property of the Freedom of Information and Privacy Association of British Columbia, Canada (FIPA-BC), and may not be copied, shared or reproduced in any way without written permission of FIPA-BC.   The use of handouts and templates is permitted solely for the purchaser of this course.

The course was written by Marilyn Sing, Certified Information Privacy Professional (CIPP/C), Principal at IPP Consulting Inc.
Website:    Contact:

Creative writing and audio production of this course by ProDio Audio Learning Inc.
Website:    Contact:

Ranee Parker - Copywriter, Editor, Layout and Design

With special thanks to Michael McEvoy, Information and Privacy Commissioner for British Columbia (BC), and the BC Office of the Information and Privacy Commissioner (OIPC BC).

VOICEOVER CAST - Thanks to our professional voice actors
Narrator - Angus McLeod
Agra - Emma O'Neill
Heather - Carrie Olsen
Marilyn - Christine Cullingworth
Paul / Volunteer - Rob Randall
Marco - Elliot Mandelcorn
Judy - Claudine Guild
Mom - Dani States
Naya - Christy Fabbri 



3.25 Hours

CPD Points


Course Content:

Please purchase course to view content