Starting Sept. 30, the IAPP will deactivate the CIPP/G certification program. Before you panic: Anyone holding a CIPP/G certification in good standing as of Sept. 30, 2018, will find themselves CIPP/G-certified in perpetuity. Affected members were notified of the change by email last week.
While some may view this as an end to a focus on privacy in the U.S. public sector, those within the IAPP are taking this moment as an opportunity to reimagine how government content is best delivered to those who need it.
CIPP/G’s departure came down to numbers. As IAPP Certification Exam Director Doug Forman explained, to have a robust and meaningful exam, you need to have volume.
“The hunger for CIPP/G reflects whatever administration happens to be in charge and the emphasis they place on privacy,” Forman said, adding that keeping the certification's body of knowledge up to date became increasingly difficult as policies changed dramatically depending on the administration in office. "This inconsistency in the sector," he said, "makes it very difficult to have a certification program."
Over the past few years, CIPP/G enrollment has been on the decline. While the CIPP/E could see 500 test takers a month, and the CIPP/US could see between 200 and 300, CIPP/G was pulling single-digit numbers. Such low enrollment made it difficult to ensure the health of exam.
However, although enrollment was on the decline, there is still a recognized need for privacy knowledge among government professionals, which is why in-person training for public-sector privacy will continue after CIPP/G's end.
“While this particular product, a standalone certification program for CIPP/G, is not feasible for us to continue, that doesn’t mean there aren’t other ways that we can serve the needs in government for privacy," Forman said. "Training is committed to keeping the in-person public-sector training current. That will be updated, with limited availability, but will be able to respond to demand."
Forman said the end of the CIPP/G will not immediately impact the CIPP/US certification. "Right now, the next step is to see if any of the CIPP/G content should be added to the CIPP/US body of knowledge."
The CIPP/US still has a domain for state law, that remains unchanged. Forman said, "Unlike Europe, where their comprehensive approach to privacy laws applies to both the private and public sector, the U.S.’s sectoral approach was the impetus for the split between private and government-sector privacy law."
Because CIPP/US is an accredited exam, Forman explained that adding public-sector information is not as easy as one might imagine:
"We can't just autocratically decide to include information. We are going to have to go through a new job task analysis, see if adding information is warranted and, if so, then we have to adjust the scope."
While training will continue to support those on the path to CIPP/G certification via in-person training sessions in response to demand, the online training and the textbook will become unavailable once the certification has officially deactivated at the end of September.
IAPP Training Director Marla Berry said, “We are actually looking at the end of the CIPP/G certification program as an opportunity to fine tune the content and delivery of our U.S. government instructor-led training program so that it meets the specific needs of U.S. government privacy professionals. Privacy professionals in the public sector still need to know the fundamentals of U.S. government privacy to do their jobs well. This course gives them the opportunity to learn with engaging, up-to-date content.”
Berry added that come October, the in-person training will no longer be bound by the body of knowledge. The result, she said, is that the training team at the IAPP will be able to listen and respond to members in a more agile fashion than it would have otherwise.
While anyone who is considering a CIPP/G certification is encouraged to test before Sept. 30, Berry added that anyone interested in an in-person training should reach out directly.
Forman added, "In all of our programs, we have a pulse on what's going on and are able to immediately respond. We updated our entire CIPP/E to incorporate the EU General Data Protection Regulation, and now, when something is really shrinking before your eyes, you have to respond to programs that have had their lifecycle."
If you want to comment on this post, you need to login.