vcc.ca
CYBR 2304: Privacy and Data Protection
Effective date
September 2024
Department
Cybersecurity PDD
School
Continuing Studies
Description
In this course, students will be introduced to concepts related to privacy and data protection, including how these concepts factor into GRC and cybersecurity risk management. Students will learn about the data lifecycle, major privacy frameworks, and privacy-by-design principles. Additionally, students will utilize knowledge gained about IT risk, business risk, and various privacy frameworks, regulations, and standards to review these case studies.
Credits
3.0
Year of study
2nd Year Post-secondary
Prerequisites
CYBR 1204.
Corequisites
None
Course Learning Outcomes
Upon successful completion of this course, students will be able to:
- Discuss key privacy regulations in the context of protecting an organization and personal information
- Explain the overlapping areas between privacy risk and cybersecurity risk and related mitigating activities
- Describe the data lifecycle including associated risks and mitigations at each step
- Summarize privacy by design and how it improves organizational response to privacy risks
- Describe the process and outcomes of performing a privacy impact assessment
- Explain the steps to respond to a privacy incident including involvement of various stakeholders within an organization
- Describe various privacy threats and violations including their potential impact
- Identify privacy enhancing technologies and processes that contribute to an effective privacy risk management plan
- Explain the process of data classification and its importance in a privacy program
Prior Learning Assessment & Recognition (PLAR)
None
Hours
Lecture, Online, Seminar, Tutorial: 45
Total Hours: 45
Total Hours: 45
Instructional Strategies
Instructional strategies include classroom lectures, group work/discussions, presentations, journaling, case studies, and writing activities.
Grading System
Letter Grade (A-F)
Passing grade
C
Evaluation Plan
|
Type |
Percentage |
Assessment activity |
|
Assignments |
25-30 |
Case studies |
|
Assignments |
10-15 |
Assignments related to privacy policies and/or impact assessments |
|
Assignments |
5-10 |
Presentation |
|
Quizzes/Tests |
15 |
Multiple quizzes |
|
Reflect |
10 |
Reflection journals |
|
Final Exam |
25 |
Final exam |
Course topics
- Introduction to significant data privacy regulations
- Privacy foundational principles
- Privacy by design
- Data lifecycle (collection, use disclosure, retention, destruction)
- Calo’s harm dimensions
- Privacy threats and violations
- Data classification and inventory
- Privacy risk management
- Privacy impact assessment
- Data governance
- Data subject rights and consent management
- Privacy incident response
- Privacy enhancing technologies
- Privacy risk management
- Privacy regulations and frameworks
Notes:
- Course contents and descriptions, offerings and schedules are subject to change without notice.
- Students are required to follow all College policies including ones that govern their educational experience at VCC. Policies are available on the VCC website at:
https://www.vcc.ca/about/governance--policies/policies/. - To find out if there are existing transfer agreements for this course, visit the BC Transfer Guide at https://www.bctransferguide.ca.