After the previous post and during my visit to Delhi over the last two days, I have been asked a question by a few why is that I have called C.DPO.DA. as the “Crown Jewel” of Privacy Certifications in India when there are other national and international certifications which claim the backing of some reputed and some new organizations. Some have even queried why should not the certification be as expensive as it is.
It is my duty to answer these queries without specifically mentioning any specific program. I am aware of other international organizations who are conducting Privacy Certifications. Many HR persons know only these certifications and often specify it as a requirement for recruiting DPOs or related positions in India. I donot blame the HR personnel for this mismatch but it is like a T20 cricket team selector asking “Only those persons who have scored 3 or more centuries in Tests are eligible to apply. Double centurions and Triple Centurions are preferred”.
These international certifications were developed for GDPR and DPDPA is not GDPR. A DPDPA-DPO is a different entity than DPDPA-GDPR though both relate to privacy and data protection. After all both tests and T20 is game of cricket and a century at test level is a century in a cricket game. It is more likely that a person who is well versed in GDPR often is unable to unlearn the EU principles and adapt to Indian requirement.
I therefore consider that until these organizations come up with an Indian version, they are not comparable.
The second set of certifications which we need to see are the programs conducted by consultants in India some of whom are trying to provide certification at throw away prices. I respect every professional for his knowledge and such programs are always welcome so that price is not a barrier to learning. However, if we know the value of ISO 27001 or ISO 9001 audits which are available off the shelf at a throw away price, we can guess what could be the value of the programs where certifications are easy to obtain without an evaluation of the learning.
At FDPPI we not only provide the training for which a Participation Certificate is provided, the complete certification is provided only after an online exam. The real test of proficiency is in getting through this online examination.
FDPPI has offered other Certified persons to also take up this exam at a grossly discounted rate (One set of people were given an opportunity to attempt it free). We will continue to do so in the future as FDPPI intends to develop itself only into a Certification Body and leave the training to other training partners who may either charge or provide free training.
At present since the trainings are yet to mature particularly since FDPPI programs donot end up with the coverage of law but extend to implementation of compliance with the DGPSI framework, FDPPI continues to conduct its own training programs. Other organizations donot have a framework like DGPSI to recommend and hence have to base their implementation suggestions on other frameworks including ISMS frameworks or GDPR related frameworks
While in due course some of these training organizations adopt DGPSI as one of the frameworks to discuss or develop a framework on their own, at this point of time there are no such frameworks and Certifications based on such frameworks in place.
It is in this context that I have called C.DPO.DA. (Certified Data Protection officer and Data Auditor) as the crown jewel of Privacy certifications. Presently the program addresses both the DPO requirements as well as the Data Auditor requirement. In the coming days when it is found necessary, it may be dub divided into two channels one exclusively for DPOs with an internal implementation focus and the other exclusively for Data Auditors with a focus on Data Audit.
I hope all professionals understand this approach of FDPPI and if they are interested, they can register themselves as “Master Trainers” for DPDPA certifications so that their trainees can automatically take the FDPPI examination and qualify for FDPPI accredited certification. It is the commitment of Naavi to keep the cost of the exam to such persons as low as feasible.
Together, let us all work towards creating a culture of DPDPA Compliance in India, the starting point of which is the Certification of professionals. If there are more Certifiers, it is better for the market. The unification of their understanding can be achieved by the common examination which FDPPI would like to offer.
Any request for further clarification in this regard is welcome.
Naavi
