Certification Standard

The industry’s most trusted certification for engineering privacy into the design of your products and services.



Privacy by design is an international concept that has been promoted by regulators worldwide and has been adopted into laws and regulations. Until now, it has been ‘squishy’, hard to define, and difficult to implement. 

The IOPD has changed this paradigm by developing the industry’s first standard for a repeatable and comprehensive process by which a company can reduce privacy risks.  This standard is called the IOPD Design Process Standard

Introducing Design Process Standard V 1.0

It’s been four years in the making! We started the IOPD in January 2021 (after sitting around and ruminating on it since 2019) and while it took a few months to get the ball rolling once the Institute official formed, the Standards Committee spent a little over a year through 2021 and 2022 drafting, discussing, editing, reediting, soliciting and responding to public comments, and we eventually created the 1st iteration of what we hope will become a gold standard in Privacy by Design.

We are on the hunt for organizations that would like to adhere to the standard and apply as an early adopter for certification. 

Standards Adoption

By adopting the Standard, organizations will be able to reduce the complexity of the overall design process and create significant efficiencies thereby reducing cost while increasing customer trust.

See Ann Cavoukian’s 7 Foundational Principles of Privacy by Design for information on the implementation and mapping of fair information practices. 


"I'm delighted about the approach being taken by the Institute of Operational Privacy Design and how they can further the cause of getting organizations to proactively build privacy into their products and services. Many people at the IOPD have been tireless advocates for Privacy by Design and it is wonderful to see their vision come to realization."
Ann Cavoukian
Creator of Privacy by Design
Visual diagram showing the relationship between the design process standard and the product, service and business process standard and how the former feeds into the latter.

This is only the first of two planned standards:

This standard covers the design process by which an organization designs it products, services or even other business process. The goal of this standard is to ensure privacy is a forethought in the design. The second standard, which we’ll be working on this year, will cover the end result – the product, service or business process – ensuring that it does, in fact, reduce privacy risks to an acceptable level. In theory, any product, service or business process designed and developed using the design standard, should result in meeting the subsequent standard, though the latter will have more rigorous risk tolerances included.

Early Adopters

Apply the Design Process Standard to Your Organization!

Showcase Your Best

We promote the IOPD Process Design Standard which allows your organization an opportunity to showcase your business processes,  products, and services that have proven to provide sufficient safeguards against privacy harms and obtaining a certification for it.

Design Process Standard Launch Webinar Recording Available!

We are thrilled to announce the release of the highly anticipated recording for the Institute of Operational Privacy Design (IOPD) Design Process Standard Launch Webinar! If you missed the live event or want to revisit the insightful discussions, now is your chance to catch up on all the valuable information shared by industry experts and thought leaders.

Read More »

Introducing the Design Process Standard (v 1.0)

It’s been four years in the making! The Standards Committee spent over a year drafting, discussing, editing, reediting, soliciting and responding to public comments, and we eventually created the 1st iteration of what we hope will become a gold standard in Privacy by Design.

Read More »

Contact IOPD

We are always pleased to hear from you!
The IOPD opens its arms proudly to people passionate about privacy.
Reach out with questions, comments, and concerns or just to start a conversation...

We are seeking to fill two unpaid positions as members of the IOPD Board of Directors. Terms run for 2 years from appointment. Appointments may be renewed.