For a better experience, click the Compatibility Mode icon above to turn off Compatibility Mode, which is only for viewing older websites.

Certified Information Privacy Professional/United States (CIPP/US)

CIPP/US LogoThe Certified Information Privacy Professional/United States (CIPP/US) program was the first professional certification ever to be offered in information privacy. The CIPP/US credential demonstrates a strong foundation in U.S. privacy laws and regulations and understanding of the legal requirements for the responsible transfer of sensitive personal data to/from the U.S., the EU and other jurisdictions.

The CIPP/US program was developed by the International Association of Privacy Professionals (IAPP), which is the world’s largest comprehensive global information privacy community and resource. The CIPP/US certification also holds accreditation under ISO 17024: 2012.


What can the CIPP do for you?

It will show the world that you know privacy laws and regulations and how to apply them, and that you know how to secure your place in the information economy. When you earn a CIPP credential, it means you’ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more.

Who should attend?

  • Data Protection Officers
  • Data Protection Managers
  • Auditors
  • Legal Compliance Officers
  • Security Manager
  • Information Managers
  • Anyone involved with data protection processes and programs

What will you learn?

Module 1: Introduction to privacy Discusses the modern history of privacy, an introduction to personal information, an overview of data protection roles and a summary of modern privacy frameworks
Module 2: Structure of U.S. law Reviews the structure and sources of U.S. law and relevant terms, and introduces governmental bodies that have privacy and information security authority
Module 3: General Data Protection Regulation overview Presents a high-level overview of the GDPR, discuss the significance of the GDPR to U.S. organizations, and summarizes the roles and responsibilities outlined in the law
Module 4: Enforcement of U.S. privacy and security laws Distinguishes between criminal and civil liability, presents theories of legal liability and describes the enforcement powers and responsibilities of government bodies, such as the FTC and state attorneys general
Module 5: Information management from a U.S. perspective Explores the development of a privacy program and the role of privacy professionals, discusses vendor management and examines data collection, classification and retention
Module 6: Federal versus state authority Compares federal and state authority and discusses preemption
Module 7: Healthcare Describes privacy laws in healthcare, including the major components of HIPAA and the development of HITECH, and outlines privacy protections mandated by other significant healthcare laws
Module 8: Financial privacy Outlines the goals of financial privacy laws, highlights key concepts of FCRA, FACTA and GLBA, and discusses the Red Flags Rule, Dodd-Frank and consumer protection laws
Module 9: Education Outlines the privacy rights and protections under FERPA, as well as recent amendments provided by PPRA and NCLBA
Module 10: Telecommunications and marketing Explores rules and regulations of telecommunications entities, reviews laws that govern marketing, and briefly discusses how privacy is addressed in the digital advertising realm
Module 11: Law enforcement and privacy Summarizes privacy laws on intercepting communication, including how the telecommunications industry must cooperate with law enforcement, and outlines laws that assure rights to financial privacy
Module 12: National security and privacy Further explores rules and regulations on intercepting communication, including how the laws have evolved and how government agencies and private companies work collaboratively to improve cybersecurity
Module 13: Civil litigation and privacy Discusses privacy issues related to litigation including electronic discovery, redaction and protective orders, and briefly compares U.S. discovery rules to foreign laws
Module 14: Legal overview of workplace privacy Describes federal and state laws that regulate and protect employee privacy, as well as federal laws that prohibit discrimination
Module 15: Privacy before, during and after employment Examines the lifecycle of employee privacy including background screening, employee monitoring, investigating misconduct and termination; outlines antidiscrimination laws; and discusses “bring your own device” policies
Module 16: State data security laws Identifies state laws that impact data security, reviews Social Security number use regulation and discusses laws governing data destruction
Module 17: Data breach notification laws Summarizes the scope of state data breach notification law, highlights the nine elements of state data breach notification laws and notes major differences in state laws

Free Training: California Consumer Privacy Act (CCPA)

Sign up for any of our live online IAPP privacy classes and you’ll receive free access to CCPA training material — eight continually updated modules that explore critical issues for operationalizing the CCPA.

To date, the CCPA is the most sweeping privacy legislation ever implemented in the U.S. If your program is not compliant, you are risking the potential for harsh enforcement and fines when the grace period set by California’s attorney general runs out.