Certified Information Privacy Professional (CIPP/US)

Principles of Privacy in the U.S. Private Sector covers U.S. privacy laws and regulations at federal and state levels, including breach notification and limits on various private sectors. You’ll leave with an understanding of the legal requirements for the responsible handling and transfer of personal data within industry and workplaces, including government access to private-sector data.

The training is based on the body of knowledge for the IAPP’s ANSI-accredited Certified Information Privacy Professional/ U.S. (CIPP/US) certification program.

Skip to Available Dates

Learning Objectives

It will show the world that students know privacy laws and regulations and how to apply them, and that students know how to secure your place in the information economy. When students earn a CIPP credential, it means they’ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more.


Course Details

Course Outline

1 - Introduction to privacy
  • Discusses the modern history of privacy, an introduction to personal information, an overview of data protection roles and a summary of modern privacy frameworks.
  • 2 - Structure of U.S. law
  • Reviews the structure and sources of U.S. law and relevant terms, and introduces governmental bodies that have privacy and information security authority.
  • 3 - General Data Protection Regulation overview
  • Presents a high-level overview of the GDPR, discuss the significance of the GDPR to U.S. organizations, and summarizes the roles and responsibilities outlined in the law.
  • 4 - Enforcement of U.S. privacy and security laws
  • Distinguishes between criminal and civil liability, presents theories of legal liability and describes the enforcement powers and responsibilities of government bodies, such as the FTC and state attorneys general.
  • 5 - Information management from a U.S. perspective
  • Explores the development of a privacy program and the role of privacy professionals, discusses vendor management and examines data collection, classification and retention.
  • 6 - Federal versus state authority
  • Compares federal and state authority and discusses preemption.
  • 7 - Healthcare
  • Describes privacy laws in healthcare, including the major components of HIPAA and the development of HITECH, and outlines privacy protections mandated by other significant healthcare laws.
  • 8 - Financial privacy
  • Outlines the goals of financial privacy laws, highlights key concepts of FCRA, FACTA and GLBA, and discusses the Red Flags Rule, Dodd-Frank and consumer protection laws.
  • 9 - Education
  • Outlines the privacy rights and protections under FERPA, as well as recent amendments provided by PPRA and NCLBA.
  • 10 - Telecommunications and marketing
  • Explores rules and regulations of telecommunications entities, reviews laws that govern marketing, and briefly discusses how privacy is addressed in the digital advertising realm.
  • 11 - Law enforcement and privacy
  • Summarizes privacy laws on intercepting communication, including how the telecommunications industry must cooperate with law enforcement, and outlines laws that assure rights to financial privacy.
  • 12 - National security and privacy
  • Further explores rules and regulations on intercepting communication, including how the laws have evolved and how government agencies and private companies work collaboratively to improve cybersecurity.
  • 13 - Civil litigation and privacy
  • Discusses privacy issues related to litigation including electronic discovery, redaction and protective orders, and briefly compares U.S. discovery rules to foreign laws.
  • 14 - Legal overview of workplace privacy
  • Describes federal and state laws that regulate and protect employee privacy, as well as federal laws that prohibit discrimination.
  • 15 - Privacy before, during and after employment
  • Examines the lifecycle of employee privacy including background screening, employee monitoring, investigating misconduct and termination; outlines antidiscrimination laws; and discusses “bring your own device” policies.
  • 16 - State data security laws
  • Identifies state laws that impact data security, reviews Social Security number use regulation and discusses laws governing data destruction.
  • 17 - Data breach notification laws
  • Summarizes the scope of state data breach notification law, highlights the nine elements of state data breach notification laws and notes major differences in state laws.
  • Actual course outline may vary depending on offering center. Contact your sales representative for more information.

    Who is it For?

    Target Audience

    Data Protection Officers

    Data Protection Managers


    Legal Compliance Officers

    Security Manager

    Information Managers

    Anyone involved with data protection processes and programs

    Certified Information Privacy Professional (CIPP/US)

    Course Length : 2 Days

    1. Choose a Date | 2. Click Enroll Now

    Need Help Picking the Right Course? Give us a call! 614-798-1000