Certified Information Privacy Professional (CIPP/US)

Principles of Privacy in the U.S. Private Sector covers U.S. privacy laws and regulations at federal and state levels, including breach notification and limits on various private sectors. You’ll leave with an understanding of the legal requirements for the responsible handling and transfer of personal data within industry and workplaces, including government access to private-sector data.

The training is based on the body of knowledge for the IAPP’s ANSI-accredited Certified Information Privacy Professional/ U.S. (CIPP/US) certification program.

This course may earn a Credly Badge.

Skip to Available Dates

Learning Objectives

It will show the world that students know privacy laws and regulations and how to apply them, and that students know how to secure your place in the information economy. When students earn a CIPP credential, it means they’ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more.


Course Details

Course Outline

1 - Introduction to privacy
  • Modern history of privacy
  • Introduction to personal information
  • Overview of data protection roles
  • Summary of modern privacy frameworks
  • 2 - Structure of U.S. law
  • Structure and sources of U.S. law and relevant terms
  • Governmental bodies having privacy and information security authority
  • 3 - General Data Protection Regulation overview (GDPR)
  • High-level overview of the GDPR
  • Significance of the GDPR to U.S. organizations
  • Roles and responsibilities outlined in the law
  • 4 - California Consumer Privacy Act of 2018 (CCPA)
  • High-level overview of the newly passed California Consumer Privacy Act of 2018
  • Scope
  • Consumer rights
  • Business obligations
  • Enforcement
  • 5 - Enforcement of U.S. privacy and security laws
  • Distinguishing between criminal and civil liability
  • Comparing federal and state authority
  • Theories of legal liability
  • Enforcement powers and responsibilities of government bodies, such as the FTC and state attorneys general
  • 6 - Information management from a U.S. perspective
  • Developing a privacy program
  • Role of privacy professionals and accountability
  • Employee training
  • User preferences
  • Managing vendors
  • Data classification
  • 7 - Federal versus state authority
  • Differences between federal and state authority
  • Preemption
  • 8 - Healthcare
  • Privacy laws in healthcare
  • Major components of HIPAA
  • Development of HITECH
  • Privacy protections mandated by other significant healthcare laws
  • 9 - Financial privacy
  • Goals of financial privacy laws
  • Key concepts of FCRA, FACTA and GLBA
  • Red Flags Rule, Dodd-Frank and consumer protection laws
  • 10 - Education
  • Privacy rights and protections under FERPA
  • Recent amendments provided by PPRA and NCLBA
  • 11 - Telecommunications and marketing
  • Rules and regulations of telecommunications entities
  • Laws that govern marketing
  • Addressing privacy in the digital advertising
  • 12 - Law enforcement and privacy
  • Privacy laws on intercepting communication
  • Telecommunications industry and law enforcement
  • Laws ensuring rights to financial privacy
  • 13 - National security and privacy
  • Rules and regulations on intercepting communication
  • Evolution of the law
  • Collaboration of government agencies and private companies to improve cybersecurity
  • 14 - Civil litigation and privacy
  • Privacy issues related to litigation
  • Electronic discovery, redaction and protective orders
  • U.S. discovery rules versus foreign laws
  • 15 - Legal overview of workplace privacy
  • Federal and state laws regulating and protecting employee privacy
  • Federal laws prohibiting discrimination
  • 16 - Privacy before, during and after employment
  • Lifecycle of employee privacy
  • Background screening
  • Employee monitoring
  • Investigating misconduct and termination
  • Antidiscrimination laws
  • “Bring your own device” policies
  • 17 - State data security laws
  • State laws impacting data security
  • Social Security number use regulation
  • Laws governing data destruction
  • 18 - Data breach notification laws
  • Scope of state data breach notification law
  • Nine elements of state data breach notification laws
  • Major differences in state laws
  • Actual course outline may vary depending on offering center. Contact your sales representative for more information.

    Who is it For?

    Target Audience

    Data Protection Officers

    Data Protection Managers


    Legal Compliance Officers

    Security Manager

    Information Managers

    Anyone involved with data protection processes and programs

    Certified Information Privacy Professional (CIPP/US)

    Course Length : 2 Days

    Many of our courses are subsidised by HRDA up to 80% and are split over multiple sessions. Please contact us to provide you with a quote

    1. Choose a Date | 2. Click Enroll Now

    Need Help Picking the Right Course? Give us a call! 22 251180