Certified Information Privacy Professional (CIPP/US)
2 DAY COURSE

Certified Information Privacy Professional (CIPP/US) covers U.S. government privacy laws, regulations and policies specific to government practice, as well as those more broadly applicable to the public and private sectors in the U.S. In this CIPP course, you gain an understanding of government-standard practices for privacy program development and management, privacy compliance and auditing, records management and agency reporting obligations for privacy.

The Certified Information Privacy Professional (CIPP/US) is based on the body of knowledge for the IAPP’s ANSI-accredited Certified Information Privacy Professional/ U.S. (CIPP/US) certification program. The content is based on the body of knowledge for the IAPP’s globally recognized Information Privacy Professional/U.S. Government (CIPP/US) certification program.

Certified Information Privacy Professional (CIPP/US) Benefits

• In this certification course, you will:

  • Gain a foundational understanding of broad global concepts of privacy and data protection law and practice.
  • Gain knowledge of jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; and legal requirements for handling and transferring data.
  • Understand the limits on Private-sector Collection and Use of Data.
  • Understand the Government and Court Access to Private-sector Information, Workplace Privacy and State Privacy Laws.

• Prerequisites

  No prerequisites, but we recommend all potential test takers to read the IAPP Privacy Certification Handbook 2018 before attending.

• Exam Information

  This is an exam prep course for the Information Privacy Professional/U.S. Government (CIPP/US) certification program. Key concepts are covered with a timed practice test, followed by a review of the answers led by your instructor. Students also receive an exam blueprint that gives the approximate number of questions from each topic area on the exam.

CIPP Training Course Outline

MODULE 1: Fundamentals of Information Privacy

Unit 1: Common Principles and Approaches to Privacy

• Discuss the modern history of privacy
• Introduction to types of information
• Overview of information risk management and a summary of modern privacy principles

Unit 2: Jurisdiction and Industries

• Introduction to the major privacy models employed around the globe
• Overview of privacy and data protection regulation by jurisdictions and industry sectors

Unit 3: Information Security: Safeguarding Personal Information

• Introductions to information security, including definitions, elements, standards and threats/vulnerabilities
• Introductions to information security management and governance, including frameworks, controls, cryptography and identity and access management (IAM)

Unit 4: Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies

• Examines the web as a platform, as well as privacy considerations for sensitive online information, including policies and notices, access, security, authentication and data collection
• Explore additional topics include children’s online privacy, email, searches, online marketing and advertising, social media, online assurance, cloud computing and mobile devices

MODULE 2: U.S. Government Privacy

Unit 1: U.S. Government Privacy Laws

• Review of U.S. Government privacy definitions and principles, and then proceeds to examine two key laws for federal practice: The Privacy Act of 1974, including Systems of Records Notices (SORNs); and the E-Government Act, which includes Privacy Impact Assessments (PIAs)
• Reviews of laws and regulations affecting government privacy practice, as well as laws that affect both the public and private sectors. It continues with discussions about privacy and the intelligence community, federal identity management and authentication, data sharing while protecting privacy and records management

Unit 2: U.S. Government Privacy Practices

• Focus on adequately protecting government information, leadership responsibilities, information security (including the National Institute of Standards and Technology (NIST) risk management framework), and “Appendix J” reporting incidents involving personally identifiable information, compliance monitoring and audits and workforce management