top of page

CIPP Certification
Learn to Navigate the Details of US Privacy Law with Skill and Confidence

About the CIPP

The IAPP offers the most encompassing, up-to-date and sought-after global training and certification program for privacy and data protection. The Certified Information Privacy Professional (CIPP) helps organizations around the world bolster compliance and risk mitigation practices, and arms practitioners with the insight needed to add more value to their businesses.


What you'll learn

The CIPP/US curriculum provides an in-depth view of U.S. federal and state privacy statutes; detailed analysis of sectoral laws, civil and criminal enforcement; and an overview of the EU’s General Data Protection Regulation and the California Consumer Privacy Act.


Who should attend

Professionals who need in-depth knowledge of the U.S. privacy environment for compliance and other privacy management responsibilities. CIPP/US training will elevate your career prospects and help to prepare you for CIPP/US certification testing.


This training is a robust opportunity to learn about critical privacy concepts that are also integral to the CIPP/US exam. While not purely a “test prep” course, this training is appropriate for professionals who plan to certify, as well for those who want to deepen their privacy knowledge. Both the training and the exam are based on the same body of knowledge.

  • Module 1: Introduction to privacy
    Discusses the modern history of privacy, an introduction to personal information, an overview of data protection roles, and a summary of modern privacy frameworks
  • Module 2: Structure of U.S. law
    Reviews the structure and sources of U.S. law and relevant terms and introduces governmental bodies that have privacy and information security authority
  • Module 3: Security Architecture and Engineering
    Module 3 Notes Security Architecture and Engineering pt.1 Security Architecture and Engineering pt.2 Security Architecture and Engineering pt.3 Security Architecture and Engineering Summary Security Architecture and Engineering Test Prep pt.1 Security Architecture and Engineering Test Prep pt.2 Security Architecture and Engineering Test Prep pt.3
  • Module 3: General Data Protection Regulation overview (GDPR)
    Presents a high-level overview of the GDPR, discusses the significance of the GDPR to U.S. organizations, and summarizes the roles and responsibilities outlined in the law
  • Module 4: California Consumer Privacy Act of 2018 (CCPA)
    Presents a high-level overview of the newly passed California Consumer Privacy Act of 2018, including scope, consumer rights, business obligations and enforcement
  • Module 5: Enforcement of U.S. privacy and security laws
    Distinguishes between criminal and civil liability, compares federal and state authority, presents theories of legal liability, and describes the enforcement powers and responsibilities of government bodies, such as the FTC and state attorneys general
  • Module 6: Information management from a U.S. perspective
    Explores the development of a privacy program, reviews the role of privacy professionals and accountability, discusses employee training, user preferences, vendor management, and examines data classification
  • Module 7: Healthcare
    Describes privacy laws in healthcare, including the major components of HIPAA and the development of HITECH, and outlines privacy protections mandated by other significant healthcare laws
  • Module 8: Financial privacy
    Outlines the goals of financial privacy laws, highlights key concepts of FCRA, FACTA and GLBA, and discusses the Red Flags Rule, Dodd-Frank and consumer protection laws
  • Module 9: Education
    Outlines the privacy rights and protections under FERPA, as well as recent amendments provided by PPRA and NCLBA
  • Module 10: Telecommunications and marketing
    Explores rules and regulations of telecommunications entities, reviews laws that govern marketing and briefly discusses how privacy is addressed in the digital advertising realm
  • Module 11: Law enforcement, civil litigation and privacy"
    Relates the Fourth Amendment with expectations of privacy; outlines laws that ensure rights to financial privacy; describes laws around accessing and intercepting communication, including how the telecommunications industry must cooperate with law enforcement; and discusses privacy issues related to litigation, including electronic discovery, redaction and protective orders
  • Module 12: National security and privacy
    Further explores rules and regulations on intercepting communication, including how the laws have evolved and how government agencies and private companies work collaboratively to improve cybersecurity
  • Module 13: Workplace privacy
    Describes federal and state laws that regulate and protect employee privacy, as well as federal laws that prohibit discrimination; examines the lifecycle of employee privacy, including background screening, employee monitoring, investigating misconduct and termination
  • Module 14: State data security and breach notification laws
    Identifies state laws that impact data security, reviews Social Security number use regulation, and discusses laws governing data destruction; summarizes the scope of state data breach notification law, highlights the nine elements of state data breach notification laws and notes major differences in state laws
Image by Headway


“Took the CIPP training program and passed the exam. Great value compared to other training options. Highly recommended.”

About the Online Training 

Chock-full of rich imagery, video, and text, the training is a robust, self-paced course. It incorporates IAPP faculty presentations, engaging interactions, and annotated quizzes to guide you through U.S. privacy law and practice in an easy-to-follow, thorough format.

What is included? 

CIPP Training Program

Exam Voucher 

Training Program Textbooks

1 year of AIPP membership

Practice exam & Quizzes 


Thanks for submitting!

bottom of page