Certified Information Privacy Professional (CIPP/US)
The Certified Information Privacy Professional/United States (CIPP/US) program, developed by the International Association of Privacy Professionals (IAPP) – the world’s largest comprehensive global information privacy community and resource, was the first professional certification ever to be offered in information privacy. The CIPP/US credential demonstrates a strong foundation in U.S. privacy laws and regulations and understanding of the legal requirements for the responsible transfer of sensitive personal data to/from the U.S., the EU and other jurisdictions. This course will provide you with a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more.
Course Objectives
It will show the world that students know privacy laws and regulations and how to apply them, and that students know how to secure your place in the information economy. When students earn a CIPP credential, it means they’ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including:
- jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more.
Agenda
- Modern history of privacy
- Introduction to personal information
- Overview of data protection roles
- Summary of modern privacy frameworks
- Structure and sources of U.S. law and relevant terms
- Governmental bodies having privacy and information security authority
- High-level overview of the GDPR
- Significance of the GDPR to U.S. organizations
- Roles and responsibilities outlined in the law
- High-level overview of the newly passed California Consumer Privacy Act of 2018
- Scope
- Consumer rights
- Business obligations
- Enforcement
- Distinguishing between criminal and civil liability
- Comparing federal and state authority
- Theories of legal liability
- Enforcement powers and responsibilities of government bodies, such as the FTC and state attorneys general
- Developing a privacy program
- Role of privacy professionals and accountability
- Employee training
- User preferences
- Managing vendors
- Data classification
- Differences between federal and state authority
- Preemption
- Privacy laws in healthcare
- Major components of HIPAA
- Development of HITECH
- Privacy protections mandated by other significant healthcare laws
- Goals of financial privacy laws
- Key concepts of FCRA, FACTA and GLBA
- Red Flags Rule, Dodd-Frank and consumer protection laws
- Privacy rights and protections under FERPA
- Recent amendments provided by PPRA and NCLBA
- Privacy laws on intercepting communication
- Telecommunications industry and law enforcement
- Laws ensuring rights to financial privacy
- Rules and regulations of telecommunications entities
- Laws that govern marketing
- Addressing privacy in the digital advertising
- Rules and regulations on intercepting communication
- Evolution of the law
- Collaboration of government agencies and private companies to improve cybersecurity
- Privacy issues related to litigation
- Electronic discovery, redaction and protective orders
- U.S. discovery rules versus foreign laws
- Federal and state laws regulating and protecting employee privacy
- Federal laws prohibiting discrimination
- Lifecycle of employee privacy
- Background screening
- Employee monitoring
- Investigating misconduct and termination
- Antidiscrimination laws
- “Bring your own device” policies
- State laws impacting data security
- Social Security number use regulation
- Laws governing data destruction
- Scope of state data breach notification law
- Nine elements of state data breach notification laws
- Major differences in state laws
FREE
Interested in course?
Course Type: Instructor Led