Data is a valuable business asset, it is being accessed, shared, managed, and transferred by people everyday in your organisation, in all departments. IAPP training can provide you or your staff with the knowledge they need to meet your privacy obligations, reduce risks, and improve compliance – all of which improve stakeholder trust, brand loyalty, and have other positive impacts on your business. 

This IAPP certified training course provides privacy and data protection knowledge specifically designed to improve the knowledge of you or your team members who require a solid understanding of U.S privacy principles and practices. 

The training is based on the body of knowledge for the IAPP’s ANSI-accredited Certified Information Privacy Professional / U.S (CIPP/US)

Course Topics:

Module 1: Introduction to Privacy 

Discusses the modern history of privacy, an introduction to personal information, an overview of data protection roles and a summary of modern privacy frameworks. 

Module 2: Structure of U.S. law

Reviews the structure and sources of U.S law and relevant terms and introduces governmental bodies that have privacy and information security authority. 

Module 3: General Data Protection Regulation (GDPR) overview

Presents a high-level overview of the GDPR, discusses the significance of the GDPR to U.S. organisations and summarises the roles and responsibilities outlined in the law. 

Module 4: California Consumer Privacy Act of 2018 (CCPA)

Presents a high-level overview of the newly passed California Consumer Privacy Act of 2018, including scope, consumer rights, business obligations and enforcement. 

Module 5: Enforcement of U.S. Privacy and Security laws

Distinguishes between criminal and civil liability, compares federal and state authority, presents theories of legal liability and describes the enforcement powers and responsibilities of government bodies, such as the FTC and state attorneys general. 

Module 6: Information Management from a U.S. perspective 

Explores the development of a privacy program, reviews the role of privacy professionals and accountability, discusses employee training, user preferences, vendor management, and examines data classification. 

Module 7: Federal Versus State Authority 

Compares federal and state authority and discusses preemption. 

Module 8: Healthcare

Describes privacy laws in healthcare, including the major components of HIPAA and the development of HITECH, and outlines privacy protections mandated by other significant healthcare laws. 

Module 9: Financial Privacy 

Outlines the goals of financial privacy laws, highlights key concepts of FCRA, FACTA, and GLBA, and discusses the Red Flags Rule, Dodd-Frank and consumer protection laws. 

Module 10: Education

Outlines the privacy rights and protections under FERPA, as well as recent amendments provided by PPRA and NCLBA. 

Module 11: Telecommunications and Marketing 

Explores rules and regulations of telecommunications entities, reviews laws that govern marketing, and briefly discusses how privacy is addressed in the digital advertising realm. 

Module 12: Law Enforcement and Privacy 

Summarises privacy laws on intercepting communications, including how the telecommunications industry must cooperate with law enforcement, and also outlines laws that ensure rights to financial privacy. 

Module 13: National Security and Privacy 

Further explores rules and regulations on intercepting communications, including how the laws have evolved and how government agencies and private companies work collaboratively to improve cyber security. 

Module 14: Civil Litigation and Privacy 

Discusses privacy issues related to litigation including electronic discovery, redaction and protective orders, and briefly compares U.S. discovery rules to foreign laws. 

Module 15: Legal Overview of Workplace Privacy 

Describes federal and state laws that regulate and protect employee privacy, as well as federal laws that prohibit discrimination. 

Module 16: Privacy Before, During and After Employment 

Examines the lifecycle of employee privacy including background screening, employee monitoring, investigating misconduct and termination; outlines antidiscrimination laws; and discussed “bring your own device” policies. 

Module 17: State Data Security Laws 

Identifies state laws that impact data security, reviews Social Security number use regulation and discusses laws governing data destruction. 

Module 18: Data Breach Notification Laws 

Summarises the scope of state data breach notification law, highlights the nine elements of state data breach notification laws and notes major differences in state laws.