The Principles of Privacy in the U.S: CIPP/US Private Sector course covers U.S. privacy laws and regulations at federal and state levels, including breach notification and limits on various private sectors. Youâ€™ll leave with an understanding of the legal requirements for the responsible handling and transfer of personal data within industry and workplaces, including government access to private-sector data.
The training is based on the body of knowledge for the IAPPâ€™s ANSI-accredited Certified Information Privacy Professional/ U.S. (CIPP/US) certification program.
Founded in 2000, the IAPP is the worldâ€™s largest and most comprehensive privacy resource with a mission to define, support and improve the privacy profession globally. Data is one of your most valuable assets â€“ every day it is being accessed, shared, managed and transferred by people in your organizationâ€”in all departments and at all levels. Unless your employees have a solid understanding of the considerations and challenges involved in managing data, you risk a data breach, diminished customer trust and possible enforcement action.
IAPP training can provide your staff with the knowledge they need to help you meet your privacy program goals of reduced risk, improved compliance, enhanced brand loyalty and more. The IAPP offers privacy and data protection training programs specifically designed to extend that knowledge to those on your team requiring a solid understanding of privacy principles and practices.
MODULE 1: Fundamentals of Information Privacy
- Unit 1: Common Principles and Approaches to Privacy. This unit includes a brief discussion of the modern history of privacy, an introduction to types of information, an overview of information risk management and a summary of modern privacy principles.
- Unit 2: Jurisdiction and Industries. Â This unit introduces the major privacy models employed around the globe and provides an overview of privacy and data protection regulation by jurisdictions and industry sectors.
- Unit 3: Information Security: Safeguarding Personal Information. This unit presents introductions to information security, including definitions, elements, standards and threats/ vulnerabilities, as well as introductions to information security management and governance, including frameworks, controls, cryptography and identity and access management (IAM).
- Unit 4: Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies. This unit discusses the web as a platform, as well as privacy considerations for sensitive online information, including policies and notices, access, security, authentication and data collection. Additional topics include childrenâ€™s online privacy, email, searches, online marketing and advertising, social media, online assurance, cloud computing and mobile devices.
MODULE 2: United States Private Sector
- Unit 1: U.S. Privacy Environment. This unit covers the structure of U.S. law, the enforcement of U.S. privacy and security laws and information management from a U.S. perspective.
- Unit 2: Limits on Private-sector Collection and Use of Data. This unit examines limits in the sectors of medicine, finance, education, telecommunications and marketing, as well as cross-sector privacy protection by the Federal Trade Commission.
- Unit 3: Government and Court Access to Private-sector Information. This unit introduces privacy law and practice in law enforcement, national security and civil litigation.
- Unit 4: Workplace Privacy. This unit includes an introduction to workplace privacy and more detailed privacy considerations before, during and after employment, including background checks, employee monitoring, investigation of employee misconduct and termination of the employment relationship.
- Unit 5: State Privacy Laws. This final section of the U.S. private-sector privacy program examines U.S. state laws related to marketing, financial data, data security and breach notification.
The CIPP/U.S. Private Sector course is designed for those involved in:
- Risk Management/ Compliance/Audit
- Database Administration
- Network Operations Center (NOC)
- Security Operations Center (SOC)
- Human Resources
- Sales and Marketing
- Executive office
- Anyone who uses, processes and maintains personal data.