private sector privacy

US Private-Sector Privacy (CIPP/US Exam Prep)

In business, personal data is a valuable asset. Every day it is being accessed, shared, managed, and transferred by people within your organization - in all departments and at all levels. Unless you have a solid plan accounting for the considerations and challenges involved in managing personal data, you risk a data breach, diminished customer trust, and possible enforcement action.

UNH Professional Development & Training has partnered with IAPP to provide training to meet your privacy program goals of reduced risk, improved compliance, and enhanced brand loyalty.

US Private-Sector Privacy (CIPP/US Exam Prep) covers United States privacy laws and regulations at federal and state levels, including breach notification and limits on various private sectors. Participants will gain an understanding of the legal requirements for the responsible handling and transfer of personal data within industry and workplaces, including government access to private-sector data.

The training program is based on the body of knowledge for IAPP’s ANSI-accredited Certified Information Privacy Professional/U.S. (CIPP/US) certification program and offers a robust opportunity to learn about critical privacy concepts that are also integral to the CIPP/US exam. While not purely a “test prep” course, this training is appropriate for professionals who plan to certify, as well for those who want to deepen their privacy knowledge. Both the training and the exam are based on the same body of knowledge.

Program enrollment includes: Digital copy of the course textbook; CIPP/US certification exam sample questions; Voucher to sit for the CIPP/US certification exam; 1 year IAPP membership.

You might also be interested in:

What You Will Learn


US Private-Sector Privacy (CIPP/US Exam Prep)

Module 1: Introduction to Privacy

  • Discusses the modern history of privacy, an introduction to personal information, an overview of data protection roles and a summary of modern privacy frameworks

Module 2: Structure of U.S. Law

  • Reviews the structure and sources of U.S. law and relevant terms, and introduces governmental bodies that have privacy and information security authority

Module 3: General Data Protection Regulation Overview

  • Presents a high-level overview of the GDPR, discuss the significance of the GDPR to U.S. organizations, and summarizes the roles and responsibilities outlined in the law

Module 4: California Consumer Privacy Act of 2018

  • Presents a high-level overview of the newly passed California Consumer Privacy Act of 2018, including scope, consumer rights, business obligations and enforcement

Module 5: Enforcement of U.S. Privacy and Security Laws

  • Distinguishes between criminal and civil liability, presents theories of legal liability and describes the enforcement powers and responsibilities of government bodies, such as the FTC and state attorneys general

Module 6: Information Management from a U.S. Perspective

  • Explores the development of a privacy program and the role of privacy professionals, discusses vendor management and examines data collection, classification and retention

Module 7: Federal Versus State Authority

  • Compares federal and state authority and discusses preemption

Module 8: Healthcare

  • Describes privacy laws in healthcare, including the major components of HIPAA and the development of HITECH, and outlines privacy protections mandated by other significant healthcare laws

Module 9: Financial Privacy

  • Outlines the goals of financial privacy laws, highlights key concepts of FCRA, FACTA and GLBA, and discusses the Red Flags Rule, Dodd-Frank and consumer protection laws

Module 10: Education

  • Outlines the privacy rights and protections under FERPA, as well as recent amendments provided by PPRA and NCLBA

Module 11: Telecommunications and Marketing

  • Explores rules and regulations of telecommunications entities, reviews laws that govern marketing, and briefly discusses how privacy is addressed in the digital advertising realm

Module 12: Law Enforcement and Privacy

  • Summarizes privacy laws on intercepting communication, including how the telecommunications industry must cooperate with law enforcement, and outlines laws that assure rights to financial privacy

Module 13: National Security and Privacy

  • Further explores rules and regulations on intercepting communication, including how the laws have evolved and how government agencies and private companies work collaboratively to improve cybersecurity

Module 14: Civil Litigation and Privacy

  • Discusses privacy issues related to litigation including electronic discovery, redaction and protective orders, and briefly compares U.S. discovery rules to foreign laws

Module 15: Legal Overview of Workplace Privacy

  • Describes federal and state laws that regulate and protect employee privacy, as well as federal laws that prohibit discrimination

Module 16: Privacy Before, During and After Employment

  • Examines the lifecycle of employee privacy including background screening, employee monitoring, investigating misconduct and termination; outlines antidiscrimination laws; and discusses “bring your own device” policies

Module 17: State Data Security Laws

  • Identifies state laws that impact data security, reviews Social Security number use regulation and discusses laws governing data destruction

Module 18: Data Breach Notification Laws

  • Summarizes the scope of state data breach notification law, highlights the nine elements of state data breach notification laws and notes major differences in state laws

Tools & Materials


US Private-Sector Privacy (CIPP/US Exam Prep)

Program enrollment includes:

  • Self-paced Online Format
  • Digital copy of the course textbook, U.S. Private-Sector Privacy, Second Edition
  • CIPP/US certification exam sample questions;
  • Voucher to sit for the CIPP/US certification exam;
  • A 1 year IAPP membership.

Students will need a computer with internet access to participate.  A computer webcam and microphone is helpful, but not required.  All online programs will take place on Zoom with enrolled students receiving login information via email a few days in advance of the program date.

Instructor Bios


US Private-Sector Privacy (CIPP/US Exam Prep)

  • Janelle Hsia

    Janelle Hsia

    Privacy SWAN Consulting is a training and consulting company with a history of helping companies succeed; we help you Sleep Well At Night (SWAN).  President and Founder of Privacy SWAN Consulting, Janelle Hsia focuses on privacy and security while bringing a diverse background in leadership, business, security, privacy, and technology spanning over 20 years.  Her experience integrating privacy with security and technology helps companies operationalize their privacy and security requirements thus helping them build customer trust.  Her passion is creating comprehensive and tailored data protection and privacy programs for SMBs with a global presence. She is an International Association of Privacy Professionals (IAPP) Official Training Partner, on the Board of Directors for Cloud Security Alliance (CSA) of Colorado, an ISSA National Privacy Special Interest Group Tri-Chair, and is a member of both ISACA and PMI.  She holds the following certifications CIPM, CIPT, CIPP/US/E, CISA, PMP, and GSLC.

This course is currently unavailable.