CIPP/US, CIPT and CIPM Certification Training Boot Camp

InfoSec Institute’s six-day authorized CIPP/US, CIPT and CIPM boot camp provides privacy professionals with the essential knowledge and understanding of U.S. privacy laws, technology concerns, and privacy policies and frameworks necessary to successfully pass all three certification exams.

Award-Winning Training

For 20 years InfoSec has been one of the most awarded and trusted information security training vendors — 40+ industry awards!

Exam Pass Guarantee

We offer peace of mind with our Exam Pass Guarantee for Flex Pro students.

Track Record of Success

InfoSec Institute training courses have received 10,000+ 5-star reviews from our students!

CIPP/US, CIPT and CIPM Course Overview

This course is designed to prepare you for the Certified Information Privacy Professional/United States (CIPP/US), Certified Information Privacy Technologist (CIPT) and Certified Information Privacy Manager (CIPM) certification exams.

The CIPP/US certification focuses on U.S. privacy laws and regulations. You will learn about cross-sector limits on the collection and use of data and about specific regulations for the medical, financial, education, telecommunications and marketing sectors. The course also covers laws governing access to private information by law enforcement and national security agencies, issues related to workplace privacy and important state privacy laws.

The CIPT certification focuses on core privacy concepts and essential elements of embedding privacy in information technology. The course covers privacy considerations for every stage of the information life cycle as well as effective privacy-enhancing techniques and technologies, including access management, data encryption and privacy-by-design principles. You will also learn about online services and technologies with specific privacy requirements and considerations, such as social media, cloud computing, and web browser privacy and security.

The CIPM certification focuses on privacy and data protection practices in the development, measurement and improvement of a privacy program. The course covers organizational-level privacy program governance, development, implementation and measurement of a privacy program framework as well as application of the privacy operational life cycle.

Award-Winning Training

The Most Flexible Training — Guaranteed

Exam Pass Guarantee — If you don’t pass your exam on the first attempt, get a second attempt for free; includes the ability to re-sit the course for free for up to one year

100% Satisfaction Guarantee — If you’re not 100% satisfied with your training at the end of the first day, you may enroll in a different Flex Pro or Flex Classroom course

Knowledge Transfer Guarantee — If an employee leaves within three months of obtaining certification, InfoSec Institute will train a different employee at the same organization tuition-free for up to one year

What Will You Learn in this Course?

InfoSec Institute is an International Association of Privacy Professionals (IAPP) Official Training Partner. After attending our CIPP/US, CIPT and CIPM boot camp, you will be able to successfully pass the IAPP CIPP/US, CIPT and CIPM exams and will gain deep knowledge of the following key areas:

  • The U.S. legal system: definitions, sources of law and the U.S. sectoral model for
    privacy enforcement
  • U.S. federal laws for protection of personal data: FCRA and FACTA, HIPAA, GLBA
    and COPPA
  • U.S. federal regulation of marketing practices: TSR, DNC, CAN-SPAM, TCPA and
  • U.S. state data breach notification: California SB-1386 and select state laws
  • Regulation of privacy in the U.S. workplace: FCRA, EPP, ADA and ECPA plus best practices for privacy and background screening, employee testing, workplace monitoring, employee investigation and termination of employment
  • Using industry-standard guidelines for the collection, use, disclosure, retention and destruction of personal information
  • Recognizing IT risks and mistakes organizations make when embedding privacy in the IT environment
  • Privacy considerations for IT systems and applications
  • Using established methods for end-user notification and choice through IT system and product interfaces
  • Implementing system controls for identity and access management (IAM)
  • Selecting appropriate privacy-enabling technologies
  • Understanding requirements for identifiability, authentication and anonymization
  • Understanding and addressing online privacy threats and challenges
  • Understanding privacy considerations in evolving technologies (cloud computing, biometrics, IoT and more)
  • Organizational privacy concerns, including creating a company vision, structuring the privacy team and communicating with stakeholders
  • Developing and implementing a privacy program framework
  • Measuring performance
  • The privacy operational life cycle

What's Included?

  • Six days of intense training delivered by CIPP/US, CIPT and CIPM certified instructors with actual professional experience in data privacy and the security field
  • CIPP/US all-in-one digital textbook
  • CIPT all-in-one digital textbook
  • CIPM all-in-one digital textbook
  • CIPP/US, CIPT and CIPM sample exam questions
  • CIPP/US, CIPT and CIPM exam vouchers
  • One year IAPP membership
  • Detailed reporting on exam readiness via your Flex Center (Flex Pro)
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee (Flex Pro)
  • Add-on: Video replays of daily lessons

Who Should Attend?

  • -Chief privacy officers (CPOs) and other senior information management professionals in both the U.S. public and private sectors or those employed by any organization with business or policy interests in the U.S.

  • -Privacy managers, legal compliance officers and risk managers

  • -Members of a privacy or compliance team

  • -Intermediate-level privacy professionals and entry-level candidates who are transitioning from non-privacy roles or who are entirely new to the privacy profession

  • -Information management professionals in the U.S. financial services, healthcare or telecommunications industries who seek to broaden their expertise into a general information privacy scope

  • -Corporate managers who are responsible for privacy within their teams, such as human resources, procurement, marketing and customer relations

  • -Non–privacy professionals who serve or support a privacy or compliance team and who need to achieve a consistent level of privacy education

  • -Information security professionals (CISO, CISSP)

  • -Information auditing and IT governance professionals (CISA, CISM)

  • -IT project/program managers

  • -Enterprise system architects (CTO, CIO)

  • -Business process professionals (purchase decision makers for IT services and products)

  • -Software, network, database and system professionals, including architects, designers, developers, engineers and administrators

  • -Anyone who wants to secure a place in the information economy

Why Choose InfoSec Institute?

Industry-Leading Exam Pass Rates — 93% of our students pass their certification exams on their first attempt

Training to Fit Your Schedule — In addition to Flex Pro, the highest-quality live online training in the industry, InfoSec Institute offers Flex Classroom training around the country and learn-at-your-own pace Flex Basic courses

Experienced Instructors — InfoSec Institute instructors have at least 10 years of industry training experience and are professionals with active roles in the industry

Most Thorough Exam Prep Services Available — Students get free exam readiness testing through as well as advanced access to all course materials

CIPP/US, CIPT and CIPM Certification Details

The IAPP CIPP/US was launched in 2004 as the first professional certification in information privacy and remains the preeminent certification in the field of privacy. The CIPP/US credential demonstrates a strong foundation in U.S. privacy laws and regulations and understanding of the legal requirements for the responsible transfer of sensitive personal data to/from the U.S., the EU and other jurisdictions.

The IAPP CIPT is the first global privacy certification for IT practitioners. It demonstrates understanding of privacy and data protection practices in the development, engineering, deployment and auditing of IT products and services at all stages of the information life cycle. The CIPT certifies individuals in their knowledge of privacy-related issues and practices in the context of the design and implementation of information and communication technologies.

The IAPP CIPM was launched in 2013 as the first and only certification in privacy program management. It was developed in response to overwhelming demand to collect and collate common practices for managing privacy operations. The CIPM body of knowledge is comprised of two domains: privacy program governance and privacy program operational life cycle.

What Our Students Are Saying

Without any question, InfoSec has the most gifted individual instructors. Our instructor for this class was both an excellent educator and a premier/world class security expert. He was able to clearly explain and impart to the students, the most complicated security techniques I have ever heard of or imagined. I simply can not find the words to recommend him and Infosec security training more highly.

John Hollan GE

Advanced Ethical Hacking Training Boot Camp

Our Major Clients

CIPP/US, CIPT and CIPM Course Syllabus

    Our instructors give you 100% of their time and dedication to ensure that your time is well spent. You receive an immersive experience with no distractions! The typical daily schedule is:

    • Day 1: U.S. laws, models and collecting data
      • Course introduction
      • Structure of U.S. law and enforcement models
        • Common privacy principles
        • U.S. law sources, definitions and authorities
        • Legal liability in the U.S.
        • U.S. approach to protecting privacy and security of information
      • Regulating collection and use of data in the private sector
        • Federal trade commission privacy and security enforcement actions
        • HIPAA and other healthcare privacy regulations
        • Privacy in financial sector
        • FERPA (education)
        • Privacy protection laws for telecommunications and marketing
    • Day 2: Access, privacy and state laws
      • Access to private information by government and courts
        • Law enforcement access to financial data and communications
        • Laws related to national security
        • Privacy issues in civil litigation
      • Workplace privacy
        • General workplace privacy concerns
        • Human resources management
        • Relevant U.S. agencies and laws
        • Employee background screening
        • Employee monitoring and investigations
        • Employee termination
      • State privacy laws
        • Federal vs. state authority
        • Marketing laws
        • Financial data and data security laws
        • Overview of data breach notification laws
    • Day 3: Privacy fundamentals and life cycle
      • Importance of privacy in IT environment
        • Privacy and regulatory compliance requirements
        • Privacy expectations
        • Risks to IT environments
        • Common mistakes
        • Privacy vs. security
        • Governance and role of IT professionals
      • Privacy fundamentals
        • Important privacy documents (notices and relevant security and privacy policies)
        • Relevant standards and frameworks
        • SDLC privacy and security
        • Privacy considerations in enterprise architecture (incident response, cross-border data transfers and Privacy Impact Assessments)
        • Core privacy principles
      • Privacy in the information life cycle
        • Stages of the information life cycle
        • Privacy considerations for collection of information
        • Privacy considerations for use of information
        • Privacy considerations for disclosure of information
        • Privacy considerations for retention of information
        • Privacy considerations for destruction of information
    • Day 4: Privacy technologies, techniques and controls
      • Privacy-enabling technologies and controls
        • Privacy challenges for enterprise IT architecture
        • Identity and access management (IAM)
        • Protecting credit card information
        • Privacy and security controls for remote access and mobile devices
        • Data encryption types, standards and implementation
        • Automated data retrieval and audits
        • Data masking and obfuscation
        • Implementing DLP
        • Privacy considerations for customer-facing applications
      • Common privacy techniques
        • Authentication
        • Identifiability of data
        • Privacy-by-design principles
      • Privacy in online environment
        • Online privacy expectations and requirements
        • Privacy challenges with social media
        • Common online threats and safeguards
        • E-commerce and advertising
        • Web tracking technologies (cookies, beacons and more)
        • Machine-readable languages for privacy policies
        • Web browser privacy and security features
        • Secure web protocols (SSL/TLS, HTTPS)
      • Privacy and emerging technologies
        • Cloud computing privacy and security concerns
        • Wireless communications
        • Principles of location-based technologies and services
        • IoT and other smart technologies
        • Electronic surveillance
        • Biometrics
    • Day 5: Privacy program governance
      • Organizational level
        • Creating a company vision
        • Establishing a privacy program
        • Structuring the privacy team
      • Developing the privacy program framework
        • Developing privacy policies, standards and guidelines
        • Defining privacy program activities
      • Implementing the privacy policy framework
        • Communicating the privacy framework to stakeholders
        • Ensuring alignment with laws and regulations
      • Metrics
        • Identifying intended audience for metrics
        • Defining reporting resources
        • Defining privacy metrics
        • Identifying systems/application collection points
    • Day 6: Privacy operational life cycle
      • Stage I: Assess (privacy operational life cycle)
        • Documenting current baseline
        • Processors and third-party vendor assessment
        • Physical assessments
        • Mergers, acquisitions and divestitures
        • Conducting analysis and assessments
      • Stage II: Protect (privacy operational life cycle)
        • Data life cycle
        • Information security practices
        • Privacy by design
      • Stage III: Sustain (privacy operational life cycle)
        • Measure
        • Align
        • Audit
        • Communicate
        • Monitor
      • Stage IV: Respond (privacy operational life cycle)
        • Information requests
        • Privacy incidents

    View Pricing

    We will never share any of your information, spam you or annoy you with pushy sales pitches.

    Book your course

      Ready to get started? Get instant pricing for this award-winning boot camp. View course pricing
      View instant course pricing