Other

CIPP/US: 5 things to know about privacy and cybersecurity law

February 2, 2022 by John Bandler

Privacy is a concept with deep roots in our culture and is now an important and evolving part of society with growing legal requirements. The CIPP/US certification path provides critical knowledge about law, privacy and cybersecurity for every information security professional looking to advance their career and protect their business.  That’s why I created the new CIPP/US learning path in Infosec Skills. It demystifies the law, prepares you to pass the exam and empowers your life.

CIPP/US is the leading certification in privacy

CIPP stands for Certified Information Privacy Professional and is issued by the International Association of Privacy Professionals (IAPP), a non-profit and the leading privacy organization. CIPP/US focuses on United States law, and the IAPP offers others for Europe, Canada and Asia (CIPP/E, CIPP/C, CIPP/A) and other certifications for different areas of privacy management and implementation, such as certified information privacy technologist (CIPT) and certified information privacy manager (CIPM).

Earning the CIPP/US certification is a valuable achievement, and equally important is the learning and knowledge that comes with preparing for the exam. Information security professionals can better protect their organizations and elevate their careers with this practical knowledge. 

Not just “privacy law” but “privacy and cybersecurity law”

Privacy is a matter of personal, professional, organizational concern and the laws and regulations on the topic are expanding exponentially. Every organization needs to know them, cybersecurity programs and professionals need to incorporate them. The body of knowledge for the CIPP/US certification is large, focusing on “privacy law” and the application of privacy principles.

We manage and protect information systems, so we need to understand the broad array of legal requirements. I put “privacy law” in quotes because it is not a perfect term since the legal requirements for privacy and cybersecurity are so intertwined. Every privacy law has a cybersecurity component, so for me, it is more accurate and effective to call them “privacy and cybersecurity laws.” 

This learning path is of essential benefit for anyone seeking to earn the CIPP/US certification and for any cybersecurity professional interested in learning more about laws related to information governance, privacy, and information security.

What important law areas does the CIPP/US cover?

By studying the CIPP/US materials and taking this course, participants will learn a lot about law, including privacy-specific laws, data breach reporting laws, cybersecurity requirements and general information about our legal system. We start the learning path by laying a foundation to ensure your future success. Then we dive into general legal concepts, specific laws and regulations, government enforcement, private-sector collection and use of data, and government collection of data. Next, we explore workplace privacy and state laws. Finally, we bring it all together, and I prepare you for the exam and apply the knowledge in the workplace.

I enjoy teaching law to non-lawyers and making legal concepts understandable. I realize that the law (and admittedly some lawyers) can be confusing. Rest assured, this is a two-way street, and many lawyers find technology and cybersecurity confounding. My goal is to empower each group to understand the other discipline, which means helping you understand the law and regulation.

Why did I build these courses?

This topic is close to my heart, combining four important things: law, privacy, cybersecurity and teaching. I could not pass up this opportunity. I speak a lot, teach at many different levels, wrote two books, and build courses. Still, these courses were a new, exciting project and required enormous effort. It is a learning experience I am proud of. Throughout, my focus is to help you succeed with your learning.

Why should you take the courses?

Every information security professional needs to know about privacy and law. This provides it.

If you live in the United States, it’s good to understand our foundational legal principles, and these courses give it. 

If you are an information security professional, you need to understand the increasing regulations and laws that govern privacy, cybersecurity, data destruction and data breach reporting. The courses provide that also. This learning path provides an amazing foundation in law, and I will help demystify it and empower you the next time you need to evaluate legal requirements.

Certifications are a way to motivate you to study and learn. When you pass that exam and earn that credential, you can display your achievement, add a line to your resume and broaden your opportunities. I hold about a dozen certifications and enjoy the process of getting them. I think you will too, and I offer some strategies to help you. 

Learning is a life-long process that benefits our personal and professional well-being. I am delighted to play a part in your development.

Take a look at my courses today and get started. 

Posted: February 2, 2022
Author
John Bandler
View Profile

John Bandler is a lawyer, consultant, speaker, teacher and author in the areas of cybersecurity, cybercrime, privacy, investigations and more. He is the founder of Bandler Law Firm PLLC and Bandler Group LLC, legal and consulting practices that help organizations and individuals with cybersecurity, the prevention and investigation of cybercrime, privacy, compliance, risk management and governance. John has expertise in many subjects, holds a number of certifications, and is a prolific writer and speaker. His first book is Cybersecurity for the Home and Office, his second book is Cybercrime Investigations, an extensive resource regarding the law, technology, process and skills regarding the investigation of cybercrime. John has authored articles on a range of topics and teaches professionals and students at the undergraduate, graduate and law school levels. Before entering private practice, John served in government as an assistant district attorney in the New York County District Attorney's Office where he investigated and prosecuted criminal offenses ranging from cybercrime, virtual currency money laundering and traditional street crimes and frauds. Prior to that, he served as a state trooper in the New York State Police providing full police services to the local community.

Leave a Reply

Your email address will not be published.