Certified - CIPP/US Audio Course

The Health Insurance Portability and Accountability Act (HIPAA) remains one of the most significant federal privacy statutes. This episode explains the Privacy Rule, which establishes protections for…

Privacy law continues to evolve as technology advances. This episode highlights priority areas identified by regulators and policymakers, including the risks posed by data brokers, the proliferation …

Enforcement brings theory into practice. In this episode, we review major FTC privacy and data security cases, highlighting recurring themes such as inadequate security, deceptive disclosures, and fa…

Children’s privacy carries heightened protections in U.S. law. This episode introduces the Children’s Online Privacy Protection Act (COPPA), which governs the collection of personal information from …

The Federal Trade Commission is often described as the nation’s top privacy cop. This episode dives into Section 5 of the FTC Act, which prohibits unfair and deceptive acts or practices. We’ll examin…

Domain II focuses on federal and state laws governing specific sectors such as health, finance, education, and telecommunications. This episode introduces the federal “sectoral” approach, where disti…

This episode explores how U.S. privacy frameworks compare to the European Union’s General Data Protection Regulation (GDPR) and Switzerland’s Federal Act on Data Protection (FADP). We’ll review diffe…

Privacy law collides with other legal obligations when organizations face multinational conflicts. This episode highlights the tension between U.S. e-discovery requirements in litigation and EU data …

U.S. companies regularly transfer data across borders, triggering international privacy obligations. This episode introduces the Schrems cases, which invalidated earlier EU-U.S. transfer mechanisms, …

The online environment presents unique privacy risks. This episode examines how tracking technologies, behavioral profiling, and targeted advertising shape consumer experiences and regulatory respons…

Data has a lifecycle, and managing it responsibly is critical for privacy compliance. This episode covers retention schedules that specify how long data must be kept, archival practices for historica…

Accountability is the thread connecting all privacy obligations. In this episode, we define accountability models as frameworks for demonstrating compliance through documentation, assessments, and go…

Privacy law intersects with cybersecurity when incidents occur. This episode explains how organizations build incident response programs to address threats like ransomware, data breaches, and vendor …

Cloud services and third-party vendors introduce unique privacy challenges. This episode examines how processing agreements define roles and responsibilities between controllers and processors, inclu…

Building a privacy program is more than drafting policies—it requires embedding privacy into operations. In this episode, we cover workforce training, including how to tailor content for different ro…

Data doesn’t stay put—it flows across systems, organizations, and borders. This episode explains how to map those flows, identify points of transfer, and implement controls that ensure compliance. We…

Strong privacy programs begin with knowing what data you have. This episode covers how organizations build and maintain a data inventory, cataloging personal information across systems, applications,…

Building on our earlier discussion of self-regulation, this episode focuses specifically on enforcement mechanisms. We’ll look at how programs such as the Payment Card Industry Data Security Standard…

Privacy enforcement is increasingly global. This episode introduces the Global Privacy Enforcement Network (GPEN), a collaboration of regulators worldwide who share information and coordinate investi…

This episode focuses on the interplay of federal and state enforcement bodies. We begin with the Department of Justice, which prosecutes criminal violations and litigates civil cases on behalf of fed…