International Association of Privacy Professionals

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
International Association of Privacy Professionals
Legal status501(c)(6) professional association[1]
HeadquartersPortsmouth, New Hampshire, U.S.
Revenue (2016)
Expenses (2016)$17,892,152[1]
Employees (2016)
Volunteers (2016)

The International Association of Privacy Professionals (IAPP) is a nonprofit, non-advocacy membership association founded in 2000. It provides a forum for privacy professionals to share best practices, track trends, advance privacy management issues, standardize the designations for privacy professionals and provide education and guidance on opportunities in the field of information privacy. The IAPP offers a full suite of educational and professional development services, including privacy training, certification programs, publications and annual conferences.

The IAPP claims to be the world's largest association for the information privacy professionals, with more than 40,000 members in over 100 countries, headquartered in Portsmouth, New Hampshire.


Initiated in 2000, the International Association of Privacy Professionals (IAPP) was originally constituted as the Privacy Officers Association (POA). In 2002 it became the International Association of Privacy Officers (IAPO) when the POA merged with a competing group, the Association of Corporate Privacy Officers (ACPO). The group was renamed to the International Association of Privacy Professionals in 2003 to reflect a broadened mission to include the ranks of corporate personnel, beyond the position of Chief Privacy Officer, engaged in privacy-related tasks.

Membership reached 10,000 in 2012 and expanded rapidly by another 13,000 over the next three years. Half of its members are women.[2]

Professional certifications[edit]

The IAPP is responsible for developing and launching the only globally recognized credentialing programs in information privacy including the Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), and the Certified Information Privacy Technologist (CIPT). The IAPP maintains a common body of knowledge for each certification and achieving a certification demonstrates mastery of a principles-based framework and knowledge base of the subject matter. The CIPM, CIPP/E, CIPP/US and CIPT credentials are accredited[3] by the American National Standards Institute (ANSI) under the International Organization for Standardization (ISO) standard for Personnel Certification Bodies 17024: 2012.[4]

Certified Information Privacy Professional (CIPP) The CIPP is the first-ever certification offered in information privacy. It has five concentrations, each focused on a specific region or sector.

Certified Information Privacy Manager (CIPM)[5] The CIPM demonstrates understanding of the operational aspects of privacy program management.

Certified Information Privacy Technologist (CIPT)[6] The CIPT demonstrates understanding of how to manage and build privacy requirements into technology.

Continuing Privacy Education In order to maintain certification, the IAPP requires 10 hours of continuing privacy education (CPE) per year.


The IAPP provides privacy training worldwide for individuals and corporations. Privacy training courses are based on the body of knowledge for the IAPP certification programs. Training is available live and online.


The IAPP produces original research through the IAPP Westin Research Center. Two privacy scholars are selected each year for a fellowship to work on privacy research projects under the guidance of the IAPP’s vice president of research and education. Topics are selected with a view of supporting the growth and development of the privacy profession and furthering understanding of the major privacy issues. Research projects include:

  • The FTC Casebook
  • Privacy Industry Index (PII)
  • Privacy Professionals Salary Survey
  • The IAPP annual surveys from members[2]
  • IAPP-EY Annual Privacy Governance Report 2015[7]


The IAPP holds seven annual conferences:

The Global Privacy Summit,[8] held in Washington, DC, is the world’s largest international privacy conference.

Privacy. Security. Risk. (P.S.R.), is held in the fall and offers the best of privacy and security, with innovative cross-education and networking.

The IAPP Canada Privacy Symposium is held in Toronto in May, gathering regulators and thought leaders for intensive learning and discussion of Canadian Privacy challenges.

The IAPP Europe Data Protection Congress, held in Brussels in late fall, covers topics related to policy and regulation in Europe.

The IAPP Europe Data Protection Intensive[9] is held in London in April, covering operational privacy issues of specific interest to European data protection professionals.

IAPP Asia Privacy Forum is held in Singapore each spring, covering topics of specific interest to the Singaporean and greater Asia-Pacific privacy community.


The Privacy Advisor,[10] the IAPP’s publication, provides news, reporting on legal developments and analysis of rules and privacy practices.

The Privacy Perspectives blog includes opinion and insight from around the globe.

The Privacy Tracker blog follows legislative developments and provides guidance and analysis of how legislation impacts privacy practitioners.

The Privacy Tech blog covers privacy-enhancing technology and the technical implementation of privacy.

These publications are filtered through the Daily Dashboard, a daily clipping service, and regional digests covering Canada, Europe and the Asia-Pacific region.


  1. ^ a b c d e f "Form 990: Return of Organization Exempt from Income Taxes". International Association of Privacy Professionals. December 31, 2016.
  2. ^ a b "Do Women Make Better Privacy Professionals?". Forbes. June 10, 2015. Retrieved October 5, 2015.
  3. ^ "ANSI Directory of Accredited Personnel (ANSI/ISO/IEC 17024) Certification Bodies". American National Standards Institute. August 5, 2015. Retrieved July 7, 2018.
  4. ^ "Accreditation Program for Personnel Certification Bodies under ANSI/ISO/IEC 17024". Retrieved July 7, 2018.
  5. ^ " - The Human Resources Social Network". 2015-12-08. Retrieved 2015-12-08.
  6. ^ "Cybersecurity's hidden pool of talent". Healthcare IT News. Retrieved 2015-12-08.
  7. ^ "Report shows privacy officials in government are understaffed and demoralized". The Daily Dot. Retrieved 2015-12-08.
  8. ^ "FTC wants role in reshaping online privacy bill -- Regulators talk cross-border privacy rules". POLITICO. Retrieved 2015-12-08.
  9. ^ "Does Privacy Need a New Language?". Governor Technology. Archived from the original on 2015-12-10. Retrieved 2015-12-08.
  10. ^ "Administrative judge dismisses FTC case against LabMD". SC Magazine. Retrieved 2015-12-08.

External links[edit]