International Association of Privacy Professionals
|Legal status||501(c)(6) professional association|
|Headquarters||Portsmouth, New Hampshire, U.S.|
The International Association of Privacy Professionals (IAPP) is a nonprofit, non-advocacy membership association founded in 2000. It provides a forum for privacy professionals to share best practices, track trends, advance privacy management issues, standardize the designations for privacy professionals, provide education and guidance on career opportunities in the field of information privacy. The IAPP offers a full suite of educational and professional development services, including privacy training, certification programs, publications and annual conferences. It is headquartered in Portsmouth, New Hampshire.
Founded in 2000, IAPP was originally constituted as the Privacy Officers Association (POA). In 2002, it became the International Association of Privacy Officers (IAPO) when the POA merged with a competing group, the Association of Corporate Privacy Officers (ACPO). The group was renamed to the International Association of Privacy Professionals in 2003 to reflect a broadened mission that includes the ranks of corporate personnel, beyond the position of Chief Privacy Officer, engaged in privacy-related tasks.
Membership reached 10,000 in 2012 and in 2019, the organization reported it had surpassed the 50,000 member mark. The rapid growth was the result of increased demand for privacy expertise in the face of emerging laws such as the EU's General Data Protection Regulation (GDPR). Half of the association's members are women.
The IAPP is responsible for developing and launching a global credentialing programs in information privacy. The CIPM, CIPP/E, CIPP/US and CIPT credentials are accredited by the American National Standards Institute (ANSI) under the International Organization for Standardization (ISO) standard for Personnel Certification Bodies 17024:2012. These certifications have been described as "the gold standard" for validating privacy expertise.
- Certified Information Privacy Professional (CIPP)
The CIPP currently offers four areas of concentration, each focused on a specific region: United States (CIPP/US), Canada (CIPP/C), Europe (CIPP/E), Asia (CIPP/A). For several years, a specialization in US Government privacy matters (CIPP/G) was offered but the program was terminated on September 30, 2018 and is presently inactive.
- Certified Information Privacy Manager (CIPM)
- Certified Information Privacy Technologist (CIPT)
- Privacy Law Specialist (PLS)
In 2018, the IAPP initiated the PLS program, which is one of only 15 areas of legal specialization accredited by the American Bar Association (ABA). The PLS is intended only for lawyers practicing in the US. By 2019, approximately 75 attorneys had achieved the certification.
- Fellow of Information Privacy (FIP)
The FIP designation is reserved for individuals who have attained the CIPP and either CIPM or CIPT designations, can demonstrate at least three years of work experience in which at least 50% of the job responsibilities are managing data privacy issues. The designation also requires three references who are industry peers and familiar with the applicant's work.
The IAPP produces original research through the IAPP Westin Research Center. Two privacy scholars are selected each year for a fellowship to work on privacy research projects under the guidance of the IAPP’s vice president of research and education. Topics are selected with a view of supporting the growth and development of the privacy profession and furthering understanding of the major privacy issues.
Research projects include:
- The FTC Casebook
- Privacy Industry Index (PII)
- Privacy Professionals Salary Survey
- The IAPP annual surveys from members
- IAPP-EY Annual Privacy Governance Report 2015
The IAPP holds seven annual conferences:
IAPP Privacy. Security. Risk. (P.S.R.), is held in the Fall in a variety of locations (primarily on the West Coast of the US) and offers the best of privacy and security, with innovative cross-education and networking.
IAPP Canada Privacy Symposium is usually held in Toronto in May, gathering regulators and thought leaders for intensive learning and discussion of Canadian Privacy challenges.
IAPP Europe Data Protection Congress is usually held in Brussels in late Fall, covers topics related to policy and regulation in Europe.
IAPP Data Protection Intensives are held multiple times throughout the year in cities such as London, Paris, or Berlin. These events cover operational privacy issues of specific interest to European data protection professionals.
IAPP Asia Privacy Forum is held in Singapore each Spring, covering topics of specific interest to the Singaporean and greater Asia-Pacific privacy community.
The Privacy Advisor, the IAPP’s publication, provides news, reporting on legal developments and analysis of rules and privacy practices.
The Privacy Perspectives blog includes opinion and insight from around the globe.
The Privacy Tracker blog follows legislative developments and provides guidance and analysis of how legislation impacts privacy practitioners.
The Privacy Tech blog covers privacy-enhancing technology and the technical implementation of privacy.
These publications are filtered through the Daily Dashboard, a daily clipping service, and regional digests covering Canada, Europe and the Asia-Pacific region.
- "https://projects.propublica.org/nonprofits/organizations/233048008/201911359349301931/IRS990". International Association of Privacy Professionals. May 14, 2019.
- Taylor, Mark (10 April 2000). "Privacy issues are focus of new group". Modern Healthcare. Crain Communications Inc. Retrieved 3 August 2019.
- Swire, Peter P. (2002). "The Surprising Virtues of the New Financial Privacy Law". Minnesota Law Review. 86: 2083. doi:10.2139/ssrn.347402.
- Tracy, Ryan; McKinnon, John D. (24 July 2019). "Facebook Penalty Sends Message to Big Tech". The Wall Street Journal. Dow Jones & Company, Inc. Retrieved 18 August 2019.
“I expect a lot of board members and CEOs are chatting and texting today about what exactly they need to do to ensure they are within spitting distance of these new best practices,” said Trevor Hughes, president of the International Association of Privacy Professionals.
- Merken, Sara (12 August 2019). "Companies Turning to Tech Vendors for Privacy Compliance Tools". Bloomberg Law. The Bureau of National Affairs, Inc. Retrieved 18 August 2019.
The number of privacy tech companies jumped from 51 vendors in 2017 to 224 in 2019 so far, according to annual privacy tech vendor reports by the International Association of Privacy Professionals.
- "Measuring privacy operations: Use of technology on the rise". HelpNetSecurity. 6 December 2018. Retrieved 18 August 2019.
“Among our thousands of members, we know that privacy teams are now reporting on a regular basis to company leadership, and consequently they need to demonstrate results and a return on investment,” said Trevor Hughes, CEO and President of the IAPP.
- Tittel, Ed; Kyle, Mary (15 June 2018). "International Association of Privacy Professionals: Career and Certification Guide". Business News Daily.
The IAPP has developed a globally recognized certification program around information privacy.
She added that organizations can also join privacy groups, such as the International Association of Privacy Professionals (IAPP), to stay on top of changes and access self-education resources.
- Kim, Lee (8 July 2019). "My Journey to Attaining Two Professional Certifications, CIPP and CISSP". HIMSS.org. Healthcare Information and Management Systems Society. Retrieved 24 August 2019.
I find value in the CIPP and CISSP credentials every day. Throughout my various professional roles in law, information technology, and now in health IT, I have always had to use multiple domains of knowledge.
- Tittel, Ed (6 June 2018). "Gearing up for GDPR certification: Only a few good options". Hewlett Packard Enterprise. Hewlett Packard Enterprise Development LP. Retrieved 24 August 2019.
Right now, as far as I can tell, the IAPP is the only organization that qualifies as a full-fledged and entirely reputable purveyor of certifications that incorporate GDPR skills and knowledge in its various credentials (and the curricula and exams that support them). The IAPP is a vendor- and policy-neutral organization that’s been around since 2000, billing itself as “the world’s largest global information privacy community.”
- Maselli, Jennifer (25 August 2003). "Privacy Group Focuses on RFID". RFID Journal. Emerald Expositions, LLC. Retrieved 18 August 2019.
"This is a timely topic," says Shara Prybutok, an administrator for IAPP, which was formed recently by the merger of the Privacy Officers Association and the Association of Corporate Privacy Officers.
- "50K members: A landmark for the IAPP and global privacy". IAPP.org. International Association of Privacy Professionals. 2 May 2019. Retrieved 1 October 2019.
The IAPP had hit 50,000 members worldwide.
- "International Association of Privacy Professionals:Career and Certification Guide". Business News Daily. June 15, 2018. Retrieved May 10, 2019.
- "Do Women Make Better Privacy Professionals?". Forbes. June 10, 2015. Retrieved October 5, 2015.
- "ANSI Directory of Accredited Personnel (ANSI/ISO/IEC 17024) Certification Bodies". ANSI.org. American National Standards Institute. August 5, 2015. Retrieved July 7, 2018.
- "Accreditation Program for Personnel Certification Bodies under ANSI/ISO/IEC 17024". ANSI.org. Retrieved July 7, 2018.
- Coseglia, Jared (29 May 2018). "The Power of Certifications in the Legal Industry". Law.com. ALM Media Properties LLC. Retrieved 24 August 2019.
The International Association of Privacy Professionals’ (IAPP) certification program has quickly become the gold standard for employers seeking instant validation of an individual’s privacy expertise.
- "CIPP Certification". IAPP. Retrieved 18 August 2019.
- "Certifiable! The Value of Certifications to Your Career - CIPP, CIPM and CIPT at IAPP". ILTAnet.org. International Legal Technology Association. 27 August 2015. Retrieved 24 August 2019.
- "The IAPP Certified Information Privacy Professional/Government (CIPP/G) Program Is Now Inactive" (PDF). 30 September 2018. Retrieved 18 August 2019.
- "HR.com - The Human Resources Social Network". www.hr.com. 2015-12-08. Retrieved 2015-12-08.
- "Is IAPP Certification a Consideration for Health IT Professionals?". USF Health Online. University of South Florida. Retrieved 24 August 2019.
- "Cybersecurity's hidden pool of talent". Healthcare IT News. Retrieved 2015-12-08.
- "Privacy Law Specialist: The ABA-Approved Certification for Lawyers Practicing Privacy". Legaltech News/Law.com. March 19, 2019. Retrieved May 10, 2019.
- "Fellow of Information Privacy". IAPP. Retrieved 18 August 2019.
- Spiezio, Caroline (7 May 2019). "US Chief Privacy Officers Get Paid More Than EU Peers, Have Closer Ties to Legal". Law.com. ALM Media Properties LLC. Retrieved 24 August 2019.
According to the IAPP’s 2019 Privacy Professionals Salary Survey, American CPOs’ median salary is $212,000 compared to $185,000 in the U.K. and $142,000 in the European Union. The global median salary for CPOs is $200,000 in 2019.
- "Report shows privacy officials in government are understaffed and demoralized". The Daily Dot. Retrieved 2015-12-08.
- "FTC wants role in reshaping online privacy bill -- Regulators talk cross-border privacy rules". POLITICO. Retrieved 2015-12-08.
- "Does Privacy Need a New Language?". Governor Technology. Archived from the original on 2015-12-10. Retrieved 2015-12-08.
- "Administrative judge dismisses FTC case against LabMD". SC Magazine. Retrieved 2015-12-08.