Certified - CIPP/US Audio Course

Welcome to the CIPP/US Certification

Episode 97 — Cross-Domain Comparison: Federal, State, and International Overlaps

The final episode ties everything together by comparing U.S. federal privacy laws, state-level frameworks, and international regimes like the GDPR. We’ll highlight how similar principles—such as data…

Episode 96 — Recent Changes: Pennsylvania SB 696 and Utah S.B. 127

State privacy laws continue to evolve. This episode reviews recent changes, such as Pennsylvania SB 696, which updated breach notification requirements, and Utah S.B. 127, which amended cybersecurity…

Episode 95 — State Variations: Comparing Notification Timelines and Duties

Even within the common framework of breach notification, state differences matter. This episode compares notification timelines, which can range from “without unreasonable delay” to fixed deadlines…

Episode 94 — Breach Notification: Definitions, Triggers, and Scope

State breach notification laws form one of the most uniform yet varied areas of privacy law. This episode reviews the common elements—definitions of personal information, what constitutes a breach,…

Episode 93 — Enforcement Mechanics: Cure Periods and Penalties

Enforcement provisions determine how state privacy laws are applied in practice. This episode explains cure periods, which give businesses time to fix violations before penalties are imposed, and how…

Episode 92 — Other State Acts: Emerging Comprehensive Privacy Laws

Beyond California, Virginia, and Colorado, many states are adopting or considering comprehensive privacy laws. This episode surveys these developments, highlighting features of statutes in states…

Episode 91 — Colorado Privacy Act: Rights, Duties, and Insurance Bias Provisions

Colorado’s Privacy Act builds on the momentum from California and Virginia, offering a comprehensive framework with unique twists. This episode reviews its applicability standards, consumer rights,…

Episode 90 — Virginia CDPA: Consumer Data Protection Act Essentials

Virginia’s Consumer Data Protection Act (CDPA) established one of the first comprehensive state privacy frameworks outside California. This episode reviews its applicability thresholds, consumer…

Episode 89 — California Delete Act: Data Broker Registration and Rights

The California Delete Act introduces obligations for data brokers, requiring them to register and enabling consumers to request deletion of their data from all registered brokers at once. This…

Episode 88 — California AADC: Age-Appropriate Design Code Protections

Children’s privacy receives special attention in California’s Age-Appropriate Design Code Act (AADC). This episode explains its requirements for online services likely to be accessed by minors,…

Episode 87 — California CCPA/CPRA: Comprehensive Consumer Privacy Framework

California remains the leader in state privacy law. This episode reviews the California Consumer Privacy Act (CCPA) and its amendment through the California Privacy Rights Act (CPRA). We’ll explore…

Episode 86 — AI Bias and ADM: NAIC AIS Guidelines, NYC AEDT, and State Rules

Automated decision-making (ADM) and artificial intelligence raise fairness and discrimination concerns. This episode introduces the NAIC Artificial Intelligence Governance Guidelines, New York City’s…

Episode 85 — Biometric Privacy: IL BIPA, WA, TX, and Related Statutes

Biometric privacy laws impose strict requirements on collecting and using data such as fingerprints, facial recognition, and iris scans. This episode covers the Illinois Biometric Information Privacy…

Episode 84 — Cookies and Tracking: Online Privacy Regulations

State laws increasingly regulate cookies, pixels, and online tracking. This episode explains how transparency, consent, and opt-out obligations apply to digital advertising technologies. We’ll…

Episode 83 — Health Data Rules: WA MHMD, NV Health Data Act, and IL GIPA

Beyond HIPAA, states have introduced new health data privacy statutes. This episode explores Washington’s My Health My Data Act (MHMD), Nevada’s Consumer Health Data Privacy Act, and Illinois’…

Episode 82 — State Security Requirements: Common Controls Across Jurisdictions

Most state privacy laws include explicit security requirements. This episode reviews common obligations such as implementing reasonable safeguards, risk-based controls, encryption, and access…

Episode 81 — Data Protection Agreements: Contracts and Assessments

Contracts are central to ensuring compliance with state privacy laws. This episode explains how data protection agreements define the obligations between controllers and processors, including rules…

Episode 80 — Privacy Notices: Transparency and Consumer Disclosures

Transparency is a cornerstone of state privacy laws. This episode covers the requirements for privacy notices, including disclosures about data collection, use, sharing, and consumer rights. We’ll…

Episode 79 — Data Subject Rights: Access, Deletion, Portability, and Consent

State laws grant individuals a suite of rights over their personal data. This episode explains the rights to access, correct, delete, and port data, as well as opt-out and consent requirements. We’ll…