Book updated Jul 2026.
Welcome. As you embark on your journey to become a Certified Information Privacy Professional/United States (CIPP/US), you’ve undoubtedly recognized the complexity and importance of privacy law in today’s digital age. Whether you’re a seasoned privacy professional seeking certification or a newcomer eager to delve into the intricacies of privacy regulations, this book is designed to be your trusted companion.
Privacy law is a rapidly evolving field, shaped by technological advancements, legislative changes, and societal concerns. The CIPP/US exam, administered by the International Association of Privacy Professionals (IAPP), assesses your knowledge of the United States’ privacy laws and regulations, including federal and state statutes, industry standards, and best practices.
It has recently undergone a significant update that reflects the rapidly evolving landscape of privacy law and practice. Effective from September 1, 2025, the exam’s body of knowledge has been revised to include new and emerging topics that have become increasingly critical in the modern privacy environment. One of the most notable new topics is the handling of privacy challenges in mergers, acquisitions, and divestitures, which requires privacy professionals to understand the unique risks and compliance obligations that arise when companies combine or separate their operations and data assets. Another significant addition is the focus on U.S. state insurance regulation, which mandates that certified professionals grasp the specific role that state Departments of Insurance play in overseeing privacy practices within the insurance industry, a sector that handles vast amounts of sensitive personal and financial information. Closely related to this is the inclusion of the National Association of Insurance Commissioners’ guidelines for governing Artificial Intelligence, reflecting the growing regulatory attention on algorithmic fairness, transparency, and accountability in insurance underwriting and pricing decisions.
The updated exam also places greater emphasis on the technical and legal requirements for verifiable parental consent, particularly under laws like the Children’s Online Privacy Protection Act, which requires websites and online services to obtain verifiable consent from parents before collecting personal information from children under thirteen, and this expansion reflects the increasing scrutiny of children’s privacy in the digital age.
This book offers a comprehensive collection of practice questions meticulously crafted to mirror the contents of the actual CIPP/US exam. Each question is designed to challenge your understanding of key privacy concepts, test your ability to apply legal principles, and reinforce your knowledge across the breadth of privacy law domains. Whether you’re grappling with the intricacies of the Health Insurance Portability and Accountability Act (HIPAA), navigating the complexities of data breach notification requirements, or deciphering the nuances of the California Consumer Privacy Act (CCPA), this book provides the perfect platform to hone your skills and build confidence.



