Answering Your Questions About the CIPP/US

What is the CIPP/US?

The Certified Information Privacy Professional/United States (CIPP/US) is one of the most prominent privacy certifications offered by the International Association of Privacy Professionals (IAPP).

Getting the CIPP/US establishes your knowledge of US privacy laws in areas like finance, healthcare, education, and telemarketing. You will gain an understanding of growing state comprehensive privacy laws out of states like California and Colorado, as well as state data breach notification laws across all US states.

The CIPP/US covers key regulatory authorities like the Federal Trade Commission, and how the US government gains lawful access to data held by private, US-based companies—a key focus area for cross-border data transfers.

The CIPP/US Body of Knowledge spreads this content across 5 sections:

1. Introduction to the U.S. Privacy Environment
2. Limits on Private-Sector Collection and Use of Data
3. Government and Court Access to Private Sector Information
4. Workplace Privacy
5. State Privacy Laws

In short, the CIPP/US provides you with a fantastic overview of US privacy laws.

Who Should Get the CIPP/US?

The CIPP/US is great for people interested in learning about US privacy laws.

This seems like an obvious statement. However, many people have preconceived opinions about which IAPP certifications are "valid" or "appropriate" for them to get.

For example, engineering-focused people may believe the CIPP/US is for lawyers and public policy folks—after all, why would an engineer pursue a legal certification?

I hear this a lot. While well-intentioned, this mindset is probably wrong.

Regardless of your technical background and expertise, the CIPP/US provides an excellent opportunity to round out your privacy expertise. Do you have a background in software engineering, security, compliance, or other non-legal roles? If so, the CIPP/US provides the knowledge to communicate effectively with the attorneys in your organization and other key privacy stakeholders.

If you are a US-based privacy practitioner, the CIPP/US provides great foundational knowledge to help you understand and navigate the regulatory environment in which you operate.

The CIPP/US is often the first privacy certification that US practitioners pursue.

What Does the CIPP/US Cost?

Okay, the CIPP/US sounds interesting, but what does it cost?

If this is your first time attempting the CIPP/US, the certification exam costs $550—honestly, a bit of a steep cost. If you need to retake the certification exam, each attempt will cost $375 after a 30-day waiting period between attempts.

If you currently have an IAPP certification, the exam cost for additional certifications reduces to $375—a $175 savings. Is your other IAPP certification the CIPM or CIPT? Consider applying as a Fellow of Information Privacy at no additional cost!

$550 is a lot of money, but getting the CIPP/US will cost you more than that. To pass the CIPP/US, your total projected cost will probably include:

1. The CIPP/US certification exam ($375 or $550)
2. The official textbook ($65/$75 for an e-book or $95/$85 for physical book)
3. A Certification Maintenance Fee ($250) or IAPP membership (varies)
4. Optional study materials ($25+)

The CIPP/US also requires different recurring costs and continuing education.

To maintain your CIPP/US, you must pay a Certification Maintenance Fee (CMF) every two years, or become an IAPP member ($50-$295 a year) which includes the CMF. Read more about the CMF vs. IAPP membership and other requirements like Continuing Privacy Education in How to Maintain Your IAPP Certification.

Well, is the CIPP/US worth it? Read on!

Is the CIPP/US Worth It?

Are the time (30+ hours) and money ($875+) to get the CIPP/US worth it?

Do you work in an unrelated field but have an insatiable itch for US privacy law? If so, the total cost to get the CIPP/US may not make sense. I'd recommend purchasing the official textbook and other resources to satisfy your curiosity.

However, if you're an active (or aspiring) privacy practitioner, let's talk. Based on anecdotes, there are a few reasons to pursue the CIPP/US:

1. Break into the privacy field
2. Meet hiring criteria
3. Demonstrate transferrable privacy knowledge
4. Personal development
5. Everyone else is doing it, so why not me?

Each of these reasons could be a justification to get the CIPP/US.

However, these reasons may not match your personal circumstances. I would encourage you to think about your reasons for getting the CIPP/US and perform your own cost/benefit analysis.

Let me share why I got the CIPP/US and whether it was worth it.

In 2022, I was pursuing my M.S., in Cybersecurity at Georgia Tech. I took Privacy for Professionals, a course on US privacy laws taught by Peter Swire and DeBrae Kennedy-Mayo—you may recognize them as the authors of the CIPP/US textbook.

Before this, I had recently changed careers from being a Software Engineer to a Privacy Engineer at Google. I had a technical background, but I wanted to round out my expertise—I needed to communicate privacy requirements between lawyers, engineers, and other stakeholders.

Okay, so the value proposition was there for me, but what about the ~$875 cost?

Google is a Corporate Member of the IAPP and provided me with a free IAPP membership—saving $295 per year. I also completely expensed the cost of my CIPP/US certification exam ($550) as part of my education stipend.

For me, the decision to get the CIPP/US was a clear one.

I spent a full semester at Georgia Tech studying US privacy laws, and my employer reduced the upfront and recurring costs to zero.

While my circumstances may differ from yours, I'd encourage you to look for similar opportunities. Does your employer provide an education benefit? Are they a Corporate Member or Group Member that provides a free IAPP membership? Are you a student who has access to reduced costs for an IAPP membership?

Ultimately, you need to make the best decision based on your circumstances.

How to Study for the CIPP/US?

If you haven't bailed yet, you may wonder how to study for the CIPP/US.

To start, I'd read the Complete Guide to Get Your CIPP/US.

This free study guide tells you everything you need to know to pass the CIPP/US. It helps you make the best use of your study time and highlights all the key resources you should use. The best part? It's completely free.

If you're looking for an abridged study guide, I recommend that people:

1. Review the Sample Exam Questions
2. Read the Official Textbook
3. Create an Outline
4. Study the IAPP Glossary Terms
5. Review Knowledge Gaps

Want more details? Check out our Complete Guide to Get Your CIPP/US.

Wrapping Up

I sincerely hope this post was accessible, useful, and practical for you. If you have any feedback on this post, please let me know. Cheers.