What is CIPS certification?

CIPS stands for Certified Information Privacy Professional. This certification is offered by the International Association of Privacy Professionals, and it’s one of the leading privacy certifications in existence today. As more businesses are becoming aware that privacy is a major concern among consumers, CIPS has become increasingly popular as an indicator that someone knows what they’re doing to help protect customer data.

Do you know how much your business could save if you had a CIPS or other certified professional on staff?

What is CIPS certification?

A CIPS certified professional has the ability to improve the business’ bottom line by minimizing the exposure to lawsuits. This is due in large part to the fact that a CIPS professional knows what questions to ask and how to analyze data with regard to personal information. They also have access to resources such as seminars and training programs that are targeted for compliance needs.

The cost of hiring a CIPS certified professional should be considered an investment. Businesses are realizing they can save money on legal fees and possible class action lawsuits if they invest in this type of training.

There are people who believe that CIPS certification means you know everything about privacy. That’s not true at all, but it does mean the person has gone through a rigorous process to learn what they need to know in order to help protect customer data and keep their business compliant with standards set forth by various governmental entities such as GDPR or HIPAA.

CIPS is an important step for any company dealing with private information of employees, customers, vendors and more. These guidelines will ensure your organization can continue doing its job while still providing the level of protection required under law today.

See: Procurement certification


The GDPR is an acronym for General Data Protection Regulation.

This is a regulation passed by the European Union in 2016 that will govern how European Union Member States handle personal information of EU residents, and will apply directly to any company that processes personal data of individuals living in the European Union. This regulation replaces Directive 95/46/EC of 1995.

The GDPR includes a number of provisions concerning consent, international data transfers, privacy by design, automated decision-making, and more.

Under this legislation, all incidents involving personal data breach must be reported to a supervisory authority within 24 hours. A controller or processor cannot refuse to comply with this requirement on grounds that reporting the breach might endanger their health or safety, and will be liable for any damages arising from their refusal.

The GDPR also has provisions in place to protect citizens’ data privacy like the right of access by providing a mechanism for requesting personal information about oneself; restrictions on profiling someone based on race, color, gender identity, religion, sexual orientation etc.; ensuring that parental consent is given before sending children’s personal data across borders outside of the EU; new requirements for processing sensitive data such as health records and genetic material; and more.


People who are employed within healthcare organizations must ensure compliance with HIPAA regulations at all times when accessing private medical or other patient related information. HIPAA stands for Health Insurance Portability & Accountability Act which was passed back in 1996.

This legislation regulates the use and disclosure of all forms of protected health information by healthcare providers, health plans, and other covered entities.

The act provides a set standard for protecting private medical data that allows people to be able to maintain their privacy while still receiving necessary treatment. All those who are employed within HIPAA compliant companies must know what they’re doing or risk being fined up to $250,000 per violation as well as imprisonment for up to ten years!