Best Iapp Certification Podcasts (2025)

1
Episode 97 — Cross-Domain Comparison: Federal, State, and International Overlaps 26:50

Play Pause

9d ago26:50

26:50

The final episode ties everything together by comparing U.S. federal privacy laws, state-level frameworks, and international regimes like the GDPR. We’ll highlight how similar principles—such as data subject rights, accountability, and security safeguards—take different forms across jurisdictions. We’ll also explore where overlaps create synergies …

1
Episode 96 — Recent Changes: Pennsylvania SB 696 and Utah S.B. 127 28:22

9d ago28:22

28:22

State privacy laws continue to evolve. This episode reviews recent changes, such as Pennsylvania SB 696, which updated breach notification requirements, and Utah S.B. 127, which amended cybersecurity provisions. These examples show how states adapt their frameworks to address new threats and policy priorities. For exam purposes, understanding recen…

1
Episode 95 — State Variations: Comparing Notification Timelines and Duties 21:52

9d ago21:52

21:52

Even within the common framework of breach notification, state differences matter. This episode compares notification timelines, which can range from “without unreasonable delay” to fixed deadlines like 30 or 45 days. We’ll also examine variations in whom to notify, from affected consumers to regulators and credit reporting agencies. Understanding …

1
Episode 94 — Breach Notification: Definitions, Triggers, and Scope 22:25

9d ago22:25

22:25

State breach notification laws form one of the most uniform yet varied areas of privacy law. This episode reviews the common elements—definitions of personal information, what constitutes a breach, and when notification is required. We’ll also explore differences across states, such as timelines, thresholds, and required content of notices. We’ll a…

1
Episode 93 — Enforcement Mechanics: Cure Periods and Penalties 22:32

9d ago22:32

22:32

Enforcement provisions determine how state privacy laws are applied in practice. This episode explains cure periods, which give businesses time to fix violations before penalties are imposed, and how these provisions differ across states. We’ll also examine penalties, remedies, and enforcement authority, often vested in state attorneys general or p…

1
Episode 92 — Other State Acts: Emerging Comprehensive Privacy Laws 23:42

9d ago23:42

23:42

Beyond California, Virginia, and Colorado, many states are adopting or considering comprehensive privacy laws. This episode surveys these developments, highlighting features of statutes in states like Connecticut, Utah, and others. We’ll discuss how they generally follow the same model of applicability thresholds, consumer rights, and controller/pr…

1
Episode 91 — Colorado Privacy Act: Rights, Duties, and Insurance Bias Provisions 24:35

9d ago24:35

24:35

Colorado’s Privacy Act builds on the momentum from California and Virginia, offering a comprehensive framework with unique twists. This episode reviews its applicability standards, consumer rights, and controller/processor obligations, including data protection assessments. We’ll also cover Colorado’s focus on fairness in insurance, with rules addr…

1
Episode 90 — Virginia CDPA: Consumer Data Protection Act Essentials 23:12

9d ago23:12

23:12

Virginia’s Consumer Data Protection Act (CDPA) established one of the first comprehensive state privacy frameworks outside California. This episode reviews its applicability thresholds, consumer rights, and obligations for controllers and processors. We’ll also discuss how the CDPA balances business flexibility with consumer protections. We’ll high…

1
Episode 89 — California Delete Act: Data Broker Registration and Rights 22:19

9d ago22:19

22:19

The California Delete Act introduces obligations for data brokers, requiring them to register and enabling consumers to request deletion of their data from all registered brokers at once. This episode explores the mechanics of the Act, its impact on the data broker industry, and how it expands consumer control. We’ll also review enforcement provisi…

1
Episode 88 — California AADC: Age-Appropriate Design Code Protections 25:28

9d ago25:28

25:28

Children’s privacy receives special attention in California’s Age-Appropriate Design Code Act (AADC). This episode explains its requirements for online services likely to be accessed by minors, including risk assessments, high privacy default settings, and restrictions on profiling. The law reflects growing concern about children’s digital wellbein…

1
Episode 87 — California CCPA/CPRA: Comprehensive Consumer Privacy Framework 27:13

9d ago27:13

27:13

California remains the leader in state privacy law. This episode reviews the California Consumer Privacy Act (CCPA) and its amendment through the California Privacy Rights Act (CPRA). We’ll explore applicability thresholds, data subject rights, notice obligations, and enforcement by the California Privacy Protection Agency. We’ll also highlight how…

1
Episode 86 — AI Bias and ADM: NAIC AIS Guidelines, NYC AEDT, and State Rules 26:43

9d ago26:43

26:43

Automated decision-making (ADM) and artificial intelligence raise fairness and discrimination concerns. This episode introduces the NAIC Artificial Intelligence Governance Guidelines, New York City’s Automated Employment Decision Tools (AEDT) law, and state-level rules in California and Colorado. We’ll examine requirements for transparency, testing…

1
Episode 85 — Biometric Privacy: IL BIPA, WA, TX, and Related Statutes 28:14

9d ago28:14

28:14

Biometric privacy laws impose strict requirements on collecting and using data such as fingerprints, facial recognition, and iris scans. This episode covers the Illinois Biometric Information Privacy Act (BIPA), which requires consent, disclosure, and safeguards, as well as similar statutes in Washington and Texas. We’ll also review the growing num…

1
Episode 84 — Cookies and Tracking: Online Privacy Regulations 27:24

9d ago27:24

27:24

State laws increasingly regulate cookies, pixels, and online tracking. This episode explains how transparency, consent, and opt-out obligations apply to digital advertising technologies. We’ll discuss requirements for cookie banners, preference signals, and global opt-out mechanisms. We’ll also highlight enforcement actions where regulators targete…

1
Episode 83 — Health Data Rules: WA MHMD, NV Health Data Act, and IL GIPA 25:57

9d ago25:57

25:57

Beyond HIPAA, states have introduced new health data privacy statutes. This episode explores Washington’s My Health My Data Act (MHMD), Nevada’s Consumer Health Data Privacy Act, and Illinois’ Genetic Information Privacy Act (GIPA). We’ll review how these laws define consumer health data, impose consent requirements, and establish rights for deleti…

1
Episode 82 — State Security Requirements: Common Controls Across Jurisdictions 22:06

9d ago22:06

22:06

Most state privacy laws include explicit security requirements. This episode reviews common obligations such as implementing reasonable safeguards, risk-based controls, encryption, and access restrictions. While states vary in language, the underlying expectation is that businesses adopt practices proportional to the sensitivity of data. We’ll also…

1
Episode 81 — Data Protection Agreements: Contracts and Assessments 21:33

9d ago21:33

21:33

Contracts are central to ensuring compliance with state privacy laws. This episode explains how data protection agreements define the obligations between controllers and processors, including rules for data use, security, subcontracting, and breach notification. We’ll also review assessment requirements, where organizations must conduct and documen…

1
Episode 80 — Privacy Notices: Transparency and Consumer Disclosures 21:41

9d ago21:41

21:41

Transparency is a cornerstone of state privacy laws. This episode covers the requirements for privacy notices, including disclosures about data collection, use, sharing, and consumer rights. We’ll examine layered notices, just-in-time disclosures, and special statements for sensitive data or financial incentives. We’ll also highlight enforcement tr…

1
Episode 79 — Data Subject Rights: Access, Deletion, Portability, and Consent 22:14

9d ago22:14

22:14

State laws grant individuals a suite of rights over their personal data. This episode explains the rights to access, correct, delete, and port data, as well as opt-out and consent requirements. We’ll highlight how these rights compare across major state frameworks like California’s CCPA/CPRA, Virginia’s CDPA, and Colorado’s Privacy Act. We’ll also …

1
Episode 78 — Applicability Tests: Resident Thresholds, Revenue, and Exemptions 21:40

9d ago21:40

21:40

Comprehensive state privacy laws often hinge on applicability thresholds. This episode explores the criteria that determine whether a business must comply, such as number of state residents, annual revenue, or percentage of revenue from selling personal information. We’ll also cover common exemptions, including nonprofit entities, small businesses,…

1
Episode 77 — State Authority: Attorneys General and CPPA Oversight 22:59

9d ago22:59

22:59

State enforcement has become increasingly influential in privacy regulation. This episode examines the role of state attorneys general, who bring actions under both state privacy laws and general consumer protection statutes. We’ll also focus on the California Privacy Protection Agency, which has broad authority under the CCPA and CPRA to issue reg…

1
Episode 76 — Domain V Overview: Role of States in the U.S. Privacy Framework 23:18

9d ago23:18

23:18

Domain V introduces state privacy laws, which increasingly shape the U.S. privacy landscape. This episode provides an overview of how state authority interacts with federal law, highlighting the roles of state attorneys general, legislatures, and agencies like the California Privacy Protection Agency. We’ll also discuss how states serve as “laborat…

1
Episode 75 — Post-Employment: Records, References, and Retention Duties 23:39

9d ago23:39

23:39

Privacy obligations continue even after employment ends. This episode reviews how employers manage personnel records after termination, including requirements for retention and eventual disposal. We’ll also cover privacy issues in providing references, balancing truthfulness with obligations to protect sensitive information. We’ll discuss how state…

1
Episode 74 — ECPA at Work: Employer Obligations and Exceptions 23:14

9d ago23:14

23:14

The Electronic Communications Privacy Act (ECPA) plays a major role in regulating workplace privacy. This episode explains how the Act governs the interception and access of electronic communications, including email and phone calls, in the employment context. We’ll cover key exceptions that permit monitoring, such as the consent of at least one pa…

1
Episode 73 — Internal Investigations: Misconduct, Documentation, and Handling 23:44

9d ago23:44

23:44

Organizations must often conduct internal investigations into employee misconduct, which involves significant privacy considerations. This episode explores how investigations collect and handle personal information, including interviews, system logs, and third-party services. We’ll discuss the importance of documenting evidence while respecting the…

1
Episode 72 — Biometrics and Location: LBS, Wearables, and Wellness Programs 23:35

9d ago23:35

23:35

Biometric data and location-based services present unique privacy challenges in the workplace. This episode reviews how employers use tools like fingerprint scanners, facial recognition, GPS tracking, and wearable devices to monitor attendance, productivity, and health. We’ll cover the privacy risks, consent requirements, and the patchwork of state…

1
Episode 71 — Employee Monitoring: Computers, Email, Phone, and Video 23:52

9d ago23:52

23:52

Employers often monitor employees’ use of technology and communications systems, raising important privacy issues. This episode examines the scope of monitoring activities, including computer usage, email systems, telephone records, and workplace video surveillance. We’ll explain how notice and consent play central roles in shaping the legality of …

1
Episode 70 — Social Media Monitoring: Policies and Union Considerations 22:55

9d ago22:55

22:55

Employers increasingly monitor social media use, both during hiring and employment. This episode explores the privacy risks, including potential discrimination, reputational harm, and conflicts with labor rights. We’ll examine how the National Labor Relations Board protects “concerted activity” on social platforms, limiting how employers can respon…

1
Episode 69 — Background Screening: Psychological Tests, Polygraphs, and Drug Testing 23:07

9d ago23:07

23:07

Employers often rely on background screening to evaluate candidates, but privacy laws set clear limits. This episode examines psychological and integrity tests, restrictions on polygraph testing under the Employee Polygraph Protection Act, and the privacy considerations in drug and alcohol testing. We’ll also discuss how the Fair Credit Reporting A…

1
Episode 68 — Pre-Employment Tools: AI Hiring and Bias Mitigation 23:52

9d ago23:52

23:52

Employers increasingly use AI-driven tools for hiring, but these technologies raise privacy and fairness concerns. This episode explains how automated decision-making tools are regulated, including requirements for transparency, bias audits, and applicant rights. We’ll also explore how these tools intersect with anti-discrimination laws and state A…

1
Episode 67 — Federal Agencies: FTC, DOL, EEOC, NLRB, and OSHA Roles 24:38

9d ago24:38

24:38

Multiple federal agencies shape employment privacy. This episode covers the Federal Trade Commission’s oversight of data security promises, the Department of Labor’s authority over wage and hour records, the Equal Employment Opportunity Commission’s enforcement of anti-discrimination laws, the National Labor Relations Board’s protection of concerte…

1
Episode 66 — Workplace Privacy Concepts: Notice, Expectation, and Anti-Discrimination 25:14

9d ago25:14

25:14

Workplace privacy is grounded in concepts of notice, reasonable expectation of privacy, and nondiscrimination. This episode examines how employers must provide clear notice of monitoring practices, and how courts evaluate whether employees reasonably expected privacy in various contexts. Anti-discrimination laws add another layer of protection, pre…

1
Episode 65 — Domain IV Overview: Employment Privacy from Hiring to Termination 26:24

9d ago26:24

26:24

Domain IV addresses privacy issues throughout the employment lifecycle. This episode provides an overview of pre-employment screening, workplace monitoring, and post-employment records retention. We’ll highlight the key statutes and agencies that regulate employment privacy, including the Civil Rights Act, the Americans with Disabilities Act, and t…

1
Episode 64 — E-Discovery: Managing Personal Data in Civil Litigation 26:12

9d ago26:12

26:12

Civil litigation often requires the disclosure of large volumes of data, raising significant privacy concerns. This episode explains the role of electronic discovery (e-discovery), including how personal information is identified, reviewed, and produced during legal proceedings. We’ll cover how protective orders, redaction, and anonymization techni…

1
Episode 63 — Media Protections: Privacy Protection Act and Compelled Disclosure 23:21

9d ago23:21

23:21

Media and journalism face unique privacy issues when government seeks access to information. This episode covers the Privacy Protection Act of 1980, which restricts government searches and seizures of media materials. We’ll explore how this law protects journalists from compelled disclosure and balances press freedom with law enforcement needs. We’…

1
Episode 62 — CISA: Cybersecurity Information Sharing and Liability Protections 26:37

9d ago26:37

26:37

The Cybersecurity Information Sharing Act (CISA) encourages private companies to share cyber threat information with the government. This episode explains how the Act provides liability protections for organizations that participate, while also imposing requirements to remove personal information where possible. We’ll explore how CISA fits into the…

1
Episode 61 — USA Freedom Act: Reforms to Bulk Collection 26:23

9d ago26:23

26:23

This episode covers the USA Freedom Act of 2015, which curtailed some of the sweeping surveillance authorities established under the USA PATRIOT Act. We’ll review how the Act ended bulk collection of telephone metadata by the National Security Agency, replacing it with a more targeted system requiring judicial approval. The reforms reflected public…

1
Episode 60 — USA PATRIOT Act: Expanded Authority for Security Investigations 25:29

9d ago25:29

25:29

Passed after September 11, the USA PATRIOT Act expanded government surveillance powers. This episode covers how the Act broadened authority for accessing communications, financial records, and other personal data in the name of counterterrorism. We’ll examine key provisions, including roving wiretaps and National Security Letters, and the privacy i…

1
Episode 59 — National Security: FISA and Section 702 Surveillance Authorities 25:38

9d ago25:38

25:38

National security laws create unique privacy challenges. This episode introduces the Foreign Intelligence Surveillance Act (FISA) and its Amendments Act, particularly Section 702, which authorizes surveillance of foreign targets. We’ll explain how these authorities intersect with data from U.S. companies and why they raise global privacy concerns. …

1
Episode 58 — Communications Access: ECPA, CALEA, and Lawful Intercepts 25:40

9d ago25:40

25:40

Access to communications is one of the most sensitive areas of privacy law. This episode explores the Electronic Communications Privacy Act (ECPA), which regulates wiretaps and stored communications, and the Communications Assistance for Law Enforcement Act (CALEA), which requires telecom providers to enable lawful intercepts. We’ll also highlight …

1
Episode 57 — Financial Data Access: RFPA and BSA Requirements 26:46

9d ago26:46

26:46

Government access to financial data is governed by specific laws. This episode covers the Right to Financial Privacy Act (RFPA), which sets limits on government access to bank records, and the Bank Secrecy Act (BSA), which requires institutions to monitor and report suspicious activity. These laws illustrate the tension between privacy rights and g…

1
Episode 56 — Domain III Overview: Privacy and Government Requests for Data 28:03

9d ago28:03

28:03

Domain III introduces the critical issue of government access to private-sector information. This episode provides an overview of how laws regulate subpoenas, warrants, and requests from law enforcement or intelligence agencies. We’ll highlight statutes like the Electronic Communications Privacy Act (ECPA), the Foreign Intelligence Surveillance Act…

1
Episode 55 — Web Scraping: Data Ethics and Legal Risk Considerations 25:03

9d ago25:03

25:03

Web scraping raises both ethical and legal challenges. This episode explains how scraping can collect vast amounts of personal information, often without consumer knowledge. We’ll discuss relevant statutes, contract law through terms of service, and enforcement actions related to unauthorized scraping. We’ll also consider the risks organizations fa…

1
Episode 54 — Digital Advertising: Behavioral Tracking and Privacy Implications 24:53

9d ago24:53

24:53

Digital advertising relies heavily on tracking and profiling. This episode covers cookies, pixels, and device identifiers, along with how they enable targeted ads. We’ll examine the privacy implications of these practices, including transparency, consent, and opt-out mechanisms. We’ll also discuss how regulators approach online behavioral advertisi…

1
Episode 53 — Do-Not-Call Registries: DNC and Wireless Domain Registry 22:28

9d ago22:28

22:28

Telemarketing restrictions extend beyond the TSR and TCPA through registries that give consumers control. This episode explains the National Do-Not-Call (DNC) Registry, how consumers enroll, and the obligations it imposes on telemarketers. We also review the Wireless Domain Registry, which protects consumers from unwanted text marketing. These regi…

1
Episode 52 — Telecom and Media Statutes: Telecommunications Act, Cable Act, VPPA, and DPPA 21:57

9d ago21:57

21:57

Telecommunications and media involve a complex mix of statutes. This episode reviews the Telecommunications Act of 1996, which regulates customer proprietary network information, the Cable Communications Policy Act of 1984, which addresses subscriber privacy, and the Video Privacy Protection Act (VPPA), which restricts disclosure of video rental re…

1
Episode 51 — Email and Fax Marketing: CAN-SPAM and JFPA 19:17

9d ago19:17

19:17

Electronic communications are major areas of privacy regulation. This episode explores the CAN-SPAM Act, which sets standards for commercial email, including opt-out requirements, truth in subject lines, and identification of advertisements. We’ll also cover the Junk Fax Prevention Act (JFPA), which restricts unsolicited fax marketing and outlines …

1
Episode 50 — Telemarketing Rules: TSR and TCPA 17:14

9d ago17:14

17:14

Telemarketing is tightly regulated under the Telemarketing Sales Rule (TSR) and the Telephone Consumer Protection Act (TCPA). This episode explains the key provisions, including requirements for disclosures, restrictions on calling times, and consent for autodialed or prerecorded calls. We’ll also review penalties for violations and the role of the…

1
Episode 49 — EdTech Risks: Privacy and Security in Educational Technologies 19:17

9d ago19:17

19:17

As schools adopt digital platforms, new privacy and security risks emerge. This episode explores issues such as online learning platforms collecting student data, targeted advertising in education settings, and cybersecurity vulnerabilities. We’ll also discuss how FERPA and other laws address these risks, along with guidance from regulators. We’ll …

1
Episode 48 — FERPA: Education Records and Student Rights 19:41

9d ago19:41

19:41

The Family Educational Rights and Privacy Act (FERPA) governs the privacy of student education records. This episode explains the rights it grants to parents and students, including access, correction, and consent for disclosure. We’ll also review exceptions, such as disclosures to school officials or in cases of health and safety emergencies. We’l…