Skip to content
VerifyED

Privacy & Compliance Certification Verification

How to Verify a CIPP Certification (Privacy Professional)

The Certified Information Privacy Professional (CIPP) is the most widely held data privacy certification in the world, issued by the International Association of Privacy Professionals (IAPP). As GDPR, CCPA, and other privacy laws drive compliance hiring, CIPP credentials are appearing frequently on resumes. Here is how to verify them.

· 6 min read

Quick answer

Verify IAPP privacy certifications through the IAPP member directory at iapp.org/about/membership/find-a-member. Search by name to confirm active membership and certification status. IAPP also issues Credly digital badges that candidates can share directly.

IAPP privacy certifications

IAPP offers a family of privacy certifications. The CIPP brand covers jurisdiction-specific privacy law; additional credentials cover privacy management and technology:

Credential Full Name Focus
CIPP/US Certified Information Privacy Professional / United States US federal and state privacy law (HIPAA, CCPA, COPPA, FERPA, etc.)
CIPP/E Certified Information Privacy Professional / Europe GDPR, ePrivacy Directive, European data transfer frameworks
CIPP/C Certified Information Privacy Professional / Canada PIPEDA, CASL, provincial privacy laws
CIPP/A Certified Information Privacy Professional / Asia Asia-Pacific privacy regimes (Singapore PDPA, Japan APPI, etc.)
CIPM Certified Information Privacy Manager Building and operating a privacy program
CIPT Certified Information Privacy Technologist Privacy by design, PETs, data engineering
FIP Fellow of Information Privacy Advanced designation; requires two IAPP certs + experience

Many privacy professionals hold two credentials — for example, CIPP/US + CIPM for US-focused data governance roles, or CIPP/E + CIPM for European multinational compliance.

How to verify via IAPP

IAPP maintains a searchable member directory for certified professionals:

  1. Go to iapp.org/about/membership/find-a-member
  2. Search the candidate's first name and last name
  3. Confirm their membership is active and note which certifications are listed (CIPP/US, CIPP/E, CIPM, etc.)
  4. Cross-reference with the specific credential claimed on the resume

IAPP also issues Credly digital badges for each certification. Ask the candidate to share their Credly badge link and verify the badge is active, the issuer is IAPP, and the earner name matches.

Membership must be current

IAPP certifications require active IAPP membership to remain valid. A lapsed membership means the certification is no longer in good standing, even if the exam was originally passed. The directory search will not return inactive members.

Renewal requirements

All IAPP certifications are maintained on a 2-year renewal cycle:

  • Active IAPP membership required each year (membership fee)
  • 20 Continuing Privacy Education (CPE) credits required per 2-year renewal period
  • Holding multiple IAPP certifications still requires only one membership and 20 CPE credits per 2-year period, regardless of how many certs are held
  • A Fellow of Information Privacy (FIP) designation requires two active IAPP certifications plus demonstrated privacy leadership

What CIPP signals for hiring

IAPP certifications are domain-knowledge credentials, not professional licenses. Unlike a law license or nursing license, there is no government regulator behind them. However, they are well-regarded in privacy, legal, HR, and compliance fields:

  • CIPP/E is the de facto standard for GDPR-focused privacy roles in legal and compliance
  • CIPP/US is commonly required for Chief Privacy Officer and privacy counsel roles at US companies
  • CIPM signals operational privacy program management (DPIAs, records of processing, vendor assessments)
  • CIPT is relevant for privacy engineers, data architects, and developers building privacy-by-design systems
  • FIP indicates recognized senior expertise in the privacy profession

Red flags

  • Name not found in IAPP's member directory (membership lapsed or certification was never earned)
  • Claiming CIPP/E for a GDPR-heavy role without active membership
  • Resume lists “CIPP” without specifying the jurisdiction (CIPP/US, CIPP/E, etc.) — ask for clarification
  • Credly badge link leads to an expired or revoked badge
  • “CIPP candidate” or “pursuing CIPP” stated as equivalent to holding the credential

Verification checklist

  • 1. Note which specific IAPP credential(s) the candidate claims (CIPP/US, CIPP/E, CIPM, CIPT, FIP)
  • 2. Search the IAPP member directory at iapp.org/about/membership/find-a-member
  • 3. Confirm membership is active and the claimed credential(s) are listed
  • 4. Optionally request a Credly badge link and verify it is active
  • 5. For GDPR roles: confirm CIPP/E (not just CIPP/US) is held

Verify the privacy candidate's educational background

Many privacy and compliance professionals hold law degrees or graduate degrees in information management. Use VerifyED to confirm the issuing institution is accredited and the program is legitimate.

Search Schools and Accreditation →