Certain content in the IAPP Resource Center is member-only. Not a member? Join now.
Tools and Trackers
US State Privacy Legislation Tracker
At-a-Glance: Salary and Jobs Report 2025–26
Privacy Engineering: Physical Architect
EU AI Act: Regulatory Directory
Privacy Engineering: UX Designers
Privacy Engineering: Data Scientist
Privacy Engineering: Software Developers and Engineers
Privacy Engineering: IT Infrastructure Architect
Data Security Program Cheat Sheet
Global AI Law and Policy Tracker
Navigate: Digital Risk Index 2025
10 tips for protecting children’s privacy online
At-a-Glance: AI Governance Profession Report 2025
Incident Notification and Information Sharing Requirements: EU Digital Laws
Ten steps to successful ransomware response
Mapping and Understanding the AI Governance Ecosystem
EU AI Act: Next Steps for Implementation
Digital Governance in Europe: A Stakeholder Map of European Institutions and Regulators
Key Dates of Federal Data Privacy Reform in Australia
At-a-Glance: Privacy Governance Report 2024
EU Product Liability Directive Reform: 101
European Strategy for Data – Overview of New Regulations
California Privacy and AI Legislation Tracker
Top 10 tips for career advancement: Empowering women in privacy
10 Tips for Global Compliance with Privacy and Data Protection Laws
At-a-Glance: AI Governance in Practice Report 2024
Global Cross-Border Privacy Rules – Guidance and Resources
Implementing Trans-Atlantic Transfers
European Parliament term recap
EU AI Act: The web of regulatory intersections
American Privacy Rights Act cheat sheet
The Intersection of Privacy and AI Governance
Enacted Federal Statutes with PRA
Global data transfer contracts
US Institutions Privacy Stakeholder Map
Navigating Government Access to Private Data in the EU
California Rulemaking Process Overview
At-a-Glance: IAPP-EY Professionalizing Organizational AI Governance Report
What AI Governance Leaders are Thinking About
Countries At-a-Glance: Privacy and Consumer Trust
At-a-Glance: Privacy Risk Study 2023
EU-US Data Privacy Framework – Guidance and Resources
Privacy Resources for Digital Health Data
EU decision-making at a glance: How do EU laws get approved?
At-a-Glance: Privacy and Consumer Trust
Requirements of the GDPR-mandated DPO
Refresher: The GDPR’s Six Legal Bases for Data Processing
Text comparison of principles for commercial transfers: From Privacy Shield to DPF
Scope of the draft American Data Privacy and Protection Act
UK DPDI Bill: Comparative analysis with the EU GDPR and ePrivacy framework
From Privacy Shield to the Trans-Atlantic Data Privacy Framework
Show me the privacy money – Budget and Staffing
FTC Privacy Rulemaking – The Steps to Get There
Data Protection Officer Requirements by Country
How To Get Started in Privacy Law
Key provisions of BIPA legislation
Transfer Impact Assessment Templates
DPA and government guidance on ‘Schrems II’
EU Standard Contractual Clauses
How Defendants Are Attacking CCPA Claims
Frequently Asked Questions & Resources on ‘Schrems II’
Article 49 Derogations Summary Table
How to Provide DPO Contact Information to Your DPA
US State Data Breach Notification Chart
Summary of CPRA Contractual Obligations
How to get started in privacy engineering
The impact of the CJEU’s decision on ‘Schrems II’
CCPA Enforcement: Civil penalties companies can face
The Top 10 Most Impactful Provisions of the CPRA
COVID-19 Testing and Health Monitoring
Expedited Vendor Privacy and Security Assessment Checklist
Comparison of Indian PDPB 2019 and GDPR
Avoiding the pitfalls of CCPA noncompliance
EU Member State DPIA Whitelists, Blacklists and Guidance
The largest global privacy and security fines
What is selling under the CCPA
ABA Data Breach Response Flowchart
What triggers a DPIA under the GDPR
Consumer Privacy Notice Template
Understanding and Assessing Professional Credentials and Training
Sample Data Processing Agreement
Privacy Engineer Sample Job Description
US-EU Safe Harbor – Guidance and Resources
Comparison of the FOIA and Privacy Act
Sample Job Description of the Chief Privacy Officer
View More
Reports
AI Governance Profession Report 2025
Privacy Governance Report 2024
Organizational Digital Governance Report
Privacy Curricula in US Law Schools
Responsible AI Management Report
AI Governance in Practice Report 2024
Professionalizing Organizational AI Governance Report
Privacy and Consumer Trust Report
Privacy and AI Governance Report
Privacy in M&A Transactions Playbook
Privacy in the Wake of COVID-19
Benefits, Attributes and Habits of Mature Privacy and Data Protection Programs
Measuring Privacy Operations Report
How Privacy Tech Is Bought and Deployed Report
Market for Data Privacy Legal Services Report
How IT and Infosec Value Privacy Report
The Top 10 Operational Impacts of the GDPR
View More
Research Articles
PETs: Beyond privacy-enhancing
Ninth Circuit takes cautious approach to privacy and data security standing
10 tips to prepare for the EU Cyber Resilience Act
Global AI Governance Law and Policy: Canada
Global AI Governance Law and Policy: US
Global AI Governance Law and Policy: South Korea
Examining Western cyber policy reactions to China’s rise in the digital age
Data brokers, beware: Distinguishing PADFAA from the DOJ’s DSP
Whose risk is it anyway? How positions and perspectives inform digital risks
Risk analysis is the foundation of data security, but regulator approaches differ
California adopts Cybersecurity Audit Rule, outlining ‘reasonable’ cybersecurity
AI in every home: Analyzing the public comments behind the White House AI Action Plan
US state AI legislation: Reviewing the 2025 session
AI governance in the agentic era
UK data reform: Where have we landed?
Global AI Governance Law and Policy: Singapore
Global AI Governance Law and Policy: India
Emerging trends, insights from public enforcement of US state privacy laws
Global AI law and policy trends update
New threads in the patchwork: Key trends in US comprehensive state privacy law amendments
The final days of grace: Preparing for the U.S. sensitive data rule
Digital risk: Nothing ventured, nothing gained
The ethical use of AI in advertising
How different jurisdictions approach AI regulatory sandboxes
Compliance technology adoption: Navigating and overcoming challenges
Policy analysis: US House committee seeks moratorium on state AI rules
The increasing need to address digital governance
TAKE IT DOWN Act: The next bipartisan US federal privacy, AI law
New developments in global adequacy capabilities
View More
Article Series
Top 10 operational impacts of India’s DPDPA
Standardization landscape for privacy
State AGs on privacy, cybersecurity, enforcement and legislation
Top 5 Operational Impacts of China’s PIPL
Top 10 operational impacts of the CPRA
Top 5 operational impacts of Brazil’s LGPD
Guidance notes for responding to ‘Schrems II’
How to Build a Culture of Privacy
Top 5 Operational Impacts of the CCPA
Top 10 operational responses to the GDPR
Monetizing Personal Information Series
Benchmarking your Privacy Incident Management Program
Shopping Smart for Cyberinsurance Series
Economics of Cybercrime Series
Building a Program that Provides Value
Key Attributes of a Successful Privacy Program
How the C-Suite Should Talk About Cybersecurity
Starting up privacy at a start-up
Monitoring Your Privacy Program Series
Third-Party Vendor Management Means Managing Your Own Risk
Ten Steps to a Quality Privacy Program
View More
Podcasts, Videos, Web Conferences
View All: Podcasts, Videos, Web Conferences
Discussing privacy in New Zealand in 2025
On leadership in digital governance: A chat with Ruby Zefo
EU digital law and policy: Making sense of the matrix
Data foundations for AI success: How governance powers privacy and compliance
New cybersecurity risks of the False Claims Act
AI governance in the agentic era
Data domino effect: How one missed data point can threaten your privacy program
You have been tracked: Consent, AI and the new privacy frontier
What makes an AI governance professional: A discussion with Ashley Casovan
EU-US Data Transfers: Reaction to the Latombe Judgment
The EU AI Act is here: Are global organizations ready?
Anticipating and preparing for changes in AI policy
New EU Mandate: What it means for your digital governance program (Part 2)
Age assurance: What’s working, what’s possible, what’s required
HIPAA compliance alert: Avoid breaches from online trackers on health websites
Behind the camera with ‘Privacy People’ documentarian and privacy pro Stephen Bolinger
Next steps for the CPPA: Priorities, approved regulations, legislation and more
UK Data Act: Key provisions and next steps for implementation
Agentic AI: Navigating the tension between privacy and the next generation of AI
Data governance and metaverse technologies
Geopolitics, national security and government access to data and technology
Risks and potential protections for children in the online world
Adapting antitrust metrics and regulations to the digital economy to protect consumer rights
What’s next after the AI moratorium?
Safe surfing: Protecting kids in the digital age
New EU Mandate: What it means for your digital governance program
AI agents and agentic AI: What privacy and AI governance leaders must know now
From global principles to APAC practice: Governing AI responsibly
Built to scale: Privacy and AI risk frameworks
Discussing the DPC Annual Report 2024
View More
Content Type Pages
Topic Pages
Regional Pages
Featured Topics
Privacy by Region
Browse Topics
Building Your Career
Cloud Computing
Crafting a Privacy Notice
Cross-Device Tracking
Data Protection and Privacy Impact Assessments
Deidentification
Encryption
EU ePrivacy Regulation
Financial Technology
Incident and Breach Management
Location Privacy
Organizational Privacy Policies
Privacy In Education
Prudence the Privacy Pro
Small- and Medium-Sized Businesses
Workplace Privacy
Recently Added Resources
Global AI Governance Law and Policy: Australia
This article analyzes the laws, policies, and broader contextual history and developments relevant to AI governance in Australia. Read More
Guidance for Early Career Professionals in Privacy Law
This resource, developed by the IAPP Privacy Bar Section Advisor Board provides guidance for early career professionals in privacy law, including skills in focus, career resources, milestones and more. Read More
Global AI Governance Law and Policy: United Kingdom
This article analyzes the laws, policies, and broader contextual history and developments relevant to AI governance in the U.K. Read More
US State Comprehensive Privacy Laws Report
This report analyzes similarities and differences between enacted U.S. comprehensive state privacy laws. Read More
Scaling trust: Building AI governance that drives strategy and value
Resource Center / Web Conferences / Scaling trust: Building AI governance that drives strategy and value Scaling trust: Building AI governance that drives strategy and value Original broadcast date: October 2025 Register for Web ConferenceView all Web Conferences In this webinar, you will hear firsthand how ServiceNow operationalized AI governance across its organization and how that foundation is now evolving into a broader data governance strategy. Accessing the on-dem... Read More
US Federal Privacy Legislation Tracker
The IAPP Research and Insights team tracks and organizes the privacy-related bills proposed in the U.S. Congress to keep our members informed of developments within the federal privacy landscape. The “US Federal Privacy Legislation Tracker” includes proposed legislation organized by topic and summarizes the key parts of each bill to shed light on the most impactful provisions. Read More
US State Privacy Legislation Tracker
This tool tracks comprehensive US state privacy bills to help our members stay informed of the changing state privacy landscape. Read More
Global AI Governance Law and Policy: European Union
This article analyzes the laws, policies, and broader contextual history and developments relevant to AI governance in the EU. Read More
US State AI Governance Legislation Tracker
This tool tracks US state cross-sectoral laws with direct application to the use of AI systems in the private sector. Read More
Data foundations for AI success: How governance powers privacy and compliance
Resource Center / Web Conferences / Data foundations for AI success: How governance powers privacy and compliance Data foundations for AI success: How governance powers privacy and compliance Original broadcast date: October 2025 Register for Web ConferenceView all Web Conferences In this webinar, you will learn how foundational data governance practices enable scalable privacy programs and trustworthy AI. Expect real-world examples, actionable insights and expert guidance from... Read More