Tennessee Information Protection Act (TIPA) Awareness Course

Coming Soon: March 2026 Delivery: 100% online Duration: 30-35 minutes Certificate on Completion

0:00

15,000+ learners across our course collection. Immediate access on launch. 14 day 100% money-back guarantee.

Tennessee's privacy law is uniquely business-friendly - it has the highest applicability thresholds of any US state AND provides an affirmative defence for NIST compliance. If your organisation processes data of 175,000+ Tennessee consumers and has $25M+ in revenue, understanding TIPA is essential.

This course gives your team practical guidance on the Tennessee Information Protection Act. We cover who the law applies to, what rights Tennessee residents have, the unique NIST Privacy Framework defence, and how the permanent 60-day cure period works.

TIPA also includes treble damages for willful violations - making intentional non-compliance particularly risky. Understanding how to leverage NIST compliance as a legal shield is a key strategic advantage. No technical background required - just focused, practical training your team can apply immediately.

Why learn about the TIPA?

Understand if your organisation meets the highest thresholds in US state privacy law
Learn how NIST Privacy Framework compliance provides an affirmative legal defence
Handle consumer data requests correctly within required timeframes
Avoid treble damages for willful violations
Leverage the permanent 60-day cure period effectively

Course features

Tennessee-specific

Focused entirely on the TIPA with Tennessee-specific requirements, thresholds, and the unique NIST affirmative defence.

Practical scenarios

Real-world examples and case studies showing how the TIPA applies in everyday business situations.

NIST framework guidance

Practical guidance on implementing NIST Privacy Framework practices that qualify for the affirmative defence.

Official sources

Built from the Tennessee Code and official guidance, with references to authoritative documentation.

Learning with us

Course information

Learning outcomes

Understand when and how the TIPA applies to your organisation
Know the rights Tennessee residents have over their personal data
Recognise sensitive data and understand the opt-in consent requirement
Understand how NIST compliance provides an affirmative legal defence
Understand the cure period, penalties, and treble damages provisions

Training recommendations

All employees who handle customer data should complete this training.
Annual refresher training is recommended to stay current with any amendments and enforcement developments.
Teams handling sensitive data or consumer requests may benefit from additional role-specific training.

This course is recommended for

Employees who handle customer data at larger organisations (175,000+ consumers, $25M+ revenue) that conduct business in Tennessee or target Tennessee residents. This includes marketing, sales, customer service, HR, IT, and compliance teams.

Prerequisites

There are no prerequisites for this course. No legal or technical background is required.

What do I need for this course?

This course is 100% online and delivered through our online learning platform. Organisations can also access this content via their own LMS on request (SCORM format available).

Course content

Section 1: Understanding the TIPA

In this section we introduce the Tennessee Information Protection Act and explain why it matters for your organisation. We cover when the law applies, who it protects, and the unique thresholds that make this one of the most business-friendly state privacy laws.

Lessons

Introduction to the TIPA
Who the law applies to
The 175,000 consumer + $25M revenue threshold
Key definitions explained

Section 2: Consumer Rights Under TIPA

Tennessee residents have specific rights over their personal data. In this section we cover what those rights are, how to recognise a valid request, and what your obligations are when you receive one.

Lessons

The right to know and access
The right to correction and deletion
The right to data portability
The right to opt out of sales and targeted advertising
Handling consumer requests

Section 3: Sensitive Data Requirements

The TIPA requires opt-in consent before processing sensitive data. We explain what counts as sensitive data under Tennessee law and how to handle it correctly.

Lessons

What is sensitive data under TIPA?
The opt-in consent requirement
Children's data protections
Biometric and health data considerations

Section 4: Controller and Processor Obligations

This section covers the operational requirements of the TIPA including data minimisation, purpose limitation, security obligations, and working with third-party processors.

Lessons

Data minimisation principles
Purpose limitation requirements
Security obligations
Processor contracts and responsibilities
Data protection assessments

Section 5: NIST Framework Compliance

Tennessee is unique in providing an affirmative defence for organisations that comply with the NIST Privacy Framework. We explain what this means and how to leverage it.

Lessons

Understanding the NIST Privacy Framework
How NIST compliance provides legal protection
The affirmative defence explained
Implementing NIST-aligned practices

Section 6: Enforcement and Compliance

Understand the enforcement landscape, the permanent 60-day cure period, and what penalties look like including treble damages for willful violations.

Lessons

Attorney General enforcement
The permanent 60-day cure period
Civil penalties structure
Treble damages for willful violations
Responding to investigations

Section 7: Assessment

Test your knowledge with scenario-based questions covering all the key TIPA concepts from the course.

Lessons

Knowledge check (10 questions)

How it works

Step 1

Get notified

Sign up to be notified when this course launches. You'll be among the first to know and can start training your team immediately.

Step 2

Start learning

Each team member will have access to the learning materials and assessment. On completion of the course, team members will be issued with a certificate.

Step 3

Stay compliant

As the TIPA evolves and guidance is issued, we'll update the course. Trainees can review updated materials to stay current.

What's included

Training

Distraction-free online learning platform
Scenario-based end of course assessment

Updates

Access to all course material updates and enhancements for the length of your access period

Certification

Certificate on completion

Course FAQs

Will I get a certificate?

Yes, on completion of the course you will be issued with a digital certificate. It will be issued by our team shortly after completion of the course including the end of course assessment. You can add this to your LinkedIn profile.

Who should take this course?

This course is designed for employees who handle customer data at organisations that may be subject to Tennessee's privacy law. This includes marketing, sales, customer service, HR, and IT teams at larger organisations (175,000+ consumers and $25M+ revenue) that process data of Tennessee residents.

How is TIPA different from other state privacy laws?

Tennessee's TIPA stands out in several ways: it has the HIGHEST applicability thresholds (175,000 consumers AND $25M revenue), a permanent 60-day cure period, and uniquely provides an affirmative defence for organisations that comply with the NIST Privacy Framework. It also includes treble damages for willful violations.

Does TIPA apply to my organisation?

TIPA applies to organisations that conduct business in Tennessee or produce products or services targeted to Tennessee residents AND meet BOTH thresholds: processing personal data of 175,000+ Tennessee consumers AND having gross revenue exceeding $25 million. These are the highest thresholds of any US state privacy law.

What is the NIST affirmative defence?

Tennessee uniquely provides an affirmative defence for organisations that create, maintain, and comply with a written privacy program that reasonably conforms to the NIST Privacy Framework. This can provide significant legal protection if your organisation faces enforcement action.

Is there a money back guarantee?

Yes, we offer a 14-day 100% money-back guarantee. If you are not satisfied with the course for any reason, simply contact us within 14 days of purchase for a full refund.

How long does the course take?

The course typically takes 30-35 minutes to complete. You can pause and resume at any time, and your progress is automatically saved.