State mandated data privacy regulations are constantly evolving to meet the needs of the changing cybersecurity landscape. Staying up to date with these rules is critical to maintaining a compliant and functional cybersecurity program at your firm. In February, six data privacy regulations were presented around the U.S.:
- In Minnesota, a bill was introduced that would give individuals more rights to the data they share, including increased transparency obligations for businesses.
- In New York, lawmakers are working to provide consumers the right to obtain the names of all companies that have access to their data and to provide additional protections for data sharing and anonymity. The bill would also help fund an office of privacy and data protection for the state.
- In New York, consumers may also be granted the right to request categorical information about how their data is shared or sold by companies and for what business purpose it is being distributed.
- Oklahoma introduced a bill that would require businesses to provide consumers with a list of which personal information is being collected, provided, or sold to other groups.
- Virginia is taking steps to create a framework to protect personal data of consumers of large businesses. If passed, the bill would allow consumers to opt-out of personal data collection that is used for advertising, and to access, correct, and delete data records held by companies.
- In Washington, a bill was introduced that would allow consumers to opt-out of the processing of personal data by large companies if it were to be used for things like targeted advertising and profiling.
WHAT DOES THIS MEAN FOR ME?
If adopted, these proposed regulations could affect your firm, particularly if you engage third-party vendors that collect personal information and depending on where you do business. If you or a vendor collects data about consumers from any of the above states, your business may need to change its data privacy policies and procedures when new bills are passed into law.
It can be tedious and complicated for firms to keep track of the ever-changing state data privacy regulations and what to do when it could affect your operations. Fairview Cyber can help get your business up to speed by drafting and maintaining data privacy policies and procedures and assisting with vendor management processes. Contact us today if you have questions about state data privacy laws or if you want to learn more about what Fairview Cyber can do for your business.