
The European Union’s General Data Protection Regulation and the California Consumer Privacy Act of 2018 generated a tremendous level of interest in data privacy and data security among individuals, lawmakers, and businesses. As a result, there has been a remarkable uptick in the amount of state legislation introduced in the past several years, and the momentum continues to build. 2021 saw a steady stream of enforcement actions and class actions focused on data privacy and security. Eleven states have now enacted comprehensive data privacy laws and more have regulations covering data security.
On top of this, the Federal Trade Commission recently amended the Safeguards Rule, 16 C.F.R. § 314.1, et seq., with significant changes to how an information security program should be designed, what it must include, and who needs to be in charge. The Rule applies to many businesses beyond the scope of what are commonly understood to be “financial institutions” and has implications for service providers to covered entities.
In the absence of a federal data privacy act with preemption, businesses need to agilely adapt to the patchwork of federal and state laws and regulations. Our Data Privacy and Security team of attorneys is available to provide guidance on the Safeguards Rule and other federal and state data privacy and security laws and can assist you in integrating these laws into your compliance programs and operations. For more information, contact:
For further information on federal and state data privacy and security laws, visit our resources for Data Privacy and Security.
Analysis
FTC Amends Safeguards Rule; Nonbank Financial Institutions Must Report Data Breaches to the FTC
Delaware Enacts Personal Data Privacy Act
Oregon Enacts Comprehensive Consumer Data Privacy Act with Limited GLBA Exemption
Nevada Installment Loan Companies Subject to Significant New Data Security Requirements
Texas Enacts Data Privacy and Security Act with Small Business Exception
Texas Amends Data Breach Notification Law
Montana Enacts Comprehensive Consumer Data Privacy Law
State Comprehensive Consumer Data Privacy Laws


The California Consumer Privacy Act has been amended a number of times since it was enacted and changes continue to be made. Now is the time to fine-tune your compliance. Join Maurice Wutscher Principal Eric Rosenkoetter as he walks you through what steps you need to take to get your business ready to comply.