
The European Union’s General Data Protection Regulation and the California Consumer Privacy Act of 2018 generated a tremendous level of interest in data privacy and data security among individuals, lawmakers, and businesses. As a result, there has been a remarkable uptick in the amount of state legislation introduced in the past several years, and the momentum continues to build. 2021 saw a steady stream of enforcement actions and class actions focused on data privacy and security. Nine states have now enacted comprehensive data privacy laws and more have regulations covering data security.
On top of this, the Federal Trade Commission recently amended the Safeguards Rule, 16 C.F.R. § 314.1, et seq., with significant changes to how an information security program should be designed, what it must include, and who needs to be in charge. The Rule applies to many businesses beyond the scope of what are commonly understood to be “financial institutions” and has implications for service providers to covered entities.
In the absence of a federal data privacy act with preemption, businesses need to agilely adapt to the patchwork of federal and state laws and regulations. Our Data Privacy and Security team of attorneys is available to provide guidance on the Safeguards Rule and other federal and state data privacy and security laws and can assist you in integrating these laws into your compliance programs and operations. For more information, contact:
For further information on federal and state data privacy and security laws, visit our resources for Data Privacy and Security.
Analysis
Texas Amends Data Breach Notification Law
Montana Enacts Comprehensive Consumer Data Privacy Law
‘Tennessee Information Protection Act’ with NIST Security Standards Enacted
Indiana Enacts Comprehensive Consumer Data Privacy Law
Kansas Financial Institutions Information Security Act Approved by Governor
Texas Data Privacy and Security Act Moving Forward
Iowa Becomes Sixth State to Enact Comprehensive Consumer Data Privacy Law
State Comprehensive Consumer Data Privacy Laws
- California Consumer Privacy Act
- California Consumer Privacy Act Regulations
- Colorado Privacy Act
- Connecticut Data Privacy Act
- Indiana Consumer Data Protection Act
- Iowa Consumer Data Protection Act
- Montana Consumer Data Privacy Act
- Tennessee Information Protection Act
- Utah Consumer Privacy Act
- Virginia Consumer Data Protection Act

The California Consumer Privacy Act has been amended a number of times since it was enacted and changes continue to be made. Now is the time to fine-tune your compliance. Join Maurice Wutscher Principal Eric Rosenkoetter as he walks you through what steps you need to take to get your business ready to comply.