• Utah Consumer Privacy Act, effective December 31, 2023 • Delaware Personal Data Privacy Act, effective January 1, 2025 • Iowa Consumer Data Protection Act, effective January 1, 2025 • Indiana Consumer Data Protection Act , effective January 1, 2026 • Tennessee Information Protection Act, effective July 1, 2025 • Texas Data Privacy and Security Act, effective July 1, 2024 • Montana Consumer Data Privacy Act, effective October 1, 2024 • Oregon Consumer Privacy Act , effective July 1, 2024 This patchwork of laws has become of particular concern when it comes to data breach notification. All fifty states, Washington DC, Guam, Puerto Rico, and the U.S. Virgin Islands have enacted some form of legislation requiring notification of security breaches involving personal information. California has been far and away the most active in its efforts to enact laws protecting the privacy of its citizens and to enforce these laws. California’s Office of Information Security and Privacy Protection, and the California Attorney General have been aggressive in promoting and protecting the privacy rights of California consumers. The CPRA which became effective January 1, 2023 added a new well funded enforcement agency known as the California Privacy Protection Agency which will likely increase the number of enforcement actions. Massachusetts has become known as the state with the strongest data security laws and regulations and requires a written information security program of you collect personal data of Massachusetts residents. The Minnesota legislature has seen several data privacy and security bills introduced but none has passed. In upcoming legislative sessions we may see a Minnesota version of the CCPA or similar state data privacy law introduced for consideration.
79
Made with FlippingBook - Online Brochure Maker