Extract from Jennifer Bantelman’s article “Four Steps to Building a Data Privacy Response Plan”
The passage last month of an amendment to the California Consumer Privacy Act (CCPA) is a reminder that things move quickly when it comes to data privacy rights. The California Privacy Rights Act (CPRA) expands on the CCPA’s provisions and creates a new state agency to oversee privacy. Moreover, this is just one of dozens of privacy laws and regulations that have been passed across the US and around the world. Some of these cover states or even individual cities while others apply to specific industries like healthcare. Then there is Europe’s General Data Protection Regulation (GDPR) that affects any company doing business there. Nothing is standard. It’s enough to make your head spin!
The good news is that there are a lot of parallels between handling privacy-related matters and what you may already be doing for litigation.
As we head into 2021, it’s worth taking another look at the data-privacy landscape, assessing your organization’s responsibilities, and forming a plan of action.