GDPR One Year Later: States Addressing Data Security

One year ago, General Data Protection Regulation (GDPR) went into effect in the EU, requiring stricter processes for consumer data collection and use, as well as making it easier for consumers to opt out of data storage. While the US hasn’t enacted similar data protection processes at a federal level, states are beginning to pass consumer data protection laws that mirror the requirements and intent of GDPR.

The California Consumer Privacy Act (CCPA) is the most similar to GDPR in terms of scope. CCPA requires state and local agencies and many third-party vendors doing business with California agencies to implement the following measures by January 1, 2020:

  1. Data inventory and mapping of in-scope personal data and instances of “selling” data
  2. New individual rights to data access and erasure
  3. New individual right to opt-out of data selling
  4. Updating service-level agreements with third-party data processors
  5. Remediation of information security gaps and system vulnerabilities

The Washington Privacy Act proposed similar legislation, but was tabled this year as the state takes a closer look at how facial recognition data might fit into the bill. However, WashingtonNew Jersey, and Arkansas have all passed legislation expanding the scope of data breach laws and more than 32 other states have cybersecurity legislation pending.

With increased requirements on how data is managed being passed at a state level, state and local agencies will require data security risk assessments, data monitoring and process-oriented technology for tracking data use across multiple systems.

May 27, 2019 - 11:01am

Latest Posts

OnSolve Guest Blog: Strategies For Your Coronavirus Communications

Coronavirus Communications Challenges: As if you didn’t have enough on your plate, now there are pandemic updates to send out. Messages differ...Read more

Webinar: Re-Establishing Trust, Legitimacy, and Community Safety

While the specifics of police reform are still unknown, it is clear that the use of data will be a cornerstone of those efforts....Read more

OnSolve Guest Blog: Using Communication Effectively in Crisis

Having a crisis communication plan in place enables officials like you to prepare for the threats that put your community at risk. From severe...Read more

Subscribe to Blog
  •  
  • 1 of 18
Designed & Powered by On Fire Media |