All 50 states have data security regulations, in addition to federal laws.
Since the implementation of GDPR in Europe (May 25, 2018), 4 states have passed new legislation, and at least 22 states have proposed legislation or have enacted study bills. In addition, at least 8 federal laws are currently proposed.
- ERI Facility
-
New Legislation
- California — California Consumer Privacy Act
- Nevada — SB220
- Maine — Act to Protect Privacy of Online Consumer Information
- New York — SHIELD Act
-
Proposed Legislation/Task Force Establishment
- Connecticut — RB1108 (TF)
- Florida — H963 (DNP)
- Hawaii — HB2572
- Illinois — Data Transparency & Privacy Act
- Louisiana — HR249 (TF)
- Maryland — Online Consumer Protection Act
- Massachusetts — SD311/S120 (TF)
- Minnesota — Consumer Data Privacy Act
- Mississippi — Consumer Privacy Act (DNP)
- Nebraska — Consumer Data Privacy Act
- New Hampshire — HB1680
- New Jersey — A2188
- New Mexico — Consumer Information Privacy Act (DNP)
- New York — NY Privacy Act
- North Dakota — HB1485 (TF)
- Pennsylvania — Consumer Data Privacy Act (DNP)
- Rhode Island — Consumer Privacy Protection Act (DNP)
- South Carolina — Biometric Data Privacy Act
- Texas — Privacy Protection Act (TF)
- Virginia — Privacy Act (DNP)
- Washington — Privacy Act (DNP)
- Wisconsin — Data Privacy Act
- US House (Moran) — Consumer Data Privacy & Security Act
- US Senate (Cantwell) — Consumer Online Privacy Rights Act
- US Senate (Gillibrand) — Data Protection Act
- US Senate (Klobuchar) — Social Media Privacy & Consumer Rights Act
- US Senate (Rubio) — American Data Dissemination Act
- US Senate (Schatz) — Data Care Act
- US Senate (Warren) — Data Breach Prevention and Compensation Act
- US Senate (Wicker) — Consumer Data Privacy Act
DNP: bill died or postponed. TF: replaced with Task Force or Study Bill
Important Resources
-
The GDPR Compliance Checklist
GDPR Checklist
Achieving GDPR Compliance shouldn’t feel like a struggle. This is a basic checklist you can use to harden your GDPR compliancy.
-
FAQ Sheet – EU General Data Protection Regulation
STC Consultants, LLC
This document is intended to provide a broad review of the EU General Data Protection Regulation (GDPR).
-
EU data protection rules
European Commission
Find out how updates to data protection rules will affect you individually, or apply to your business.
-
IBM Data Responsibility and the GDPR
IBM Security
This video will give you an idea of the broad scope of the GDPR, covering four main areas – security, data subject rights, consent and privacy by design.
-
GDPR Text – Neatly Arranged
Intersoft Consulting
Official GDPR text as a neatly arranged website.
-
What’s Data Privacy Law In Your Country?
PrivacyPolicies.com
Privacy laws by country.