By Daniel Connors | Today’s digital economy runs on data. And data privacy protections are at the forefront of this year’s agenda in legislatures across the country. If your business’s workflow involves data, then your organization needs to be aware of the changing landscape.
Evolving privacy regulations are already impacting businesses worldwide. What began with the European Union’s (EU) General Data Protection Regulation (GDPR) is quickly spreading across the pond. California lawmakers — borrowing quite heavily from the GDPR — adopted a hard-hitting, multifaceted law in June of 2018. Now, many other states are following California’s lead.
The Harvard Business Review noted that California’s statute uses a rather broad definition of personal information. The definition includes things like personal identifiers, geolocation, biometric data, internet browsing history, psychometric data, as well as inferences which may be gleaned from that data. Other states, such as Ohio, are taking a different approach.
In Rhode Island, with the start of the new legislative session, this issue is already being studied. Picking up where they left off in 2018, the House of Representatives quickly established a commission to make recommendations, the commission had its first meeting, and the lawmaking work is under way. Some key points which will be studied include: whether to use a “carrot” or a “stick” approach, what are the prospects of litigation, and what exposure will the new law create with its penalties.
Every business process that collects, uses, and manages personal data must reconsider its risk management policies, focus on operational efficiencies, and better protect any identified at-risk assets. The professionals in our government strategies practice can help your organization identify emerging political / legal / regulatory threats and develop a plan to turn any threats into opportunities.
Dan Connors is Senior Counsel for Duffy & Sweeney and leads the DS Government Strategies team. Learn more or contact Dan here.