Data Privacy Insights: What Information Security Professionals Need to Know About Privacy Mandates in 2023
Five new “rights-based” data privacy laws are now enforceable at the state level, including the California Privacy Rights Act (CPRA). These new laws reflect the rapidly changing landscape of consumer data protection.
They differ from traditional “risk-based” data protection laws in that they give individuals in the states of California, Colorado, Connecticut, Utah and Virginia full access rights to their personal data from companies on demand, along with the rights to alter, delete, or stop their data from being sold or used in targeted advertising. They also feature special rules when employing third-party data processors, mandates for cybersecurity controls, and the explicit or implicit necessity to conduct risk assessments.
Knowing that upcoming data privacy mandates have significantly raised the bar is one thing but equipping your organization to meet them is entirely another. Join our panel of industry and legal experts as we discuss the biggest privacy events of 2022, provide tips on how to comply with new state privacy laws, and answer your questions about what is in store for 2023 and beyond.
Takeaways include: