State Legislation

Subscribe to State Legislation via RSS
CA_StateFlag_1200x600_GettyImages-1481930014

Key point: At its July 24 board meeting, the California Privacy Protection Agency Board authorized agency staff to finalize regulations on automated decision-making technology, risk assessments, cybersecurity audits, insurance, and changes to the existing regulations.

At its July 24 meeting, the California Privacy Protection Agency Board authorized agency staff to finalize and submit to the Office of Administrative Law the rulemaking package on various new California Consumer Privacy Act (CCPA) regulations. The new regulations are on automated decision-making technology, risk assessments, cybersecurity audits, insurance, and changes to existing regulations.

In this article, we provide an overview of some of the more notable aspects of the regulations. We also will be hosting a two-part webinar series on August 21 and September 25 to provide a more in-depth analysis of the regulations. Click here for more information and to register.

Biometric-Data_1200x600_GettyImages-1311613664

In Part One of this FAQ series, we break down Virginia’s Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer Protection Act (VCPA). The law goes into effect on July 1. Overall, given the broad definitions used in the Act, the law likely regulates organizations that are not traditional health care companies, and goes beyond traditional health information.

Webinars_1200x600_GettyImages-1286694373

On June 2, the New Jersey Division of Consumer Affairs announced the publication of new proposed regulations to implement the New Jersey Data Privacy Act (NJDPA), N.J. Stat. §§ 56:8-166.4 et seq., which went into effect on January 15. (Please see our prior article on the NJDPA for more details.) Although many of these proposed regulations appear familiar – similar to the finalized regulations under the California Consumer Privacy Act (CCPA) and the Colorado Privacy Act (CPA) – New Jersey introduced several new requirements worth noting.