International and U.S. state-level data privacy laws and regulations pose an ongoing compliance challenge. Our experienced team helps you keep pace with the latest developments.

GDPR Compliance

The European Union’s General Data Privacy Regulation (GDPR) became enforceable in May 2018, dramatically altering the global data privacy landscape. The stringent rules apply to many businesses that collect, process or hold the personal data of individuals located in the EU, regardless of whether they have a physical presence in Europe.

GDPR aims to protect the integrity and privacy of data that identifies individuals by increasing transparency, improving accuracy, limiting collection and giving individuals expanded rights concerning their data.

State Privacy Laws

In the absence of a federal data privacy law, several states have enacted their own laws and regulations. The trend started in 2018 with the passage of the California Consumer Privacy Act and quickly spread across the country.

The list of states that have their own comprehensive data privacy laws keeps growing. It includes Alabama, California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oklahoma, Oregon, Rhode Island, Tennessee, Texas, Utah and Virginia.

New York City and the states of Florida, Illinois and Washington also have data privacy laws that impact a variety of businesses operating within their borders.