Connecticut Becomes Fifth State to Enact Privacy Laws
It is official – 10 percent of U.S. states have data privacy legislation on the books.
About a month ago, Connecticut joined California, Virginia, Colorado, and Utah in enacting comprehensive data privacy legislation when the Connecticut Data Privacy Act (CTDPA) was signed into law. CTDPA borrows heavily from the statutes enacted in Virginia and Colorado. This law will take effect on July 1, 2023.
One of the biggest differences between the CTPA and other states’ laws may be within the threshold requirements. The CTDPA applies to persons that conduct business in Connecticut or produce products or services that are targeted to residents of the state, and that control or process the personal data of a particular number of residents.
Also, Connecticut is the first state law to explicitly carve out payment transaction data from its applicability threshold. This provision was added to alleviate concerns of restaurants, small convenience stores and similar businesses that process the personal information of many customers for the sole purpose of completing a transaction.
Like existing state data privacy laws, the CTDPA grants consumers various rights, including confirming whether an entity acting as a data controller is processing their personal data, and to access such data. Also, consumers can obtain a copy of their personal data in a portable and readily usable format as well as correct inaccuracies. And consumers can delete personal data provided by, or obtained by, them.
There may only be five states with privacy laws on the books so far, but more are bound to follow suit. Be ready by maintaining compliance with the regulations already in place. 2W Tech can help. Our Cybersecurity Compliance Program is designed to support our clients’ compliance obligations. Most organizations must abide by and maintain a standard for controls that safeguard the confidentiality and privacy of information stored and processed. We work hand in hand with you to learn more about your required compliances, help obtain proper agreements, and access relevant system architecture information. Give us a call today to get started on your journey to achieving compliance.