"I'm an Attorney and a Certified IT Engineer."
– Chris Maes
Businesses that collect, store, or process data that is considered Personally Identifiable Information (PII) may have a legal duty to handle it with due care. If your business is located in the Greater Denver Area, the Cyber Law Office of Maes, Ltd. can help you determine which data privacy laws apply to you, along with how to be compliant.
The United States has a hodgepodge of data privacy laws that vary by both industry and locale. For example, the healthcare industry is governed by the Health Insurance Portability and Accountability Act (HIPAA), whereas the financial industry is controlled by the Gramm-Leach-Bliley Act (GLBA). To make matters worse, depending on where a business has a physical presence, or where they collect, store, or process PII, they could be subject to the privacy laws of individual states or countries. Hence, businesses that have the PII of consumers in Colorado, California, New York, and Paris, for example, might have to abide by the Colorado Protections for Consumer Data Privacy Act, the California Consumer Privacy Act, the New York SHIELD Act, and the European Union General Data Protection Regulation, respectively.
Understandably, it can be extremely confusing and challenging for businesses to know which privacy laws apply to them, along with what they need to do to be compliant. Short of the U.S. Congress enacting legislation that would consolidate privacy requirements, regardless of industry or locale, it is likely that businesses will need to comply with each states’ unique requirements concerning how their residents’ PII should be treated for the foreseeable future.
Retain Maes, Ltd. for Legal Guidance Concerning Which Data Privacy Laws Apply to Your Business, Along with How to Be Compliant
Attorney Chris Maes possesses the legal and technical knowledge required to bridge the gap between your business’ executive management and IT departments. Specifically, Chris can help your business determine which privacy laws need to be followed by performing an extensive analysis of the type of data your business collects, along with the data origin. As the list of common data privacy laws below denotes, this process is exhaustive:
- Colorado Consumer Protection Act
- The Federal Trade Commission Act (FTC Act)
- The Gramm-Leach-Bliley Act (GLBA) – also known as the Financial Services Modernization Act
- The Fair Credit Reporting Act (FCRA)
- The Electronic Communications Privacy Act (ECPA)
- The Health Insurance Portability and Accountability Act (HIPAA)
- The Federal Educational Rights and Privacy Act (FERPA)
- The Genetic Information Non-Discrimination Act (GINA)
- The Children’s Online Privacy Protection Act (COPPA)
- The European Union General Data Protection Regulation (GDPR) / U.S. Privacy Shield
- Other International Data Privacy Regulations
- California Consumer Privacy Act (CCPA)
- Other States’ Privacy Laws
After it is understood which privacy laws your business needs to comply with, Chris’ technical expertise can be put to use by helping your IT staff understand the legal requirements of how PII needs to be collected, stored, or processed. For instance, using asymmetrical or symmetrical keys to encrypt data in transit, at rest, or in use, and whether your database should be updated with data anonymization.
Despite domestic and international privacy laws being burdensome, ignoring them is not an option. Penalties for failure to comply can be ruinous for any size of business. If your business is located in the Greater Denver Area, contact the Cyber Law Office of Maes, Ltd. for data privacy law guidance. You can schedule a consultation today by calling (720) 248-8252 or by using the form below.