In the rapidly evolving landscape of data privacy, staying abreast of new regulations is vital for businesses. The Colorado Privacy Act (CPA), a recent addition to this landscape, has significant implications for businesses, and it is now in effect as of July 1, 2023! Does this apply to your business?
The CPA has specific criteria for applicability. It pertains to legal entities (Companies) that:
- Conduct business or produce commercial products or services for Colorado residents.
- Control or process personal data of at least 100,000 consumers per calendar year or,
- Derive profit from the sale of personal information of 25,000 or more Colorado residents.
Failure to comply with the CPA can lead to civil penalties, emphasizing the importance of understanding and adhering to this law. In the complex world of data privacy, ensuring your business is CPA-compliant is a crucial step.
This law specifies certain rights that Colorado citizens have and can use against these businesses. Colorado citizens can:
- Opt-out of data processing for targeted advertising, sale, or profiling
- Access their data that has been collected
- Correct their data if it is incorrect or out of date
- Request the deletion of their data
- Obtain a portable copy of the data, or have it transferred to another business
The Colorado AG’s Office will enforce this regulation and offending businesses will be given 60 days in which to comply, otherwise fines or criminal charges could be brought.
Resources:
- Our Blog at https://www.americancsm.com/news/
- ISSA Denver Privacy Special Interest Group Events – https://www.denverissa.org/events
- IAPP KnowledgeNet Denver Events – https://www.linkedin.com/groups/12025846/
- ACSM CPA-Readiness Assessment – https://www.americancsm.com/cpa-readiness-offering/
American Cyber Security Management is a leader in data privacy, cybersecurity, and Compliance. Our mission is to help enterprises protect their data from internal and external threats. We offer on-demand assessment, implementation, and sustainability services that focus on Privacy and Cybersecurity readiness and compliance, risk reduction, and mitigation. https://www.americancsm.com