Navigating State Privacy Law Applicability For Healthcare And Financial Services Organizations
Newly enacted privacy laws in 11 states have created an even more complicated patchwork of risks and compliance requirements for healthcare, life sciences and financial services companies. Varying requirements and exemptions often leave companies struggling to understand what rules apply to them, and subject to overlapping requirements and enforcement regimes.
- State privacy law applicability and partial exemptions for health, life sciences and financial companies (particularly in states with more complicated applicability exceptions, such as under the California Consumer Privacy Act, Colorado Privacy Act and Washington My Health My Data Act)
- State law compliance requirements and enforcement risks, including the heightened requirements and risks that apply to health and financial data
- Benchmarking and practical recommendations for designing and implementing privacy compliance programs, including unique operational and commercial challenges for entities subject to both federal laws (such as HIPAA and the Gramm-Leach-Bliley Act) and state privacy laws