Virginia Passes New Consumer Data Protection Act (CDPA)
The Virginia Consumer Data Protection Act (CDPA) was recently passed, becoming the second U.S. state to enforce state data protection laws. While some of the provisions mirror the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), the below highlights the new requirements set forth in Virginia.
When is it effective and who does it apply to?
What are the Consumer Rights?
How is this different from the CCPA?
The SHIELD Act requires any person or business owning or licensing computerized data that include the private information of a resident of New York (“covered business”) to implement and maintain reasonable safeguards to protect the security, confidentiality, and integrity of the private information. The SHIELD Act will have far-reaching effects, as any business that holds private information of a New York resident—regardless of whether the organization does business in New York—must comply with the new law.
The political world can be vast and confusing, especially when it comes to laws that can affect your business. Luckily, Elroi is here to help and keep you both up to date and compliant! While we do not yet have a national data privacy law in the United States, state policies, such as the California Consumer Privacy Act, can still have major impacts on how you conduct business.