Certified - CIPP/US Audio Course

The final episode ties everything together by comparing U.S. federal privacy laws, state-level frameworks, and international regimes like the GDPR. We’ll highlight how similar principles—such as data…

State privacy laws continue to evolve. This episode reviews recent changes, such as Pennsylvania SB 696, which updated breach notification requirements, and Utah S.B. 127, which amended cybersecurity…

Even within the common framework of breach notification, state differences matter. This episode compares notification timelines, which can range from “without unreasonable delay” to fixed deadlines l…

State breach notification laws form one of the most uniform yet varied areas of privacy law. This episode reviews the common elements—definitions of personal information, what constitutes a breach, a…

Enforcement provisions determine how state privacy laws are applied in practice. This episode explains cure periods, which give businesses time to fix violations before penalties are imposed, and how…

Beyond California, Virginia, and Colorado, many states are adopting or considering comprehensive privacy laws. This episode surveys these developments, highlighting features of statutes in states lik…

Colorado’s Privacy Act builds on the momentum from California and Virginia, offering a comprehensive framework with unique twists. This episode reviews its applicability standards, consumer rights, a…

Virginia’s Consumer Data Protection Act (CDPA) established one of the first comprehensive state privacy frameworks outside California. This episode reviews its applicability thresholds, consumer righ…

The California Delete Act introduces obligations for data brokers, requiring them to register and enabling consumers to request deletion of their data from all registered brokers at once. This episod…

Children’s privacy receives special attention in California’s Age-Appropriate Design Code Act (AADC). This episode explains its requirements for online services likely to be accessed by minors, inclu…

California remains the leader in state privacy law. This episode reviews the California Consumer Privacy Act (CCPA) and its amendment through the California Privacy Rights Act (CPRA). We’ll explore a…

Automated decision-making (ADM) and artificial intelligence raise fairness and discrimination concerns. This episode introduces the NAIC Artificial Intelligence Governance Guidelines, New York City’s…

Biometric privacy laws impose strict requirements on collecting and using data such as fingerprints, facial recognition, and iris scans. This episode covers the Illinois Biometric Information Privacy…

State laws increasingly regulate cookies, pixels, and online tracking. This episode explains how transparency, consent, and opt-out obligations apply to digital advertising technologies. We’ll discus…

Beyond HIPAA, states have introduced new health data privacy statutes. This episode explores Washington’s My Health My Data Act (MHMD), Nevada’s Consumer Health Data Privacy Act, and Illinois’ Geneti…

Most state privacy laws include explicit security requirements. This episode reviews common obligations such as implementing reasonable safeguards, risk-based controls, encryption, and access restric…

Contracts are central to ensuring compliance with state privacy laws. This episode explains how data protection agreements define the obligations between controllers and processors, including rules f…

Transparency is a cornerstone of state privacy laws. This episode covers the requirements for privacy notices, including disclosures about data collection, use, sharing, and consumer rights. We’ll ex…

State laws grant individuals a suite of rights over their personal data. This episode explains the rights to access, correct, delete, and port data, as well as opt-out and consent requirements. We’ll…

Comprehensive state privacy laws often hinge on applicability thresholds. This episode explores the criteria that determine whether a business must comply, such as number of state residents, annual r…