Blog - CPRA

Privacy Regulatory Trends: CPRA and Beyond

The CPRA came into effect on January 1, 2023. While the privacy law’s expanded privacy rights are great for consumers, it complicates the work of privacy teams, especially as other states adopt their own versions of these expansions. Continue reading to learn more about the CPRA and how you can simplify compliance.

Changes to California Breach Notification Laws

California’s new privacy law, the California Privacy Rights Act﹘CPRA for short﹘doesn’t go into effect until Jan 1 2023, but its implications for the treatment of employee data and its confusing “look back” provision already have a lot of people talking. CPRA isn’t a replacement of the existing California Privacy Protection Action (CPPA), but rather serves to define, modify, and extend the laws on the books. One significant extension is that the older law exempted employee data from many of the requirements applied to “consumer” data and personal information. Learn more in the blog.

Move over HIPAA–Say Hello to GIPA

A new set of California privacy laws expands the definition of personal information to include genetic data. If it’s January, that must mean new privacy laws passed in 2021 are coming online. California – the nation’s leader in state-issued privacy legislation – has a new data privacy law on the books. SB 41, also known as the Genetic Information Privacy Act, or GIPA, went into effect on January 1, 2022. Learn more about what this means.

Infographic: Trends in Changing Data Breach Notification Laws

The compliance game board is always in flux. Check out this infographic highlighting trends in data breach notification laws to play a winning game.

Privacy Regulatory Trends: Diversity Favors Fragmentation

A look at the history of privacy regulatory trends confirms it’s wisest to prepare for more complexity, not less.