United States Data Privacy Protections

Blog
7 May 2021
US Flag in the sky

The United States is considered a leader in many ways — it is #1 in space exploration, Olympic medals, Nobel prizes, and most importantly, beef and cheese production. But when it comes to consumer data privacy protections, the United States has largely fallen behind its friends and neighbours in Europe and Canada. However, not one to be left out, the country is slowly catching up as more individual states introduce and pass legislation for improved consumer data privacy.

Even if the United States may not be the world leader in consumer data protections, organisations can still take the lead in securing customer data and staying on top of new and pending regulations to ensure they’re in compliance. This can present quite a challenge in the States with separate regulations in each individual state. To help you stay up-to-date, PCI Pal compiled a heatmap of passed, pending, and failed legislation throughout the United States.

While only four states have passed comprehensive legislation thus far — California, Maine, Nevada, and, most recently, Virginia — another 17 are currently reviewing bills: Alabama, Alaska, Arizona, Colorado, Connecticut, Florida, Illinois, Kentucky, Maryland, Massachusetts, Minnesota, New Jersey, New York, Oklahoma, Texas, Washington, and West Virginia. And while bills in Iowa, Mississippi, Nebraska, New Hampshire, New Mexico, North Dakota, Pennsylvania, South Carolina, Utah, and Wisconsin may have failed, that doesn’t mean they won’t pass similar legislation in the future.

Regardless of where your state may be in the process of passing data privacy legislation, there are several steps you can take to ensure you’re on the road to compliance and proper data security:

  • Map out how your company collects, stores, and uses data. Many of the existing privacy regulations have disclosure clauses, which require that companies be able to quickly supply consumers with information about how their data was collected and for what purpose it is being used. Gaining an understanding of this now will be helpful should any new privacy laws be passed, and can help to identify potential holes in your company’s data security processes.
  • Hire a compliance officer. Even if your state does not have existing regulations, a compliance officer can help to keep track of any potential legislation and ensure your company is prepared. Some current data privacy regulations also require that companies have a designated compliance officer, so appointing one now will put you ahead of the curve.
  • Adopt a PCI compliance solution. PCI compliance ensures your customers’ sensitive payment information is kept secure and can be very helpful in preparing for data security requirements in potential privacy legislation.

Contact PCI Pal today to learn more about how our secure payment solutions can help you secure customer data across your business communications environments.

View more Blogs Knowledge Centre

How can we help?

Get in touch today to discuss our technology and your requirements.

CONTACT US

Sign up for Knowledge Centre notifications

Never miss the latest blog, news, podcast or event. Sign up to be notified when we publish something new.

notify me

You may also be interested in

Pause and Resume
White paper
Pause and Resume Call Recording: Calculating the Risk
Pause and Resume Call Recording: Calculating the Risk
In this white paper, we establish and explain the threats posed by outdated call recording technology, including Pause and Resume call recording. Through it, you'll find an easier path to compliance with data security regulations, meaning less chance of being fined for a data breach.
Read more
Blog
Why Pause and Resume Call Recording Isn’t Enough
Why Pause and Resume Call Recording Isn’t Enough
While the Pause and Resume function seems like a simple solution for achieving PCI compliance, more is needed. Businesses that rely on call recording for their operations need to be aware of the risks of storing sensitive information, the limitations of manual controls and contact centre infrastructure, and the full scope of PCI compliance requirements.
Read more
Darlington Borough Council secures contact centre payments with PCI Pal®
News
Darlington Borough Council Secures Contact Centre Payments with PCI Pal®
Darlington Borough Council Secures Contact Centre Payments with PCI Pal®
Darlington Borough Council has selected PCI Pal® (LON: PCIP), the global SaaS provider of secure payment solutions for business communications, to manage its contact centre payment security and ensure it adheres to the compliance standards relating to card-based payment transactions.
Read more
Preparing for ADPPA Infographic
Infographic
Preparing for the ADPPA
Preparing for the ADPPA
Our infographic walks through preparing for ADPPA and positioning your business for the requirements of the American Data Privacy and Protection Act.
Read more

More related content

Chat with us