Your business operations are running smoothly, and despite facing the occasional challenge along the way, you feel confident that your company has a great future. You have great employees, and the bottom line is in the black. With an investment of a lot of hard work, time, and money, you have created a reputable business for your faithful customers. What could go wrong?

Year after year, the government continues to tighten data privacy laws to make it more difficult for data thieves to gain access to private information and to keep businesses from abusing it. What you might not realize is that, in 2023, the changes to these laws have been—and will be—considerable, and as a business that generates and handles customers’ personally identifiable information (PII), you are responsible for adhering to and implementing the changes.

Here is our refresher on current laws as well as a guide to the latest changes—and what to expect in the future.

Current Data Privacy Laws

As some state privacy laws are changing, it is important to remain compliant with the existing federal and state privacy laws. Here’s a quick review of the laws that may pertain to your business. Make sure that your employees are trained in compliance.

• The Health Insurance Portability and Accountability Act (HIPAA) governs the security and privacy of Personal Health Information (PHI) and applies to entities like health plans, health insurance companies, and some government programs like Medicaid and Medicare, as well as healthcare clearinghouses that are entities that process non-standard health data received from another entity.
• The Gramm-Leach-Bliley Act (GLBA) requires companies offering financial services or products to consumers like advice on investing, insurance, and loans to clearly explain how they share customers’ data.
• The Children’s Online Privacy Protection Act (COPPA) controls operators of online services and websites that collect information from children under 13 years old.
• The Washington Privacy Act (WPA) grants consumers “various rights pertaining to their personal data, including the right to access, portability, correction, deletion, and to restrict or object to the processing of their data under certain circumstances.”

Changes to Data Privacy Laws

You can expect changes to data protection laws to include or enhance the following rights for individuals:

• The freedom to inspect personal information an organization has on file.
• The request for errors in personal information to be corrected.
• The choice for a customer to have their personal information deleted.
• The request for their personal information not to be sold or used for targeted advertising.
• The opportunity to appeal should an organization deny any of the above requests.

Multiple states have recently made similar changes to their own laws:

• In March 2020, New York introduced the Stop Hacks and Improve Electronic Data Security Act (SHIELD).
• On March 2, 2021, Virginia enacted the Virginia Consumer Data Protection Act (CDPA).
• On the first day of 2023, the California Privacy Rights Act (CPRA) came into being.
• On July 1, 2023, the Colorado Privacy Act (CPA), and Connecticut Data Privacy Law (CTDPA) are expected to come into effect.
• On December 31, 2023, Utah’s new law, the Utah Consumer Privacy Act, is expected to take effect.
• Michigan, Ohio, Pennsylvania, and New Jersey are involved in active legislation, expected to become active in the very near future.

Don’t Do It Alone

2023 is shaping up to be an actively changing year for data privacy laws. Keeping up with existing and evolving data privacy laws can make you feel overwhelmed, but fortunately, you don’t have to go it alone.

Whether you need help with records storage and retrieval, file indexing, shredding, or any other management services, DeVries Business Services in Washington State can provide you with up-to-date records management services to help your business comply with ever-changing data privacy laws. Simply give us a call at 866-433-4691 or complete the form on this page. Our experts are ready to assist you!