Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

What federal data privacy legislation might look like, and how you can prepare

Hilary Wandall | November 27, 2018

Existing privacy laws create parameters into which a federal privacy mandate will likely fit. More generally, a proposed federal law will likely be more flexible than what we have seen with European-style legislation; and, it is unlikely that the mandate will be as narrowly tailored as that which we’ve seen in U.S. state-level legislations.

It is likely that a federal law would include a requirement for a comprehensive privacy program at the corporate level, rather than focusing solely on individuals’ interactions. In fact, a federal privacy mandate is likely to include the following components:

  • Organizational governance: A federal mandate will require corporate leadership to set the right tone in terms of understanding responsibility for managing consumer data without doing harm. Leaders must own stewardship of this responsibility and push it down to the rest of the organization.
  • Risk management: Organizations must...
    Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.